diff --git a/CHANGELOG.md b/CHANGELOG.md
index fc2bca55c56..84e5aa01cdb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,109 @@
+# Release (2024-01-16)
+
+## General Highlights
+* **Dependency Update**: Updated to the latest SDK module versions
+
+## Module Highlights
+* `github.com/aws/aws-sdk-go-v2/service/iot`: [v1.49.0](service/iot/CHANGELOG.md#v1490-2024-01-16)
+ * **Feature**: Revert release of LogTargetTypes
+* `github.com/aws/aws-sdk-go-v2/service/iotfleetwise`: [v1.12.0](service/iotfleetwise/CHANGELOG.md#v1120-2024-01-16)
+ * **Feature**: Updated APIs: SignalNodeType query parameter has been added to ListSignalCatalogNodesRequest and ListVehiclesResponse has been extended with attributes field.
+* `github.com/aws/aws-sdk-go-v2/service/macie2`: [v1.35.0](service/macie2/CHANGELOG.md#v1350-2024-01-16)
+ * **Feature**: This release adds support for analyzing Amazon S3 objects that are encrypted using dual-layer server-side encryption with AWS KMS keys (DSSE-KMS). It also adds support for reporting DSSE-KMS details in statistics and metadata about encryption settings for S3 buckets and objects.
+* `github.com/aws/aws-sdk-go-v2/service/paymentcryptography`: [v1.7.0](service/paymentcryptography/CHANGELOG.md#v170-2024-01-16)
+ * **Feature**: Provide an additional option for key exchange using RSA wrap/unwrap in addition to tr-34/tr-31 in ImportKey and ExportKey operations. Added new key usage (type) TR31_M1_ISO_9797_1_MAC_KEY, for use with Generate/VerifyMac dataplane operations with ISO9797 Algorithm 1 MAC calculations.
+* `github.com/aws/aws-sdk-go-v2/service/personalize`: [v1.30.7](service/personalize/CHANGELOG.md#v1307-2024-01-16)
+ * **Documentation**: Documentation updates for Amazon Personalize.
+* `github.com/aws/aws-sdk-go-v2/service/personalizeruntime`: [v1.20.7](service/personalizeruntime/CHANGELOG.md#v1207-2024-01-16)
+ * **Documentation**: Documentation updates for Amazon Personalize
+* `github.com/aws/aws-sdk-go-v2/service/rekognition`: [v1.36.0](service/rekognition/CHANGELOG.md#v1360-2024-01-16)
+ * **Feature**: This release adds ContentType and TaxonomyLevel attributes to DetectModerationLabels and GetMediaAnalysisJob API responses.
+* `github.com/aws/aws-sdk-go-v2/service/securityhub`: [v1.44.3](service/securityhub/CHANGELOG.md#v1443-2024-01-16)
+ * **Documentation**: Documentation updates for AWS Security Hub
+
+# Release (2024-01-14)
+
+## Module Highlights
+* `github.com/aws/aws-sdk-go-v2/service/sagemaker`: [v1.125.0](service/sagemaker/CHANGELOG.md#v11250-2024-01-14)
+ * **Feature**: This release will have ValidationException thrown if certain invalid app types are provided. The release will also throw ValidationException if more than 10 account ids are provided in VpcOnlyTrustedAccounts.
+
+# Release (2024-01-12)
+
+## Module Highlights
+* `github.com/aws/aws-sdk-go-v2/service/connect`: [v1.89.0](service/connect/CHANGELOG.md#v1890-2024-01-12)
+ * **Feature**: Supervisor Barge for Chat is now supported through the MonitorContact API.
+* `github.com/aws/aws-sdk-go-v2/service/connectparticipant`: [v1.21.0](service/connectparticipant/CHANGELOG.md#v1210-2024-01-12)
+ * **Feature**: Introduce new Supervisor participant role
+* `github.com/aws/aws-sdk-go-v2/service/location`: [v1.35.1](service/location/CHANGELOG.md#v1351-2024-01-12)
+ * **Documentation**: Location SDK documentation update. Added missing fonts to the MapConfiguration data type. Updated note for the SubMunicipality property in the place data type.
+* `github.com/aws/aws-sdk-go-v2/service/mwaa`: [v1.23.0](service/mwaa/CHANGELOG.md#v1230-2024-01-12)
+ * **Feature**: This Amazon MWAA feature release includes new fields in CreateWebLoginToken response model. The new fields IamIdentity and AirflowIdentity will let you match identifications, as the Airflow identity length is currently hashed to 64 characters.
+* `github.com/aws/aws-sdk-go-v2/service/s3control`: [v1.42.0](service/s3control/CHANGELOG.md#v1420-2024-01-12)
+ * **Feature**: S3 On Outposts team adds dualstack endpoints support for S3Control and S3Outposts API calls.
+* `github.com/aws/aws-sdk-go-v2/service/supplychain`: [v1.0.0](service/supplychain/CHANGELOG.md#v100-2024-01-12)
+ * **Release**: New AWS service client module
+ * **Feature**: This release includes APIs CreateBillOfMaterialsImportJob and GetBillOfMaterialsImportJob.
+* `github.com/aws/aws-sdk-go-v2/service/transfer`: [v1.40.0](service/transfer/CHANGELOG.md#v1400-2024-01-12)
+ * **Feature**: AWS Transfer Family now supports static IP addresses for SFTP & AS2 connectors and for async MDNs on AS2 servers.
+
+# Release (2024-01-11)
+
+## Module Highlights
+* `github.com/aws/aws-sdk-go-v2/service/ec2`: [v1.144.0](service/ec2/CHANGELOG.md#v11440-2024-01-11)
+ * **Feature**: This release adds support for adding an ElasticBlockStorage volume configurations in ECS RunTask/StartTask/CreateService/UpdateService APIs. The configuration allows for attaching EBS volumes to ECS Tasks.
+* `github.com/aws/aws-sdk-go-v2/service/ecs`: [v1.37.0](service/ecs/CHANGELOG.md#v1370-2024-01-11)
+ * **Feature**: This release adds support for adding an ElasticBlockStorage volume configurations in ECS RunTask/StartTask/CreateService/UpdateService APIs. The configuration allows for attaching EBS volumes to ECS Tasks.
+* `github.com/aws/aws-sdk-go-v2/service/eventbridge`: [v1.28.0](service/eventbridge/CHANGELOG.md#v1280-2024-01-11)
+ * **Feature**: Adding AppSync as an EventBridge Target
+* `github.com/aws/aws-sdk-go-v2/service/iot`: [v1.48.0](service/iot/CHANGELOG.md#v1480-2024-01-11)
+ * **Feature**: Add ConflictException to Update APIs of AWS IoT Software Package Catalog
+* `github.com/aws/aws-sdk-go-v2/service/iotfleetwise`: [v1.11.0](service/iotfleetwise/CHANGELOG.md#v1110-2024-01-11)
+ * **Feature**: The following dataTypes have been removed: CUSTOMER_DECODED_INTERFACE in NetworkInterfaceType; CUSTOMER_DECODED_SIGNAL_INFO_IS_NULL in SignalDecoderFailureReason; CUSTOMER_DECODED_SIGNAL_NETWORK_INTERFACE_INFO_IS_NULL in NetworkInterfaceFailureReason; CUSTOMER_DECODED_SIGNAL in SignalDecoderType
+* `github.com/aws/aws-sdk-go-v2/service/secretsmanager`: [v1.26.2](service/secretsmanager/CHANGELOG.md#v1262-2024-01-11)
+ * **Documentation**: Doc only update for Secrets Manager
+* `github.com/aws/aws-sdk-go-v2/service/workspaces`: [v1.35.8](service/workspaces/CHANGELOG.md#v1358-2024-01-11)
+ * **Documentation**: Added AWS Workspaces RebootWorkspaces API - Extended Reboot documentation update
+
+# Release (2024-01-10)
+
+## Module Highlights
+* `github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs`: [v1.31.0](service/cloudwatchlogs/CHANGELOG.md#v1310-2024-01-10)
+ * **Feature**: Add support for account level subscription filter policies to PutAccountPolicy, DescribeAccountPolicies, and DeleteAccountPolicy APIs. Additionally, PutAccountPolicy has been modified with new optional "selectionCriteria" parameter for resource selection.
+* `github.com/aws/aws-sdk-go-v2/service/connectcampaigns`: [v1.8.0](service/connectcampaigns/CHANGELOG.md#v180-2024-01-10)
+ * **Feature**: Minor pattern updates for Campaign and Dial Request API fields.
+* `github.com/aws/aws-sdk-go-v2/service/location`: [v1.35.0](service/location/CHANGELOG.md#v1350-2024-01-10)
+ * **Feature**: This release adds API support for custom layers for the maps service APIs: CreateMap, UpdateMap, DescribeMap.
+* `github.com/aws/aws-sdk-go-v2/service/qconnect`: [v1.3.0](service/qconnect/CHANGELOG.md#v130-2024-01-10)
+ * **Feature**: QueryAssistant and GetRecommendations will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications.
+* `github.com/aws/aws-sdk-go-v2/service/redshiftserverless`: [v1.15.7](service/redshiftserverless/CHANGELOG.md#v1157-2024-01-10)
+ * **Documentation**: Updates to ConfigParameter for RSS workgroup, removal of use_fips_ssl
+* `github.com/aws/aws-sdk-go-v2/service/route53`: [v1.37.0](service/route53/CHANGELOG.md#v1370-2024-01-10)
+ * **Feature**: Route53 now supports geoproximity routing in AWS regions
+* `github.com/aws/aws-sdk-go-v2/service/wisdom`: [v1.21.0](service/wisdom/CHANGELOG.md#v1210-2024-01-10)
+ * **Feature**: QueryAssistant and GetRecommendations will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications.
+
+# Release (2024-01-08)
+
+## Module Highlights
+* `github.com/aws/aws-sdk-go-v2/service/codebuild`: [v1.27.0](service/codebuild/CHANGELOG.md#v1270-2024-01-08)
+ * **Feature**: Aws CodeBuild now supports new compute type BUILD_GENERAL1_XLARGE
+* `github.com/aws/aws-sdk-go-v2/service/ec2`: [v1.143.0](service/ec2/CHANGELOG.md#v11430-2024-01-08)
+ * **Feature**: Amazon EC2 R7iz bare metal instances are powered by custom 4th generation Intel Xeon Scalable processors.
+* `github.com/aws/aws-sdk-go-v2/service/route53resolver`: [v1.25.0](service/route53resolver/CHANGELOG.md#v1250-2024-01-08)
+ * **Feature**: This release adds support for query type configuration on firewall rules that enables customers for granular action (ALLOW, ALERT, BLOCK) by DNS query type.
+
+# Release (2024-01-05)
+
+## General Highlights
+* **Feature**: Support smithy sigv4a trait for codegen.
+* **Dependency Update**: Updated to the latest SDK module versions
+
+## Module Highlights
+* `github.com/aws/aws-sdk-go-v2/service/kms`: [v1.27.9](service/kms/CHANGELOG.md#v1279-2024-01-05)
+ * **Documentation**: Documentation updates for AWS Key Management Service (KMS).
+* `github.com/aws/aws-sdk-go-v2/service/redshiftserverless`: [v1.15.6](service/redshiftserverless/CHANGELOG.md#v1156-2024-01-05)
+ * **Documentation**: use_fips_ssl and require_ssl parameter support for Workgroup, UpdateWorkgroup, and CreateWorkgroup
+
# Release (2024-01-04)
## General Highlights
diff --git a/codegen/gradle.properties b/codegen/gradle.properties
index 3c7e35179e0..2ba2fdc355d 100644
--- a/codegen/gradle.properties
+++ b/codegen/gradle.properties
@@ -1,2 +1,2 @@
-smithyVersion=1.41.1
+smithyVersion=1.42.0
smithyGradleVersion=0.7.0
diff --git a/codegen/sdk-codegen/aws-models/cloudwatch-logs.json b/codegen/sdk-codegen/aws-models/cloudwatch-logs.json
index 2a8a9f27864..dfda3144475 100644
--- a/codegen/sdk-codegen/aws-models/cloudwatch-logs.json
+++ b/codegen/sdk-codegen/aws-models/cloudwatch-logs.json
@@ -110,6 +110,12 @@
"smithy.api#documentation": "The scope of the account policy.
"
}
},
+ "selectionCriteria": {
+ "target": "com.amazonaws.cloudwatchlogs#SelectionCriteria",
+ "traits": {
+ "smithy.api#documentation": "The log group selection criteria for this subscription filter policy.
"
+ }
+ },
"accountId": {
"target": "com.amazonaws.cloudwatchlogs#AccountId",
"traits": {
@@ -873,7 +879,7 @@
"logGroupClass": {
"target": "com.amazonaws.cloudwatchlogs#LogGroupClass",
"traits": {
- "smithy.api#documentation": "Use this parameter to specify the log group class for this log group. There are two classes:
\n \n If you omit this parameter, the default of STANDARD is used.
\n \n After a log group is created, its class can't be changed.
\n \n For details about the features supported by each class, see \n Log classes\n
"
+ "smithy.api#documentation": "Use this parameter to specify the log group class for this log group. There are two classes:
\n \n If you omit this parameter, the default of STANDARD is used.
\n \n The value of logGroupClass can't be changed after a log group is created.
\n \n For details about the features supported by each class, see \n Log classes\n
"
}
}
},
@@ -1008,7 +1014,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes a CloudWatch Logs account policy.
\n To use this operation, you must be signed on with the logs:DeleteDataProtectionPolicy and \n logs:DeleteAccountPolicy permissions.
"
+ "smithy.api#documentation": "Deletes a CloudWatch Logs account policy. This stops the policy from applying to all log groups\n or a subset of log groups in the account. Log-group level policies will still be in effect.
\n To use this operation, you must be signed on with the correct permissions depending on the type of policy\n that you are deleting.
\n \n - \n
To delete a data protection policy, you must have the logs:DeleteDataProtectionPolicy and \n logs:DeleteAccountPolicy permissions.
\n \n - \n
To delete a subscription filter policy, you must have the logs:DeleteSubscriptionFilter and \n logs:DeleteAccountPolicy permissions.
\n \n
"
}
},
"com.amazonaws.cloudwatchlogs#DeleteAccountPolicyRequest": {
@@ -1024,7 +1030,7 @@
"policyType": {
"target": "com.amazonaws.cloudwatchlogs#PolicyType",
"traits": {
- "smithy.api#documentation": "The type of policy to delete. Currently, the only valid value is DATA_PROTECTION_POLICY.
",
+ "smithy.api#documentation": "The type of policy to delete.
",
"smithy.api#required": {}
}
}
@@ -1916,7 +1922,7 @@
"policyType": {
"target": "com.amazonaws.cloudwatchlogs#PolicyType",
"traits": {
- "smithy.api#documentation": "Use this parameter to limit the returned policies to only the policies that match the policy type that you\n specify. Currently, the only valid value is DATA_PROTECTION_POLICY.
",
+ "smithy.api#documentation": "Use this parameter to limit the returned policies to only the policies that match the policy type that you\n specify.
",
"smithy.api#required": {}
}
},
@@ -6744,6 +6750,12 @@
"traits": {
"smithy.api#enumValue": "DATA_PROTECTION_POLICY"
}
+ },
+ "SUBSCRIPTION_FILTER_POLICY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "SUBSCRIPTION_FILTER_POLICY"
+ }
}
}
},
@@ -6778,7 +6790,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Creates an account-level data protection policy that applies to all log groups in the account. A data protection policy can help safeguard sensitive \n data that's ingested by your log groups by auditing and masking the sensitive log data. Each account can have only\n one account-level policy.
\n \n Sensitive data is detected and masked when it is ingested into a log group. When you set a \n data protection policy, log events ingested into the log groups before that time are not masked.
\n \n If you use PutAccountPolicy to create a data protection policy for your whole account, it applies to both existing log groups\n and all log groups that are created later in this account. The account policy is applied to existing log groups\n with eventual consistency. It might take up to 5 minutes before sensitive data in existing log groups begins to be masked.
\n By default, when a user views a log event that includes masked data, the sensitive data is replaced by asterisks.\n A user who has the logs:Unmask permission can use a \n GetLogEvents or \n FilterLogEvents\n operation with the unmask parameter set to true to view the unmasked \n log events. Users with the logs:Unmask can also view unmasked data in the CloudWatch Logs\n console by running a CloudWatch Logs Insights query with the unmask query command.
\n For more information, including a list of types of data that can be audited and masked, see\n Protect sensitive log data with masking.
\n To use the PutAccountPolicy operation, you must be signed on with the logs:PutDataProtectionPolicy\n and logs:PutAccountPolicy permissions.
\n The PutAccountPolicy operation applies to all log groups in the account. You can also use \n PutDataProtectionPolicy\n to create a data protection policy that applies to just one log group. \n If a log group has its own data protection policy and \n the account also has an account-level data protection policy, then the two policies are cumulative. Any sensitive term\n specified in either policy is masked.
"
+ "smithy.api#documentation": "Creates an account-level data protection policy or subscription filter policy that applies to all log groups \n or a subset of log groups in the account.
\n \n Data protection policy\n
\n A data protection policy can help safeguard sensitive \n data that's ingested by your log groups by auditing and masking the sensitive log data. Each account can have only\n one account-level data protection policy.
\n \n Sensitive data is detected and masked when it is ingested into a log group. When you set a \n data protection policy, log events ingested into the log groups before that time are not masked.
\n \n If you use PutAccountPolicy to create a data protection policy for your whole account, it applies to both existing log groups\n and all log groups that are created later in this account. The account-level policy is applied to existing log groups\n with eventual consistency. It might take up to 5 minutes before sensitive data in existing log groups begins to be masked.
\n By default, when a user views a log event that includes masked data, the sensitive data is replaced by asterisks.\n A user who has the logs:Unmask permission can use a \n GetLogEvents or \n FilterLogEvents\n operation with the unmask parameter set to true to view the unmasked \n log events. Users with the logs:Unmask can also view unmasked data in the CloudWatch Logs\n console by running a CloudWatch Logs Insights query with the unmask query command.
\n For more information, including a list of types of data that can be audited and masked, see\n Protect sensitive log data with masking.
\n To use the PutAccountPolicy operation for a data protection policy, you must be signed on with \n the logs:PutDataProtectionPolicy\n and logs:PutAccountPolicy permissions.
\n The PutAccountPolicy operation applies to all log groups in the account. You can use \n PutDataProtectionPolicy\n to create a data protection policy that applies to just one log group. \n If a log group has its own data protection policy and \n the account also has an account-level data protection policy, then the two policies are cumulative. Any sensitive term\n specified in either policy is masked.
\n \n Subscription filter policy\n
\n A subscription filter policy sets up a real-time feed of log events from CloudWatch Logs to other Amazon Web Services services.\n Account-level subscription filter policies apply to both existing log groups and log groups that are created later in \n this account. Supported destinations are Kinesis Data Streams, Kinesis Data Firehose, and \n Lambda. When log events are sent to the receiving service, they are Base64 encoded and \n compressed with the GZIP format.
\n The following destinations are supported for subscription filters:
\n \n - \n
An Kinesis Data Streams data stream in the same account as the subscription policy, for same-account delivery.
\n \n - \n
An Kinesis Data Firehose data stream in the same account as the subscription policy, for same-account delivery.
\n \n - \n
A Lambda function in the same account as the subscription policy, for same-account delivery.
\n \n - \n
A logical destination in a different account created with PutDestination, for cross-account\n delivery. Kinesis Data Streams and Kinesis Data Firehose are supported as logical destinations.
\n \n
\n Each account can have one account-level subscription filter policy. \n If you are updating an existing filter, you must specify the correct name in PolicyName.\n To perform a PutAccountPolicy subscription filter operation for any destination except a Lambda \n function, you must also have the iam:PassRole permission.
"
}
},
"com.amazonaws.cloudwatchlogs#PutAccountPolicyRequest": {
@@ -6794,14 +6806,14 @@
"policyDocument": {
"target": "com.amazonaws.cloudwatchlogs#AccountPolicyDocument",
"traits": {
- "smithy.api#documentation": "Specify the data protection policy, in JSON.
\n This policy must include two JSON blocks:
\n \n - \n
The first block must include both a DataIdentifer array and an \n Operation property with an Audit action. The DataIdentifer array lists the types of sensitive data that\n you want to mask. For more information about the available options, see \n Types of data that you can mask.
\n The Operation property with an Audit action is required to find the \n sensitive data terms. This Audit action must contain a FindingsDestination\n object. You can optionally use that FindingsDestination object to list one or more \n destinations to send audit findings to. If you specify destinations such as log groups, \n Kinesis Data Firehose streams, and S3 buckets, they must already exist.
\n \n - \n
The second block must include both a DataIdentifer array and an\n Operation property with an Deidentify action. The\n DataIdentifer array must exactly match the DataIdentifer array\n in the first block of the policy.
\n The Operation property with the Deidentify action is what actually masks the \n data, and it must \n contain the \n \"MaskConfig\": {} object. The \n \"MaskConfig\": {} object must be empty.
\n \n
\n For an example data protection policy, see the Examples section on this page.
\n \n The contents of the two DataIdentifer arrays must match exactly.
\n \n In addition to the two JSON blocks, the policyDocument can also include Name,\n Description, and Version fields. The Name is different than the \n operation's policyName parameter, and is used as a dimension when\n CloudWatch Logs reports audit findings metrics to CloudWatch.
\n The JSON specified in policyDocument can be up to 30,720 characters.
",
+ "smithy.api#documentation": "Specify the policy, in JSON.
\n \n Data protection policy\n
\n A data protection policy must include two JSON blocks:
\n \n - \n
The first block must include both a DataIdentifer array and an \n Operation property with an Audit action. The DataIdentifer array lists the types of sensitive data that\n you want to mask. For more information about the available options, see \n Types of data that you can mask.
\n The Operation property with an Audit action is required to find the \n sensitive data terms. This Audit action must contain a FindingsDestination\n object. You can optionally use that FindingsDestination object to list one or more \n destinations to send audit findings to. If you specify destinations such as log groups, \n Kinesis Data Firehose streams, and S3 buckets, they must already exist.
\n \n - \n
The second block must include both a DataIdentifer array and an\n Operation property with an Deidentify action. The\n DataIdentifer array must exactly match the DataIdentifer array\n in the first block of the policy.
\n The Operation property with the Deidentify action is what actually masks the \n data, and it must \n contain the \n \"MaskConfig\": {} object. The \n \"MaskConfig\": {} object must be empty.
\n \n
\n For an example data protection policy, see the Examples section on this page.
\n \n The contents of the two DataIdentifer arrays must match exactly.
\n \n In addition to the two JSON blocks, the policyDocument can also include Name,\n Description, and Version fields. The Name is different than the \n operation's policyName parameter, and is used as a dimension when\n CloudWatch Logs reports audit findings metrics to CloudWatch.
\n The JSON specified in policyDocument can be up to 30,720 characters long.
\n \n Subscription filter policy\n
\n A subscription filter policy can include the following attributes in a JSON block:
\n \n - \n
\n DestinationArn The ARN of the destination\n to deliver log events to. Supported destinations are:
\n \n - \n
An Kinesis Data Streams data stream in the same account as the subscription policy, for same-account delivery.
\n \n - \n
An Kinesis Data Firehose data stream in the same account as the subscription policy, for same-account delivery.
\n \n - \n
A Lambda function in the same account as the subscription policy, for same-account delivery.
\n \n - \n
A logical destination in a different account created with PutDestination, for cross-account\n delivery. Kinesis Data Streams and Kinesis Data Firehose are supported as logical destinations.
\n \n
\n \n - \n
\n RoleArn The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log\n events to the destination stream. You don't need to provide the ARN when you are working with\n a logical destination for cross-account delivery.
\n \n - \n
\n FilterPattern A filter pattern for subscribing to a \n filtered stream of log events.
\n \n - \n
\n DistributionThe method used to distribute log data to the destination. \n By default, log data is\n grouped by log stream, but the grouping can be set to Random for a more even distribution.\n This property is only applicable when the destination is an Kinesis Data Streams data stream.
\n \n
",
"smithy.api#required": {}
}
},
"policyType": {
"target": "com.amazonaws.cloudwatchlogs#PolicyType",
"traits": {
- "smithy.api#documentation": "Currently the only valid value for this parameter is DATA_PROTECTION_POLICY.
",
+ "smithy.api#documentation": "The type of policy that you're creating or updating.
",
"smithy.api#required": {}
}
},
@@ -6810,6 +6822,12 @@
"traits": {
"smithy.api#documentation": "Currently the only valid value for this parameter is ALL, which specifies that the data \n protection policy applies to all log groups in the account. If you omit this parameter, the default\n of ALL is used.
"
}
+ },
+ "selectionCriteria": {
+ "target": "com.amazonaws.cloudwatchlogs#SelectionCriteria",
+ "traits": {
+ "smithy.api#documentation": "Use this parameter to apply the subscription filter policy to a subset of log groups in the account.\n Currently, the only supported filter is LogGroupName NOT IN []. The selectionCriteria\n string can be up to 25KB in length. The length is determined by using its UTF-8 bytes.
\n Using the selectionCriteria parameter is useful to help prevent infinite loops. \n For more information, see Log recursion prevention.
\n Specifing selectionCriteria is valid only when you specify SUBSCRIPTION_FILTER_POLICY\n for policyType.
"
+ }
}
},
"traits": {
@@ -8103,6 +8121,9 @@
"target": "com.amazonaws.cloudwatchlogs#SearchedLogStream"
}
},
+ "com.amazonaws.cloudwatchlogs#SelectionCriteria": {
+ "type": "string"
+ },
"com.amazonaws.cloudwatchlogs#SequenceToken": {
"type": "string",
"traits": {
@@ -8374,7 +8395,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Starts a Live Tail streaming session for one or more log groups. A Live Tail session returns a stream of \n log events that have\n been recently ingested in the log groups. For more information, see \n Use Live Tail to view logs in near real time.\n
\n The response to this operation is a response stream, over which \n the server sends live log events and the client receives them.
\n The following objects are sent over the stream:
\n \n - \n
A single LiveTailSessionStart \n object is sent at the start of the session.
\n \n - \n
Every second, a LiveTailSessionUpdate\n object is sent. Each of these objects contains an array of the actual log events.
\n If no new log events were ingested in the past second, the \n LiveTailSessionUpdate object will contain an empty array.
\n The array of log events contained in a LiveTailSessionUpdate can include\n as many as 500 log events. If the number of log events matching the request exceeds 500 per second, the\n log events are sampled down to 500 log events to be included in each LiveTailSessionUpdate object.
\n If your client consumes the log events slower than the server produces them, CloudWatch Logs\n buffers up to 10 LiveTailSessionUpdate events or 5000 log events, after \n which it starts dropping the oldest events.
\n \n - \n
A SessionStreamingException \n object is returned if an unknown error occurs on the server side.
\n \n - \n
A SessionTimeoutException \n object is returned when the session times out, after it has been kept open for three hours.
\n \n
\n \n You can end a session before it times out by closing the session stream or by closing the client that is receiving the \n stream. The session also ends if the established connection between the client and the server breaks.
\n ",
+ "smithy.api#documentation": "Starts a Live Tail streaming session for one or more log groups. A Live Tail session returns a stream of \n log events that have\n been recently ingested in the log groups. For more information, see \n Use Live Tail to view logs in near real time.\n
\n The response to this operation is a response stream, over which \n the server sends live log events and the client receives them.
\n The following objects are sent over the stream:
\n \n - \n
A single LiveTailSessionStart \n object is sent at the start of the session.
\n \n - \n
Every second, a LiveTailSessionUpdate\n object is sent. Each of these objects contains an array of the actual log events.
\n If no new log events were ingested in the past second, the \n LiveTailSessionUpdate object will contain an empty array.
\n The array of log events contained in a LiveTailSessionUpdate can include\n as many as 500 log events. If the number of log events matching the request exceeds 500 per second, the\n log events are sampled down to 500 log events to be included in each LiveTailSessionUpdate object.
\n If your client consumes the log events slower than the server produces them, CloudWatch Logs\n buffers up to 10 LiveTailSessionUpdate events or 5000 log events, after \n which it starts dropping the oldest events.
\n \n - \n
A SessionStreamingException \n object is returned if an unknown error occurs on the server side.
\n \n - \n
A SessionTimeoutException \n object is returned when the session times out, after it has been kept open for three hours.
\n \n
\n \n You can end a session before it times out by closing the session stream or by closing the client that is receiving the \n stream. The session also ends if the established connection between the client and the server breaks.
\n \n For examples of using an SDK to start a Live Tail session, see \n \n Start a Live Tail session using an Amazon Web Services SDK.
",
"smithy.api#endpoint": {
"hostPrefix": "streaming-"
}
@@ -8405,13 +8426,13 @@
"logStreamNames": {
"target": "com.amazonaws.cloudwatchlogs#InputLogStreamNames",
"traits": {
- "smithy.api#documentation": "If you specify this parameter, then only log events in the log streams that you specify here are \n included in the Live Tail session.
\n \n You can specify this parameter only if you specify only one log group in logGroupIdentifiers.
\n "
+ "smithy.api#documentation": "If you specify this parameter, then only log events in the log streams that you specify here are \n included in the Live Tail session.
\n If you specify this field, you can't also specify the logStreamNamePrefixes field.
\n \n You can specify this parameter only if you specify only one log group in logGroupIdentifiers.
\n "
}
},
"logStreamNamePrefixes": {
"target": "com.amazonaws.cloudwatchlogs#InputLogStreamNames",
"traits": {
- "smithy.api#documentation": "If you specify this parameter, then only log events in the log streams that have names that start with the \n prefixes that you specify here are \n included in the Live Tail session.
\n \n You can specify this parameter only if you specify only one log group in logGroupIdentifiers.
\n "
+ "smithy.api#documentation": "If you specify this parameter, then only log events in the log streams that have names that start with the \n prefixes that you specify here are \n included in the Live Tail session.
\n If you specify this field, you can't also specify the logStreamNames field.
\n \n You can specify this parameter only if you specify only one log group in logGroupIdentifiers.
\n "
}
},
"logEventFilterPattern": {
diff --git a/codegen/sdk-codegen/aws-models/codebuild.json b/codegen/sdk-codegen/aws-models/codebuild.json
index edf88146f0c..fb6ebfbb187 100644
--- a/codegen/sdk-codegen/aws-models/codebuild.json
+++ b/codegen/sdk-codegen/aws-models/codebuild.json
@@ -2550,17 +2550,6 @@
"expect": {
"error": "Invalid Configuration: Missing Region"
}
- },
- {
- "documentation": "Partition doesn't support DualStack",
- "expect": {
- "error": "DualStack is enabled but this partition does not support DualStack"
- },
- "params": {
- "Region": "us-isob-east-1",
- "UseFIPS": false,
- "UseDualStack": true
- }
}
],
"version": "1.0"
@@ -2706,6 +2695,12 @@
"smithy.api#enumValue": "BUILD_GENERAL1_LARGE"
}
},
+ "BUILD_GENERAL1_XLARGE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "BUILD_GENERAL1_XLARGE"
+ }
+ },
"BUILD_GENERAL1_2XLARGE": {
"target": "smithy.api#Unit",
"traits": {
@@ -5618,7 +5613,7 @@
"computeType": {
"target": "com.amazonaws.codebuild#ComputeType",
"traits": {
- "smithy.api#documentation": "Information about the compute resources the build project uses. Available values\n include:
\n \n - \n
\n BUILD_GENERAL1_SMALL: Use up to 3 GB memory and 2 vCPUs for\n builds.
\n \n - \n
\n BUILD_GENERAL1_MEDIUM: Use up to 7 GB memory and 4 vCPUs for\n builds.
\n \n - \n
\n BUILD_GENERAL1_LARGE: Use up to 16 GB memory and 8 vCPUs for\n builds, depending on your environment type.
\n \n - \n
\n BUILD_GENERAL1_2XLARGE: Use up to 145 GB memory, 72 vCPUs, and\n 824 GB of SSD storage for builds. This compute type supports Docker images up to\n 100 GB uncompressed.
\n \n - \n
\n BUILD_LAMBDA_1GB: Use up to 1 GB memory for\n builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.
\n \n - \n
\n BUILD_LAMBDA_2GB: Use up to 2 GB memory for\n builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.
\n \n - \n
\n BUILD_LAMBDA_4GB: Use up to 4 GB memory for\n builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.
\n \n - \n
\n BUILD_LAMBDA_8GB: Use up to 8 GB memory for\n builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.
\n \n - \n
\n BUILD_LAMBDA_10GB: Use up to 10 GB memory for\n builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.
\n \n
\n If you use BUILD_GENERAL1_SMALL:
\n \n - \n
For environment type LINUX_CONTAINER, you can use up to 3 GB\n memory and 2 vCPUs for builds.
\n \n - \n
For environment type LINUX_GPU_CONTAINER, you can use up to 16\n GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.
\n \n - \n
For environment type ARM_CONTAINER, you can use up to 4 GB\n memory and 2 vCPUs on ARM-based processors for builds.
\n \n
\n If you use BUILD_GENERAL1_LARGE:
\n \n - \n
For environment type LINUX_CONTAINER, you can use up to 15 GB\n memory and 8 vCPUs for builds.
\n \n - \n
For environment type LINUX_GPU_CONTAINER, you can use up to 255\n GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.
\n \n - \n
For environment type ARM_CONTAINER, you can use up to 16 GB\n memory and 8 vCPUs on ARM-based processors for builds.
\n \n
\n For more information, see Build Environment\n Compute Types in the CodeBuild User Guide.\n
",
+ "smithy.api#documentation": "Information about the compute resources the build project uses. Available values\n include:
\n \n - \n
\n BUILD_GENERAL1_SMALL: Use up to 3 GB memory and 2 vCPUs for\n builds.
\n \n - \n
\n BUILD_GENERAL1_MEDIUM: Use up to 7 GB memory and 4 vCPUs for\n builds.
\n \n - \n
\n BUILD_GENERAL1_LARGE: Use up to 16 GB memory and 8 vCPUs for\n builds, depending on your environment type.
\n \n - \n
\n BUILD_GENERAL1_XLARGE: Use up to 70 GB memory and 36 vCPUs for\n builds, depending on your environment type.
\n \n - \n
\n BUILD_GENERAL1_2XLARGE: Use up to 145 GB memory, 72 vCPUs, and\n 824 GB of SSD storage for builds. This compute type supports Docker images up to\n 100 GB uncompressed.
\n \n - \n
\n BUILD_LAMBDA_1GB: Use up to 1 GB memory for\n builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.
\n \n - \n
\n BUILD_LAMBDA_2GB: Use up to 2 GB memory for\n builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.
\n \n - \n
\n BUILD_LAMBDA_4GB: Use up to 4 GB memory for\n builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.
\n \n - \n
\n BUILD_LAMBDA_8GB: Use up to 8 GB memory for\n builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.
\n \n - \n
\n BUILD_LAMBDA_10GB: Use up to 10 GB memory for\n builds. Only available for environment type LINUX_LAMBDA_CONTAINER and ARM_LAMBDA_CONTAINER.
\n \n
\n If you use BUILD_GENERAL1_SMALL:
\n \n - \n
For environment type LINUX_CONTAINER, you can use up to 3 GB\n memory and 2 vCPUs for builds.
\n \n - \n
For environment type LINUX_GPU_CONTAINER, you can use up to 16\n GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.
\n \n - \n
For environment type ARM_CONTAINER, you can use up to 4 GB\n memory and 2 vCPUs on ARM-based processors for builds.
\n \n
\n If you use BUILD_GENERAL1_LARGE:
\n \n - \n
For environment type LINUX_CONTAINER, you can use up to 15 GB\n memory and 8 vCPUs for builds.
\n \n - \n
For environment type LINUX_GPU_CONTAINER, you can use up to 255\n GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.
\n \n - \n
For environment type ARM_CONTAINER, you can use up to 16 GB\n memory and 8 vCPUs on ARM-based processors for builds.
\n \n
\n For more information, see Build Environment\n Compute Types in the CodeBuild User Guide.\n
",
"smithy.api#required": {}
}
},
diff --git a/codegen/sdk-codegen/aws-models/connect.json b/codegen/sdk-codegen/aws-models/connect.json
index f819e07c715..72f30691971 100644
--- a/codegen/sdk-codegen/aws-models/connect.json
+++ b/codegen/sdk-codegen/aws-models/connect.json
@@ -316,7 +316,8 @@
"smithy.api#length": {
"min": 1,
"max": 100
- }
+ },
+ "smithy.api#sensitive": {}
}
},
"com.amazonaws.connect#AgentHierarchyGroups": {
@@ -389,7 +390,8 @@
"smithy.api#length": {
"min": 1,
"max": 100
- }
+ },
+ "smithy.api#sensitive": {}
}
},
"com.amazonaws.connect#AgentPauseDurationInSeconds": {
@@ -8081,7 +8083,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains credentials to use for federation.
"
+ "smithy.api#documentation": "Contains credentials to use for federation.
",
+ "smithy.api#sensitive": {}
}
},
"com.amazonaws.connect#CrossChannelBehavior": {
@@ -11587,7 +11590,8 @@
"smithy.api#length": {
"min": 0,
"max": 4096
- }
+ },
+ "smithy.api#sensitive": {}
}
},
"com.amazonaws.connect#Description250": {
@@ -12698,7 +12702,10 @@
}
},
"com.amazonaws.connect#Email": {
- "type": "string"
+ "type": "string",
+ "traits": {
+ "smithy.api#sensitive": {}
+ }
},
"com.amazonaws.connect#EmailReference": {
"type": "structure",
@@ -13960,7 +13967,7 @@
"Value": {
"target": "com.amazonaws.connect#EvaluationNoteString",
"traits": {
- "smithy.api#documentation": "The note for an item (section or question) in a contact evaluation.
"
+ "smithy.api#documentation": "The note for an item (section or question) in a contact evaluation.
\n \n Even though a note in an evaluation can have up to 3072 chars, there is also a limit on the\n total number of chars for all the notes in the evaluation combined. Assuming there are N\n questions in the evaluation being submitted, then the max char limit for all notes combined is N\n x 1024.
\n "
}
}
},
@@ -14663,20 +14670,20 @@
"Filters": {
"target": "com.amazonaws.connect#Filters",
"traits": {
- "smithy.api#documentation": "The filters to apply to returned metrics. You can filter up to the following limits:
\n \n Metric data is retrieved only for the resources associated with the queues or routing\n profiles, and by any channels included in the filter. (You cannot filter by both queue AND\n routing profile.) You can include both resource IDs and resource ARNs in the same request.
\n Currently tagging is only supported on the resources that are passed in the filter.
",
+ "smithy.api#documentation": "The filters to apply to returned metrics. You can filter up to the following limits:
\n \n - \n
Queues: 100
\n \n - \n
Routing profiles: 100
\n \n - \n
Channels: 3 (VOICE, CHAT, and TASK channels are supported.)
\n \n - \n
RoutingStepExpressions: 50
\n \n
\n Metric data is retrieved only for the resources associated with the queues or routing\n profiles, and by any channels included in the filter. (You cannot filter by both queue AND\n routing profile.) You can include both resource IDs and resource ARNs in the same request.
\n When using RoutingStepExpression, you need to pass exactly one\n QueueId.
\n Currently tagging is only supported on the resources that are passed in the filter.
",
"smithy.api#required": {}
}
},
"Groupings": {
"target": "com.amazonaws.connect#Groupings",
"traits": {
- "smithy.api#documentation": "The grouping applied to the metrics returned. For example, when grouped by\n QUEUE, the metrics returned apply to each queue rather than aggregated for all\n queues.
\n \n - \n
If you group by CHANNEL, you should include a Channels filter.\n VOICE, CHAT, and TASK channels are supported.
\n \n - \n
If you group by ROUTING_PROFILE, you must include either a queue or routing\n profile filter. In addition, a routing profile filter is required for metrics\n CONTACTS_SCHEDULED, CONTACTS_IN_QUEUE, and \n OLDEST_CONTACT_AGE.
\n \n - \n
If no Grouping is included in the request, a summary of metrics is\n returned.
\n \n
"
+ "smithy.api#documentation": "The grouping applied to the metrics returned. For example, when grouped by\n QUEUE, the metrics returned apply to each queue rather than aggregated for all\n queues.
\n \n - \n
If you group by CHANNEL, you should include a Channels filter.\n VOICE, CHAT, and TASK channels are supported.
\n \n - \n
If you group by ROUTING_PROFILE, you must include either a queue or routing\n profile filter. In addition, a routing profile filter is required for metrics\n CONTACTS_SCHEDULED, CONTACTS_IN_QUEUE, and \n OLDEST_CONTACT_AGE.
\n \n - \n
If no Grouping is included in the request, a summary of metrics is\n returned.
\n \n - \n
When using the RoutingStepExpression filter, group by\n ROUTING_STEP_EXPRESSION is required.
\n \n
"
}
},
"CurrentMetrics": {
"target": "com.amazonaws.connect#CurrentMetrics",
"traits": {
- "smithy.api#documentation": "The metrics to retrieve. Specify the name and unit for each metric. The following metrics\n are available. For a description of all the metrics, see Real-time Metrics\n Definitions in the Amazon Connect Administrator Guide.
\n \n - AGENTS_AFTER_CONTACT_WORK
\n - \n
Unit: COUNT
\n Name in real-time metrics report: ACW\n
\n \n - AGENTS_AVAILABLE
\n - \n
Unit: COUNT
\n Name in real-time metrics report: Available\n
\n \n - AGENTS_ERROR
\n - \n
Unit: COUNT
\n Name in real-time metrics report: Error\n
\n \n - AGENTS_NON_PRODUCTIVE
\n - \n
Unit: COUNT
\n Name in real-time metrics report: NPT (Non-Productive Time)\n
\n \n - AGENTS_ON_CALL
\n - \n
Unit: COUNT
\n Name in real-time metrics report: On\n contact\n
\n \n - AGENTS_ON_CONTACT
\n - \n
Unit: COUNT
\n Name in real-time metrics report: On\n contact\n
\n \n - AGENTS_ONLINE
\n - \n
Unit: COUNT
\n Name in real-time metrics report: Online\n
\n \n - AGENTS_STAFFED
\n - \n
Unit: COUNT
\n Name in real-time metrics report: Staffed\n
\n \n - CONTACTS_IN_QUEUE
\n - \n
Unit: COUNT
\n Name in real-time metrics report: In\n queue\n
\n \n - CONTACTS_SCHEDULED
\n - \n
Unit: COUNT
\n Name in real-time metrics report: Scheduled\n
\n \n - OLDEST_CONTACT_AGE
\n - \n
Unit: SECONDS
\n When you use groupings, Unit says SECONDS and the Value is returned in SECONDS.
\n When you do not use groupings, Unit says SECONDS but the Value is returned in\n MILLISECONDS. For example, if you get a response like this:
\n \n { \"Metric\": { \"Name\": \"OLDEST_CONTACT_AGE\", \"Unit\": \"SECONDS\" }, \"Value\": 24113.0\n }
\n The actual OLDEST_CONTACT_AGE is 24 seconds.
\n Name in real-time metrics report: Oldest\n
\n \n - SLOTS_ACTIVE
\n - \n
Unit: COUNT
\n Name in real-time metrics report: Active\n
\n \n - SLOTS_AVAILABLE
\n - \n
Unit: COUNT
\n Name in real-time metrics report: Availability\n
\n \n
",
+ "smithy.api#documentation": "The metrics to retrieve. Specify the name and unit for each metric. The following metrics\n are available. For a description of all the metrics, see Real-time Metrics\n Definitions in the Amazon Connect Administrator Guide.
\n \n - AGENTS_AFTER_CONTACT_WORK
\n - \n
Unit: COUNT
\n Name in real-time metrics report: ACW\n
\n \n - AGENTS_AVAILABLE
\n - \n
Unit: COUNT
\n Name in real-time metrics report: Available\n
\n \n - AGENTS_ERROR
\n - \n
Unit: COUNT
\n Name in real-time metrics report: Error\n
\n \n - AGENTS_NON_PRODUCTIVE
\n - \n
Unit: COUNT
\n Name in real-time metrics report: NPT (Non-Productive Time)\n
\n \n - AGENTS_ON_CALL
\n - \n
Unit: COUNT
\n Name in real-time metrics report: On\n contact\n
\n \n - AGENTS_ON_CONTACT
\n - \n
Unit: COUNT
\n Name in real-time metrics report: On\n contact\n
\n \n - AGENTS_ONLINE
\n - \n
Unit: COUNT
\n Name in real-time metrics report: Online\n
\n \n - AGENTS_STAFFED
\n - \n
Unit: COUNT
\n Name in real-time metrics report: Staffed\n
\n \n - CONTACTS_IN_QUEUE
\n - \n
Unit: COUNT
\n Name in real-time metrics report: In\n queue\n
\n \n - CONTACTS_SCHEDULED
\n - \n
Unit: COUNT
\n Name in real-time metrics report: Scheduled\n
\n \n - OLDEST_CONTACT_AGE
\n - \n
Unit: SECONDS
\n When you use groupings, Unit says SECONDS and the Value is returned in SECONDS.
\n When you do not use groupings, Unit says SECONDS but the Value is returned in\n MILLISECONDS. For example, if you get a response like this:
\n \n { \"Metric\": { \"Name\": \"OLDEST_CONTACT_AGE\", \"Unit\": \"SECONDS\" }, \"Value\": 24113.0\n }
\n The actual OLDEST_CONTACT_AGE is 24 seconds.
\n When the filter RoutingStepExpression is used, this metric is still\n calculated from enqueue time. For example, if a contact that has been queued under\n OLDEST_CONTACT_AGE for this queue will be counted starting\n from 10, not 0.
\n Name in real-time metrics report: Oldest\n
\n \n - SLOTS_ACTIVE
\n - \n
Unit: COUNT
\n Name in real-time metrics report: Active\n
\n \n - SLOTS_AVAILABLE
\n - \n
Unit: COUNT
\n Name in real-time metrics report: Availability\n
\n \n
",
"smithy.api#required": {}
}
},
@@ -15082,14 +15089,14 @@
"Filters": {
"target": "com.amazonaws.connect#Filters",
"traits": {
- "smithy.api#documentation": "The queues, up to 100, or channels, to use to filter the metrics returned. Metric data is\n retrieved only for the resources associated with the queues or channels included in the filter.\n You can include both queue IDs and queue ARNs in the same request. VOICE, CHAT, and TASK channels are supported.
\n \n To filter by Queues, enter the queue\n ID/ARN, not the name of the queue.
\n ",
+ "smithy.api#documentation": "The queues, up to 100, or channels, to use to filter the metrics returned. Metric data is\n retrieved only for the resources associated with the queues or channels included in the filter.\n You can include both queue IDs and queue ARNs in the same request. VOICE, CHAT, and TASK channels are supported.
\n RoutingStepExpression is not a valid filter for GetMetricData and we recommend switching to\n GetMetricDataV2 for more up-to-date features.
\n \n To filter by Queues, enter the queue\n ID/ARN, not the name of the queue.
\n ",
"smithy.api#required": {}
}
},
"Groupings": {
"target": "com.amazonaws.connect#Groupings",
"traits": {
- "smithy.api#documentation": "The grouping applied to the metrics returned. For example, when results are grouped by\n queue, the metrics returned are grouped by queue. The values returned apply to the metrics for\n each queue rather than aggregated for all queues.
\n If no grouping is specified, a summary of metrics for all queues is returned.
"
+ "smithy.api#documentation": "The grouping applied to the metrics returned. For example, when results are grouped by\n queue, the metrics returned are grouped by queue. The values returned apply to the metrics for\n each queue rather than aggregated for all queues.
\n If no grouping is specified, a summary of metrics for all queues is returned.
\n RoutingStepExpression is not a valid filter for GetMetricData and we recommend switching to\n GetMetricDataV2 for more up-to-date features.
"
}
},
"HistoricalMetrics": {
@@ -15208,20 +15215,20 @@
"Filters": {
"target": "com.amazonaws.connect#FiltersV2List",
"traits": {
- "smithy.api#documentation": "The filters to apply to returned metrics. You can filter on the following resources:
\n \n - \n
Queues
\n \n - \n
Routing profiles
\n \n - \n
Agents
\n \n - \n
Channels
\n \n - \n
User hierarchy groups
\n \n - \n
Feature
\n \n
\n At least one filter must be passed from queues, routing profiles, agents, or user hierarchy\n groups.
\n To filter by phone number, see Create a historical\n metrics report in the Amazon Connect Administrator's\n Guide.
\n Note the following limits:
\n \n - \n
\n Filter keys: A maximum of 5 filter keys are supported in\n a single request. Valid filter keys: QUEUE | ROUTING_PROFILE |\n AGENT | CHANNEL | AGENT_HIERARCHY_LEVEL_ONE |\n AGENT_HIERARCHY_LEVEL_TWO | AGENT_HIERARCHY_LEVEL_THREE |\n AGENT_HIERARCHY_LEVEL_FOUR | AGENT_HIERARCHY_LEVEL_FIVE |\n FEATURE | contact/segmentAttributes/connect:Subtype\n
\n \n - \n
\n Filter values: A maximum of 100 filter values are\n supported in a single request. VOICE, CHAT, and TASK are valid filterValue for the\n CHANNEL filter key. They do not count towards limitation of 100 filter values. For example, a\n GetMetricDataV2 request can filter by 50 queues, 35 agents, and 15 routing profiles for a total\n of 100 filter values, along with 3 channel filters.
\n \n contact_lens_conversational_analytics is a valid filterValue for the\n FEATURE filter key. It is available only to contacts analyzed by Contact Lens\n conversational analytics.
\n \n connect:Chat, connect:SMS, connect:Telephony, and\n connect:WebRTC are valid filterValue examples (not exhaustive) for\n the contact/segmentAttributes/connect:Subtype filter key.
\n \n
",
+ "smithy.api#documentation": "The filters to apply to returned metrics. You can filter on the following resources:
\n \n - \n
Queues
\n \n - \n
Routing profiles
\n \n - \n
Agents
\n \n - \n
Channels
\n \n - \n
User hierarchy groups
\n \n - \n
Feature
\n \n - \n
Routing step expression
\n \n
\n At least one filter must be passed from queues, routing profiles, agents, or user hierarchy\n groups.
\n To filter by phone number, see Create a historical\n metrics report in the Amazon Connect Administrator's\n Guide.
\n Note the following limits:
\n \n - \n
\n Filter keys: A maximum of 5 filter keys are supported in\n a single request. Valid filter keys: QUEUE | ROUTING_PROFILE |\n AGENT | CHANNEL | AGENT_HIERARCHY_LEVEL_ONE |\n AGENT_HIERARCHY_LEVEL_TWO | AGENT_HIERARCHY_LEVEL_THREE |\n AGENT_HIERARCHY_LEVEL_FOUR | AGENT_HIERARCHY_LEVEL_FIVE |\n FEATURE | contact/segmentAttributes/connect:Subtype |\n ROUTING_STEP_EXPRESSION\n
\n \n - \n
\n Filter values: A maximum of 100 filter values are\n supported in a single request. VOICE, CHAT, and TASK are valid filterValue for the\n CHANNEL filter key. They do not count towards limitation of 100 filter values. For example, a\n GetMetricDataV2 request can filter by 50 queues, 35 agents, and 15 routing profiles for a total\n of 100 filter values, along with 3 channel filters.
\n \n contact_lens_conversational_analytics is a valid filterValue for the\n FEATURE filter key. It is available only to contacts analyzed by Contact Lens\n conversational analytics.
\n \n connect:Chat, connect:SMS, connect:Telephony, and\n connect:WebRTC are valid filterValue examples (not exhaustive) for\n the contact/segmentAttributes/connect:Subtype filter key.
\n ROUTING_STEP_EXPRESSION is a valid filter key with a filter value up to 3000\n length.
\n \n
",
"smithy.api#required": {}
}
},
"Groupings": {
"target": "com.amazonaws.connect#GroupingsV2",
"traits": {
- "smithy.api#documentation": "The grouping applied to the metrics that are returned. For example, when results are grouped\n by queue, the metrics returned are grouped by queue. The values that are returned apply to the\n metrics for each queue. They are not aggregated for all queues.
\n If no grouping is specified, a summary of all metrics is returned.
\n Valid grouping keys: QUEUE | ROUTING_PROFILE | AGENT\n | CHANNEL | AGENT_HIERARCHY_LEVEL_ONE |\n AGENT_HIERARCHY_LEVEL_TWO | AGENT_HIERARCHY_LEVEL_THREE |\n AGENT_HIERARCHY_LEVEL_FOUR | AGENT_HIERARCHY_LEVEL_FIVE,\n contact/segmentAttributes/connect:Subtype\n
"
+ "smithy.api#documentation": "The grouping applied to the metrics that are returned. For example, when results are grouped\n by queue, the metrics returned are grouped by queue. The values that are returned apply to the\n metrics for each queue. They are not aggregated for all queues.
\n If no grouping is specified, a summary of all metrics is returned.
\n Valid grouping keys: QUEUE | ROUTING_PROFILE | AGENT\n | CHANNEL | AGENT_HIERARCHY_LEVEL_ONE |\n AGENT_HIERARCHY_LEVEL_TWO | AGENT_HIERARCHY_LEVEL_THREE |\n AGENT_HIERARCHY_LEVEL_FOUR | AGENT_HIERARCHY_LEVEL_FIVE,\n contact/segmentAttributes/connect:Subtype |\n ROUTING_STEP_EXPRESSION\n
"
}
},
"Metrics": {
"target": "com.amazonaws.connect#MetricsV2",
"traits": {
- "smithy.api#documentation": "The metrics to retrieve. Specify the name, groupings, and filters for each metric. The\n following historical metrics are available. For a description of each metric, see Historical metrics definitions in the Amazon Connect Administrator's\n Guide.
\n \n - ABANDONMENT_RATE
\n - \n
Unit: Percent
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n - AGENT_ADHERENT_TIME
\n - \n
This metric is available only in Amazon Web Services Regions where Forecasting, capacity planning, and scheduling is available.
\n Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - AGENT_ANSWER_RATE
\n - \n
Unit: Percent
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - AGENT_NON_ADHERENT_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - AGENT_NON_RESPONSE
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - AGENT_NON_RESPONSE_WITHOUT_CUSTOMER_ABANDONS
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n Data for this metric is available starting from October 1, 2023 0:00:00 GMT.
\n \n - AGENT_OCCUPANCY
\n - \n
Unit: Percentage
\n Valid groupings and filters: Routing Profile, Agent, Agent Hierarchy
\n \n - AGENT_SCHEDULE_ADHERENCE
\n - \n
This metric is available only in Amazon Web Services Regions where Forecasting, capacity planning, and scheduling is available.
\n Unit: Percent
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - AGENT_SCHEDULED_TIME
\n - \n
This metric is available only in Amazon Web Services Regions where Forecasting, capacity planning, and scheduling is available.
\n Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - AVG_ABANDON_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_ACTIVE_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - AVG_AFTER_CONTACT_WORK_TIME
\n - \n
Unit: Seconds
\n Valid metric filter key: INITIATION_METHOD\n
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n Feature is a valid filter but not a valid grouping.
\n \n \n - AVG_AGENT_CONNECTING_TIME
\n - \n
Unit: Seconds
\n Valid metric filter key: INITIATION_METHOD. For now, this metric only\n supports the following as INITIATION_METHOD: INBOUND |\n OUTBOUND | CALLBACK | API\n
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n The Negate key in Metric Level Filters is not applicable for this\n metric.
\n \n \n - AVG_AGENT_PAUSE_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - AVG_CONTACT_DURATION
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n Feature is a valid filter but not a valid grouping.
\n \n \n - AVG_CONVERSATION_DURATION
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_GREETING_TIME_AGENT
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_HANDLE_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n Feature is a valid filter but not a valid grouping.
\n \n \n - AVG_HOLD_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n Feature is a valid filter but not a valid grouping.
\n \n \n - AVG_HOLD_TIME_ALL_CONTACTS
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_HOLDS
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n Feature is a valid filter but not a valid grouping.
\n \n \n - AVG_INTERACTION_AND_HOLD_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_INTERACTION_TIME
\n - \n
Unit: Seconds
\n Valid metric filter key: INITIATION_METHOD\n
\n Valid groupings and filters: Queue, Channel, Routing Profile, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n Feature is a valid filter but not a valid grouping.
\n \n \n - AVG_INTERRUPTIONS_AGENT
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_INTERRUPTION_TIME_AGENT
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_NON_TALK_TIME
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_QUEUE_ANSWER_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n Feature is a valid filter but not a valid grouping.
\n \n \n - AVG_RESOLUTION_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_TALK_TIME
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_TALK_TIME_AGENT
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_TALK_TIME_CUSTOMER
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - CONTACTS_ABANDONED
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - CONTACTS_CREATED
\n - \n
Unit: Count
\n Valid metric filter key: INITIATION_METHOD\n
\n Valid groupings and filters: Queue, Channel, Routing Profile, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n Feature is a valid filter but not a valid grouping.
\n \n \n - CONTACTS_HANDLED
\n - \n
Unit: Count
\n Valid metric filter key: INITIATION_METHOD,\n DISCONNECT_REASON\n
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n Feature is a valid filter but not a valid grouping.
\n \n \n - CONTACTS_HOLD_ABANDONS
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - CONTACTS_ON_HOLD_AGENT_DISCONNECT
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - CONTACTS_ON_HOLD_CUSTOMER_DISCONNECT
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - CONTACTS_PUT_ON_HOLD
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - CONTACTS_TRANSFERRED_OUT_EXTERNAL
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - CONTACTS_TRANSFERRED_OUT_INTERNAL
\n - \n
Unit: Percent
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - CONTACTS_QUEUED
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - CONTACTS_RESOLVED_IN_X
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile,\n contact/segmentAttributes/connect:Subtype
\n Threshold: For ThresholdValue enter any whole number from 1 to 604800\n (inclusive), in seconds. For Comparison, you must enter LT (for\n \"Less than\").
\n \n - CONTACTS_TRANSFERRED_OUT
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n Feature is a valid filter but not a valid grouping.
\n \n \n - CONTACTS_TRANSFERRED_OUT_BY_AGENT
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - CONTACTS_TRANSFERRED_OUT_FROM_QUEUE
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - MAX_QUEUED_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - PERCENT_NON_TALK_TIME
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Percentage
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - PERCENT_TALK_TIME
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Percentage
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - PERCENT_TALK_TIME_AGENT
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Percentage
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - PERCENT_TALK_TIME_CUSTOMER
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Percentage
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - SERVICE_LEVEL
\n - \n
You can include up to 20 SERVICE_LEVEL metrics in a request.
\n Unit: Percent
\n Valid groupings and filters: Queue, Channel, Routing Profile
\n Threshold: For ThresholdValue, enter any whole number from 1 to 604800\n (inclusive), in seconds. For Comparison, you must enter LT (for\n \"Less than\").
\n \n - SUM_AFTER_CONTACT_WORK_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_CONNECTING_TIME_AGENT
\n - \n
Unit: Seconds
\n Valid metric filter key: INITIATION_METHOD. This metric only supports the\n following filter keys as INITIATION_METHOD: INBOUND |\n OUTBOUND | CALLBACK | API\n
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n The Negate key in Metric Level Filters is not applicable for this\n metric.
\n \n \n - SUM_CONTACT_FLOW_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_CONTACT_TIME_AGENT
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_CONTACTS_ANSWERED_IN_X
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile,\n contact/segmentAttributes/connect:Subtype
\n Threshold: For ThresholdValue, enter any whole number from 1 to 604800\n (inclusive), in seconds. For Comparison, you must enter LT (for\n \"Less than\").
\n \n - SUM_CONTACTS_ABANDONED_IN_X
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile,\n contact/segmentAttributes/connect:Subtype
\n Threshold: For ThresholdValue, enter any whole number from 1 to 604800\n (inclusive), in seconds. For Comparison, you must enter LT (for\n \"Less than\").
\n \n - SUM_CONTACTS_DISCONNECTED
\n - \n
Valid metric filter key: DISCONNECT_REASON\n
\n Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - SUM_ERROR_STATUS_TIME_AGENT
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_HANDLE_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_HOLD_TIME
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_IDLE_TIME_AGENT
\n - \n
Unit: Seconds
\n Valid groupings and filters: Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_INTERACTION_AND_HOLD_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_INTERACTION_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_NON_PRODUCTIVE_TIME_AGENT
\n - \n
Unit: Seconds
\n Valid groupings and filters: Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_ONLINE_TIME_AGENT
\n - \n
Unit: Seconds
\n Valid groupings and filters: Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_RETRY_CALLBACK_ATTEMPTS
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile,\n contact/segmentAttributes/connect:Subtype
\n \n
",
+ "smithy.api#documentation": "The metrics to retrieve. Specify the name, groupings, and filters for each metric. The\n following historical metrics are available. For a description of each metric, see Historical metrics definitions in the Amazon Connect Administrator's\n Guide.
\n \n - ABANDONMENT_RATE
\n - \n
Unit: Percent
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n - AGENT_ADHERENT_TIME
\n - \n
This metric is available only in Amazon Web Services Regions where Forecasting, capacity planning, and scheduling is available.
\n Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - AGENT_ANSWER_RATE
\n - \n
Unit: Percent
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - AGENT_NON_ADHERENT_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - AGENT_NON_RESPONSE
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - AGENT_NON_RESPONSE_WITHOUT_CUSTOMER_ABANDONS
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n Data for this metric is available starting from October 1, 2023 0:00:00 GMT.
\n \n - AGENT_OCCUPANCY
\n - \n
Unit: Percentage
\n Valid groupings and filters: Routing Profile, Agent, Agent Hierarchy
\n \n - AGENT_SCHEDULE_ADHERENCE
\n - \n
This metric is available only in Amazon Web Services Regions where Forecasting, capacity planning, and scheduling is available.
\n Unit: Percent
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - AGENT_SCHEDULED_TIME
\n - \n
This metric is available only in Amazon Web Services Regions where Forecasting, capacity planning, and scheduling is available.
\n Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - AVG_ABANDON_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_ACTIVE_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - AVG_AFTER_CONTACT_WORK_TIME
\n - \n
Unit: Seconds
\n Valid metric filter key: INITIATION_METHOD\n
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n Feature is a valid filter but not a valid grouping.
\n \n \n - AVG_AGENT_CONNECTING_TIME
\n - \n
Unit: Seconds
\n Valid metric filter key: INITIATION_METHOD. For now, this metric only\n supports the following as INITIATION_METHOD: INBOUND |\n OUTBOUND | CALLBACK | API\n
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n The Negate key in Metric Level Filters is not applicable for this\n metric.
\n \n \n - AVG_AGENT_PAUSE_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - AVG_CONTACT_DURATION
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n Feature is a valid filter but not a valid grouping.
\n \n \n - AVG_CONVERSATION_DURATION
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_GREETING_TIME_AGENT
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_HANDLE_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,\n contact/segmentAttributes/connect:Subtype, RoutingStepExpression
\n \n Feature is a valid filter but not a valid grouping.
\n \n \n - AVG_HOLD_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n Feature is a valid filter but not a valid grouping.
\n \n \n - AVG_HOLD_TIME_ALL_CONTACTS
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_HOLDS
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n Feature is a valid filter but not a valid grouping.
\n \n \n - AVG_INTERACTION_AND_HOLD_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_INTERACTION_TIME
\n - \n
Unit: Seconds
\n Valid metric filter key: INITIATION_METHOD\n
\n Valid groupings and filters: Queue, Channel, Routing Profile, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n Feature is a valid filter but not a valid grouping.
\n \n \n - AVG_INTERRUPTIONS_AGENT
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_INTERRUPTION_TIME_AGENT
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_NON_TALK_TIME
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_QUEUE_ANSWER_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n Feature is a valid filter but not a valid grouping.
\n \n \n - AVG_RESOLUTION_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_TALK_TIME
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_TALK_TIME_AGENT
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - AVG_TALK_TIME_CUSTOMER
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - CONTACTS_ABANDONED
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype, RoutingStepExpression
\n \n - CONTACTS_CREATED
\n - \n
Unit: Count
\n Valid metric filter key: INITIATION_METHOD\n
\n Valid groupings and filters: Queue, Channel, Routing Profile, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n Feature is a valid filter but not a valid grouping.
\n \n \n - CONTACTS_HANDLED
\n - \n
Unit: Count
\n Valid metric filter key: INITIATION_METHOD,\n DISCONNECT_REASON\n
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,\n contact/segmentAttributes/connect:Subtype, RoutingStepExpression
\n \n Feature is a valid filter but not a valid grouping.
\n \n \n - CONTACTS_HOLD_ABANDONS
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - CONTACTS_ON_HOLD_AGENT_DISCONNECT
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - CONTACTS_ON_HOLD_CUSTOMER_DISCONNECT
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - CONTACTS_PUT_ON_HOLD
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - CONTACTS_TRANSFERRED_OUT_EXTERNAL
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - CONTACTS_TRANSFERRED_OUT_INTERNAL
\n - \n
Unit: Percent
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - CONTACTS_QUEUED
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - CONTACTS_RESOLVED_IN_X
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile,\n contact/segmentAttributes/connect:Subtype
\n Threshold: For ThresholdValue enter any whole number from 1 to 604800\n (inclusive), in seconds. For Comparison, you must enter LT (for\n \"Less than\").
\n \n - CONTACTS_TRANSFERRED_OUT
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,\n contact/segmentAttributes/connect:Subtype
\n \n Feature is a valid filter but not a valid grouping.
\n \n \n - CONTACTS_TRANSFERRED_OUT_BY_AGENT
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - CONTACTS_TRANSFERRED_OUT_FROM_QUEUE
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - MAX_QUEUED_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - PERCENT_CONTACTS_STEP_EXPIRED
\n - \n
Unit: Percent
\n Valid groupings and filters: Queue, RoutingStepExpression
\n \n - PERCENT_CONTACTS_STEP_JOINED
\n - \n
Unit: Percent
\n Valid groupings and filters: Queue, RoutingStepExpression
\n \n - PERCENT_NON_TALK_TIME
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Percentage
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - PERCENT_TALK_TIME
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Percentage
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - PERCENT_TALK_TIME_AGENT
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Percentage
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - PERCENT_TALK_TIME_CUSTOMER
\n - \n
This metric is available only for contacts analyzed by Contact Lens conversational\n analytics.
\n Unit: Percentage
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - SERVICE_LEVEL
\n - \n
You can include up to 20 SERVICE_LEVEL metrics in a request.
\n Unit: Percent
\n Valid groupings and filters: Queue, Channel, Routing Profile
\n Threshold: For ThresholdValue, enter any whole number from 1 to 604800\n (inclusive), in seconds. For Comparison, you must enter LT (for\n \"Less than\").
\n \n - STEP_CONTACTS_QUEUED
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, RoutingStepExpression
\n \n - SUM_AFTER_CONTACT_WORK_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_CONNECTING_TIME_AGENT
\n - \n
Unit: Seconds
\n Valid metric filter key: INITIATION_METHOD. This metric only supports the\n following filter keys as INITIATION_METHOD: INBOUND |\n OUTBOUND | CALLBACK | API\n
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n The Negate key in Metric Level Filters is not applicable for this\n metric.
\n \n \n - SUM_CONTACT_FLOW_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_CONTACT_TIME_AGENT
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_CONTACTS_ANSWERED_IN_X
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile,\n contact/segmentAttributes/connect:Subtype
\n Threshold: For ThresholdValue, enter any whole number from 1 to 604800\n (inclusive), in seconds. For Comparison, you must enter LT (for\n \"Less than\").
\n \n - SUM_CONTACTS_ABANDONED_IN_X
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile,\n contact/segmentAttributes/connect:Subtype
\n Threshold: For ThresholdValue, enter any whole number from 1 to 604800\n (inclusive), in seconds. For Comparison, you must enter LT (for\n \"Less than\").
\n \n - SUM_CONTACTS_DISCONNECTED
\n - \n
Valid metric filter key: DISCONNECT_REASON\n
\n Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,\n contact/segmentAttributes/connect:Subtype
\n \n - SUM_ERROR_STATUS_TIME_AGENT
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_HANDLE_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_HOLD_TIME
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_IDLE_TIME_AGENT
\n - \n
Unit: Seconds
\n Valid groupings and filters: Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_INTERACTION_AND_HOLD_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_INTERACTION_TIME
\n - \n
Unit: Seconds
\n Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_NON_PRODUCTIVE_TIME_AGENT
\n - \n
Unit: Seconds
\n Valid groupings and filters: Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_ONLINE_TIME_AGENT
\n - \n
Unit: Seconds
\n Valid groupings and filters: Routing Profile, Agent, Agent Hierarchy
\n \n - SUM_RETRY_CALLBACK_ATTEMPTS
\n - \n
Unit: Count
\n Valid groupings and filters: Queue, Channel, Routing Profile,\n contact/segmentAttributes/connect:Subtype
\n \n
",
"smithy.api#required": {}
}
},
@@ -16851,6 +16858,12 @@
"traits": {
"smithy.api#enumValue": "ENHANCED_CONTACT_MONITORING"
}
+ },
+ "ENHANCED_CHAT_MONITORING": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ENHANCED_CHAT_MONITORING"
+ }
}
}
},
@@ -22409,7 +22422,7 @@
"AllowedMonitorCapabilities": {
"target": "com.amazonaws.connect#AllowedMonitorCapabilities",
"traits": {
- "smithy.api#documentation": "Specify which monitoring actions the user is allowed to take. For example, whether the user\n is allowed to escalate from silent monitoring to barge.
"
+ "smithy.api#documentation": "Specify which monitoring actions the user is allowed to take. For example, whether the user\n is allowed to escalate from silent monitoring to barge. AllowedMonitorCapabilities is required if barge is enabled.
"
}
},
"ClientToken": {
@@ -22450,7 +22463,8 @@
"smithy.api#length": {
"min": 0,
"max": 512
- }
+ },
+ "smithy.api#sensitive": {}
}
},
"com.amazonaws.connect#Name128": {
@@ -22822,6 +22836,12 @@
"traits": {
"smithy.api#enumValue": "CUSTOM_BOT"
}
+ },
+ "SUPERVISOR": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "SUPERVISOR"
+ }
}
}
},
@@ -22955,7 +22975,8 @@
"com.amazonaws.connect#Password": {
"type": "string",
"traits": {
- "smithy.api#pattern": "^/^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)[a-zA-Z\\d\\S]{8,64}$/$"
+ "smithy.api#pattern": "^/^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)[a-zA-Z\\d\\S]{8,64}$/$",
+ "smithy.api#sensitive": {}
}
},
"com.amazonaws.connect#PauseContact": {
diff --git a/codegen/sdk-codegen/aws-models/connectcampaigns.json b/codegen/sdk-codegen/aws-models/connectcampaigns.json
index a005a63c1af..5315bb12fe6 100644
--- a/codegen/sdk-codegen/aws-models/connectcampaigns.json
+++ b/codegen/sdk-codegen/aws-models/connectcampaigns.json
@@ -184,7 +184,6 @@
]
}
],
- "type": "tree",
"rules": [
{
"conditions": [
@@ -227,7 +226,8 @@
},
"type": "endpoint"
}
- ]
+ ],
+ "type": "tree"
},
{
"conditions": [
@@ -240,7 +240,6 @@
]
}
],
- "type": "tree",
"rules": [
{
"conditions": [
@@ -254,7 +253,6 @@
"assign": "PartitionResult"
}
],
- "type": "tree",
"rules": [
{
"conditions": [
@@ -277,7 +275,6 @@
]
}
],
- "type": "tree",
"rules": [
{
"conditions": [
@@ -312,7 +309,6 @@
]
}
],
- "type": "tree",
"rules": [
{
"conditions": [],
@@ -323,14 +319,16 @@
},
"type": "endpoint"
}
- ]
+ ],
+ "type": "tree"
},
{
"conditions": [],
"error": "FIPS and DualStack are enabled, but this partition does not support one or both",
"type": "error"
}
- ]
+ ],
+ "type": "tree"
},
{
"conditions": [
@@ -344,14 +342,12 @@
]
}
],
- "type": "tree",
"rules": [
{
"conditions": [
{
"fn": "booleanEquals",
"argv": [
- true,
{
"fn": "getAttr",
"argv": [
@@ -360,11 +356,11 @@
},
"supportsFIPS"
]
- }
+ },
+ true
]
}
],
- "type": "tree",
"rules": [
{
"conditions": [],
@@ -375,14 +371,16 @@
},
"type": "endpoint"
}
- ]
+ ],
+ "type": "tree"
},
{
"conditions": [],
"error": "FIPS is enabled but this partition does not support FIPS",
"type": "error"
}
- ]
+ ],
+ "type": "tree"
},
{
"conditions": [
@@ -396,7 +394,6 @@
]
}
],
- "type": "tree",
"rules": [
{
"conditions": [
@@ -416,7 +413,6 @@
]
}
],
- "type": "tree",
"rules": [
{
"conditions": [],
@@ -427,14 +423,16 @@
},
"type": "endpoint"
}
- ]
+ ],
+ "type": "tree"
},
{
"conditions": [],
"error": "DualStack is enabled but this partition does not support DualStack",
"type": "error"
}
- ]
+ ],
+ "type": "tree"
},
{
"conditions": [],
@@ -445,9 +443,11 @@
},
"type": "endpoint"
}
- ]
+ ],
+ "type": "tree"
}
- ]
+ ],
+ "type": "tree"
},
{
"conditions": [],
@@ -834,7 +834,7 @@
"min": 20,
"max": 500
},
- "smithy.api#pattern": "^arn:.*"
+ "smithy.api#pattern": "^arn:.*$"
}
},
"com.amazonaws.connectcampaigns#AttributeName": {
@@ -855,7 +855,8 @@
"smithy.api#length": {
"min": 0,
"max": 32767
- }
+ },
+ "smithy.api#pattern": "^.*$"
}
},
"com.amazonaws.connectcampaigns#Attributes": {
@@ -956,7 +957,8 @@
"smithy.api#length": {
"min": 0,
"max": 256
- }
+ },
+ "smithy.api#pattern": "^[\\S]*$"
}
},
"com.amazonaws.connectcampaigns#CampaignIdList": {
@@ -1058,8 +1060,9 @@
"smithy.api#documentation": "Client provided parameter used for idempotency. Its value must be unique for each request.",
"smithy.api#length": {
"min": 0,
- "max": 64
- }
+ "max": 200
+ },
+ "smithy.api#pattern": "^[a-zA-Z0-9_\\-.]*$"
}
},
"com.amazonaws.connectcampaigns#ConflictException": {
@@ -1397,6 +1400,7 @@
"min": 0,
"max": 20
},
+ "smithy.api#pattern": "^[\\d\\-+]*$",
"smithy.api#sensitive": {}
}
},
@@ -1435,7 +1439,12 @@
"com.amazonaws.connectcampaigns#DialRequestId": {
"type": "string",
"traits": {
- "smithy.api#documentation": "Identifier representing a Dial request"
+ "smithy.api#documentation": "Identifier representing a Dial request",
+ "smithy.api#length": {
+ "min": 0,
+ "max": 256
+ },
+ "smithy.api#pattern": "^[a-zA-Z0-9_\\-.]*$"
}
},
"com.amazonaws.connectcampaigns#DialRequestList": {
@@ -1893,7 +1902,8 @@
"smithy.api#length": {
"min": 0,
"max": 256
- }
+ },
+ "smithy.api#pattern": "^[a-zA-Z0-9_\\-.]*$"
}
},
"com.amazonaws.connectcampaigns#InstanceIdFilter": {
diff --git a/codegen/sdk-codegen/aws-models/connectparticipant.json b/codegen/sdk-codegen/aws-models/connectparticipant.json
index b78cd1d1b7a..4b972d0224d 100644
--- a/codegen/sdk-codegen/aws-models/connectparticipant.json
+++ b/codegen/sdk-codegen/aws-models/connectparticipant.json
@@ -136,7 +136,6 @@
]
}
],
- "type": "tree",
"rules": [
{
"conditions": [
@@ -179,7 +178,8 @@
},
"type": "endpoint"
}
- ]
+ ],
+ "type": "tree"
},
{
"conditions": [
@@ -192,7 +192,6 @@
]
}
],
- "type": "tree",
"rules": [
{
"conditions": [
@@ -206,7 +205,6 @@
"assign": "PartitionResult"
}
],
- "type": "tree",
"rules": [
{
"conditions": [
@@ -229,7 +227,6 @@
]
}
],
- "type": "tree",
"rules": [
{
"conditions": [
@@ -264,7 +261,6 @@
]
}
],
- "type": "tree",
"rules": [
{
"conditions": [],
@@ -275,14 +271,16 @@
},
"type": "endpoint"
}
- ]
+ ],
+ "type": "tree"
},
{
"conditions": [],
"error": "FIPS and DualStack are enabled, but this partition does not support one or both",
"type": "error"
}
- ]
+ ],
+ "type": "tree"
},
{
"conditions": [
@@ -296,14 +294,12 @@
]
}
],
- "type": "tree",
"rules": [
{
"conditions": [
{
"fn": "booleanEquals",
"argv": [
- true,
{
"fn": "getAttr",
"argv": [
@@ -312,18 +308,17 @@
},
"supportsFIPS"
]
- }
+ },
+ true
]
}
],
- "type": "tree",
"rules": [
{
"conditions": [
{
"fn": "stringEquals",
"argv": [
- "aws-us-gov",
{
"fn": "getAttr",
"argv": [
@@ -332,7 +327,8 @@
},
"name"
]
- }
+ },
+ "aws-us-gov"
]
}
],
@@ -352,14 +348,16 @@
},
"type": "endpoint"
}
- ]
+ ],
+ "type": "tree"
},
{
"conditions": [],
"error": "FIPS is enabled but this partition does not support FIPS",
"type": "error"
}
- ]
+ ],
+ "type": "tree"
},
{
"conditions": [
@@ -373,7 +371,6 @@
]
}
],
- "type": "tree",
"rules": [
{
"conditions": [
@@ -393,7 +390,6 @@
]
}
],
- "type": "tree",
"rules": [
{
"conditions": [],
@@ -404,14 +400,16 @@
},
"type": "endpoint"
}
- ]
+ ],
+ "type": "tree"
},
{
"conditions": [],
"error": "DualStack is enabled but this partition does not support DualStack",
"type": "error"
}
- ]
+ ],
+ "type": "tree"
},
{
"conditions": [],
@@ -422,9 +420,11 @@
},
"type": "endpoint"
}
- ]
+ ],
+ "type": "tree"
}
- ]
+ ],
+ "type": "tree"
},
{
"conditions": [],
@@ -1762,6 +1762,12 @@
"traits": {
"smithy.api#enumValue": "CUSTOM_BOT"
}
+ },
+ "SUPERVISOR": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "SUPERVISOR"
+ }
}
}
},
@@ -1905,6 +1911,12 @@
"traits": {
"smithy.api#enumValue": "USER"
}
+ },
+ "PHONE_NUMBER": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "PHONE_NUMBER"
+ }
}
}
},
@@ -1937,6 +1949,9 @@
{
"target": "com.amazonaws.connectparticipant#AccessDeniedException"
},
+ {
+ "target": "com.amazonaws.connectparticipant#ConflictException"
+ },
{
"target": "com.amazonaws.connectparticipant#InternalServerException"
},
diff --git a/codegen/sdk-codegen/aws-models/ec2.json b/codegen/sdk-codegen/aws-models/ec2.json
index c06246adb0c..9dadc8a3c70 100644
--- a/codegen/sdk-codegen/aws-models/ec2.json
+++ b/codegen/sdk-codegen/aws-models/ec2.json
@@ -5969,6 +5969,14 @@
"10.0.0.82"
]
}
+ },
+ {
+ "title": "To assign secondary private IP addresses that Amazon EC2 selects to an interface",
+ "documentation": "This example assigns two secondary private IP addresses to the specified network interface. Amazon EC2 automatically assigns these IP addresses from the available IP addresses in the CIDR block range of the subnet the network interface is associated with.",
+ "input": {
+ "NetworkInterfaceId": "eni-e5aa89a3",
+ "SecondaryPrivateIpAddressCount": 2
+ }
}
]
}
@@ -6178,6 +6186,17 @@
"output": {
"AssociationId": "eipassoc-2bebb745"
}
+ },
+ {
+ "title": "To associate an Elastic IP address with a network interface",
+ "documentation": "This example associates the specified Elastic IP address with the specified network interface.",
+ "input": {
+ "AllocationId": "eipalloc-64d5890a",
+ "NetworkInterfaceId": "eni-1a2b3c4d"
+ },
+ "output": {
+ "AssociationId": "eipassoc-2bebb745"
+ }
}
]
}
@@ -6347,6 +6366,14 @@
"DhcpOptionsId": "dopt-d9070ebb",
"VpcId": "vpc-a01106c2"
}
+ },
+ {
+ "title": "To associate the default DHCP options set with a VPC",
+ "documentation": "This example associates the default DHCP options set with the specified VPC.",
+ "input": {
+ "DhcpOptionsId": "default",
+ "VpcId": "vpc-a01106c2"
+ }
}
]
}
@@ -8279,6 +8306,26 @@
]
},
"output": {}
+ },
+ {
+ "title": "To add a rule that allows outbound traffic to a specific security group",
+ "documentation": "This example adds a rule that grants access to the specified security group on TCP port 80.",
+ "input": {
+ "GroupId": "sg-1a2b3c4d",
+ "IpPermissions": [
+ {
+ "IpProtocol": "tcp",
+ "FromPort": 80,
+ "ToPort": 80,
+ "UserIdGroupPairs": [
+ {
+ "GroupId": "sg-4b51a32f"
+ }
+ ]
+ }
+ ]
+ },
+ "output": {}
}
]
}
@@ -8427,6 +8474,48 @@
]
},
"output": {}
+ },
+ {
+ "title": "To add a rule that allows inbound HTTP traffic from another security group",
+ "documentation": "This example enables inbound traffic on TCP port 80 from the specified security group. The group must be in the same VPC or a peer VPC. Incoming traffic is allowed based on the private IP addresses of instances that are associated with the specified security group.",
+ "input": {
+ "GroupId": "sg-111aaa22",
+ "IpPermissions": [
+ {
+ "IpProtocol": "tcp",
+ "FromPort": 80,
+ "ToPort": 80,
+ "UserIdGroupPairs": [
+ {
+ "GroupId": "sg-1a2b3c4d",
+ "Description": "HTTP access from other instances"
+ }
+ ]
+ }
+ ]
+ },
+ "output": {}
+ },
+ {
+ "title": "To add a rule that allows inbound RDP traffic from an IPv6 address range",
+ "documentation": "This example adds an inbound rule that allows RDP traffic from the specified IPv6 address range. The rule includes a description to help you identify it later.",
+ "input": {
+ "GroupId": "sg-123abc12 ",
+ "IpPermissions": [
+ {
+ "IpProtocol": "tcp",
+ "FromPort": 3389,
+ "ToPort": 3389,
+ "Ipv6Ranges": [
+ {
+ "CidrIpv6": "2001:db8:1234:1a00::/64",
+ "Description": "RDP access from the NY office"
+ }
+ ]
+ }
+ ]
+ },
+ "output": {}
}
]
}
@@ -10013,6 +10102,25 @@
}
]
}
+ },
+ {
+ "title": "To cancel a Spot fleet request without terminating its Spot Instances",
+ "documentation": "This example cancels the specified Spot fleet request without terminating its associated Spot Instances.",
+ "input": {
+ "SpotFleetRequestIds": [
+ "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE"
+ ],
+ "TerminateInstances": false
+ },
+ "output": {
+ "SuccessfulFleetRequests": [
+ {
+ "SpotFleetRequestId": "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE",
+ "CurrentSpotFleetRequestState": "cancelled_terminating",
+ "PreviousSpotFleetRequestState": "active"
+ }
+ ]
+ }
}
]
}
@@ -20674,6 +20782,28 @@
"CreateTime": "2016-08-29T18:52:32.724Z",
"Size": 80
}
+ },
+ {
+ "title": "To create a new Provisioned IOPS (SSD) volume from a snapshot",
+ "documentation": "This example creates a new Provisioned IOPS (SSD) volume with 1000 provisioned IOPS from a snapshot in the Availability Zone ``us-east-1a``.",
+ "input": {
+ "AvailabilityZone": "us-east-1a",
+ "Iops": 1000,
+ "VolumeType": "io1",
+ "SnapshotId": "snap-066877671789bd71b"
+ },
+ "output": {
+ "AvailabilityZone": "us-east-1a",
+ "Attachments": [],
+ "Tags": [],
+ "VolumeType": "io1",
+ "VolumeId": "vol-1234567890abcdef0",
+ "State": "creating",
+ "Iops": 1000,
+ "SnapshotId": "snap-066877671789bd71b",
+ "CreateTime": "2016-08-29T18:52:32.724Z",
+ "Size": 500
+ }
}
]
}
@@ -26614,6 +26744,65 @@
}
]
}
+ },
+ {
+ "title": "To describe all attributes for your AWS account",
+ "documentation": "This example describes the attributes for your AWS account.",
+ "output": {
+ "AccountAttributes": [
+ {
+ "AttributeName": "supported-platforms",
+ "AttributeValues": [
+ {
+ "AttributeValue": "EC2"
+ },
+ {
+ "AttributeValue": "VPC"
+ }
+ ]
+ },
+ {
+ "AttributeName": "vpc-max-security-groups-per-interface",
+ "AttributeValues": [
+ {
+ "AttributeValue": "5"
+ }
+ ]
+ },
+ {
+ "AttributeName": "max-elastic-ips",
+ "AttributeValues": [
+ {
+ "AttributeValue": "5"
+ }
+ ]
+ },
+ {
+ "AttributeName": "max-instances",
+ "AttributeValues": [
+ {
+ "AttributeValue": "20"
+ }
+ ]
+ },
+ {
+ "AttributeName": "vpc-max-elastic-ips",
+ "AttributeValues": [
+ {
+ "AttributeValue": "5"
+ }
+ ]
+ },
+ {
+ "AttributeName": "default-vpc",
+ "AttributeValues": [
+ {
+ "AttributeValue": "none"
+ }
+ ]
+ }
+ ]
+ }
}
]
}
@@ -27388,7 +27577,7 @@
"MaxResults": {
"target": "com.amazonaws.ec2#DescribeCapacityBlockOfferingsMaxResults",
"traits": {
- "smithy.api#documentation": "The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned nextToken value. This value can be between 5 and 500. If maxResults is given a larger value than 500, you receive an error.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request. To get the next page of items, make another request with the token returned in the output. For more information, \n see Pagination.
"
}
}
},
@@ -27466,7 +27655,7 @@
"MaxResults": {
"target": "com.amazonaws.ec2#DescribeCapacityReservationFleetsMaxResults",
"traits": {
- "smithy.api#documentation": "The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned nextToken value. This value can be between 5 and 500. If maxResults is given a larger value than 500, you receive an error.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request. To get the next page of items, make another request with the token returned in the output. For more information, \n see Pagination.
"
}
},
"Filters": {
@@ -27557,7 +27746,7 @@
"MaxResults": {
"target": "com.amazonaws.ec2#DescribeCapacityReservationsMaxResults",
"traits": {
- "smithy.api#documentation": "The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned nextToken value. This value can be between 5 and 500. If maxResults is given a larger value than 500, you receive an error.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request. To get the next page of items, make another request with the token returned in the output. For more information, \n see Pagination.
"
}
},
"Filters": {
@@ -30981,6 +31170,37 @@
"Value": "t1.micro"
}
}
+ },
+ {
+ "title": "To describe the block device mapping for an instance",
+ "documentation": "This example describes the ``blockDeviceMapping`` attribute of the specified instance.\n",
+ "input": {
+ "InstanceId": "i-1234567890abcdef0",
+ "Attribute": "blockDeviceMapping"
+ },
+ "output": {
+ "InstanceId": "i-1234567890abcdef0",
+ "BlockDeviceMappings": [
+ {
+ "DeviceName": "/dev/sda1",
+ "Ebs": {
+ "Status": "attached",
+ "DeleteOnTermination": true,
+ "VolumeId": "vol-049df61146c4d7901",
+ "AttachTime": "2013-05-17T22:42:34.000Z"
+ }
+ },
+ {
+ "DeviceName": "/dev/sdf",
+ "Ebs": {
+ "Status": "attached",
+ "DeleteOnTermination": false,
+ "VolumeId": "vol-049df61146c4d7901",
+ "AttachTime": "2013-09-10T23:07:00.000Z"
+ }
+ }
+ ]
+ }
}
]
}
@@ -31786,6 +32006,36 @@
]
},
"output": {}
+ },
+ {
+ "title": "To describe the instances with a specific instance type",
+ "documentation": "This example describes the instances with the t2.micro instance type.",
+ "input": {
+ "Filters": [
+ {
+ "Name": "instance-type",
+ "Values": [
+ "t2.micro"
+ ]
+ }
+ ]
+ },
+ "output": {}
+ },
+ {
+ "title": "To describe the instances with a specific tag",
+ "documentation": "This example describes the instances with the Purpose=test tag.",
+ "input": {
+ "Filters": [
+ {
+ "Name": "tag:Purpose",
+ "Values": [
+ "test"
+ ]
+ }
+ ]
+ },
+ "output": {}
}
],
"smithy.api#paginated": {
@@ -34640,6 +34890,51 @@
"InstanceOwnerId": "123456789012"
}
}
+ },
+ {
+ "title": "To describe the description attribute of a network interface",
+ "documentation": "This example describes the description attribute of the specified network interface.",
+ "input": {
+ "NetworkInterfaceId": "eni-686ea200",
+ "Attribute": "description"
+ },
+ "output": {
+ "NetworkInterfaceId": "eni-686ea200",
+ "Description": {
+ "Value": "My description"
+ }
+ }
+ },
+ {
+ "title": "To describe the groupSet attribute of a network interface",
+ "documentation": "This example describes the groupSet attribute of the specified network interface.",
+ "input": {
+ "NetworkInterfaceId": "eni-686ea200",
+ "Attribute": "groupSet"
+ },
+ "output": {
+ "NetworkInterfaceId": "eni-686ea200",
+ "Groups": [
+ {
+ "GroupName": "my-security-group",
+ "GroupId": "sg-903004f8"
+ }
+ ]
+ }
+ },
+ {
+ "title": "To describe the sourceDestCheck attribute of a network interface",
+ "documentation": "This example describes the sourceDestCheck attribute of the specified network interface.",
+ "input": {
+ "NetworkInterfaceId": "eni-686ea200",
+ "Attribute": "sourceDestCheck"
+ },
+ "output": {
+ "NetworkInterfaceId": "eni-686ea200",
+ "SourceDestCheck": {
+ "Value": true
+ }
+ }
}
]
}
@@ -36393,6 +36688,21 @@
]
},
"output": {}
+ },
+ {
+ "title": "To describe a tagged security group",
+ "documentation": "This example describes the security groups that include the specified tag (Purpose=test).",
+ "input": {
+ "Filters": [
+ {
+ "Name": "tag:Purpose",
+ "Values": [
+ "test"
+ ]
+ }
+ ]
+ },
+ "output": {}
}
],
"smithy.api#paginated": {
@@ -36713,6 +37023,38 @@
],
"NextToken": ""
}
+ },
+ {
+ "title": "To describe snapshots using filters",
+ "documentation": "This example describes all snapshots owned by the ID 012345678910 that are in the ``pending`` status.",
+ "input": {
+ "OwnerIds": [
+ "012345678910"
+ ],
+ "Filters": [
+ {
+ "Values": [
+ "pending"
+ ],
+ "Name": "status"
+ }
+ ]
+ },
+ "output": {
+ "Snapshots": [
+ {
+ "Description": "This is my copied snapshot.",
+ "VolumeId": "vol-1234567890abcdef0",
+ "State": "pending",
+ "VolumeSize": 8,
+ "Progress": "87%",
+ "StartTime": "2014-02-28T21:37:27.000Z",
+ "SnapshotId": "snap-066877671789bd71b",
+ "OwnerId": "012345678910"
+ }
+ ],
+ "NextToken": ""
+ }
}
],
"smithy.api#paginated": {
@@ -39920,6 +40262,23 @@
}
]
}
+ },
+ {
+ "title": "To describe the status of impaired volumes",
+ "documentation": "This example describes the status for all volumes that are impaired. In this example output, there are no impaired volumes.",
+ "input": {
+ "Filters": [
+ {
+ "Values": [
+ "impaired"
+ ],
+ "Name": "volume-status.status"
+ }
+ ]
+ },
+ "output": {
+ "VolumeStatuses": []
+ }
}
],
"smithy.api#paginated": {
@@ -40034,6 +40393,49 @@
],
"NextToken": ""
}
+ },
+ {
+ "title": "To describe volumes that are attached to a specific instance",
+ "documentation": "This example describes all volumes that are both attached to the instance with the ID i-1234567890abcdef0 and set to delete when the instance terminates.",
+ "input": {
+ "Filters": [
+ {
+ "Values": [
+ "i-1234567890abcdef0"
+ ],
+ "Name": "attachment.instance-id"
+ },
+ {
+ "Values": [
+ "true"
+ ],
+ "Name": "attachment.delete-on-termination"
+ }
+ ]
+ },
+ "output": {
+ "Volumes": [
+ {
+ "AvailabilityZone": "us-east-1a",
+ "Attachments": [
+ {
+ "AttachTime": "2013-12-18T22:35:00.000Z",
+ "InstanceId": "i-1234567890abcdef0",
+ "VolumeId": "vol-049df61146c4d7901",
+ "State": "attached",
+ "DeleteOnTermination": true,
+ "Device": "/dev/sda1"
+ }
+ ],
+ "VolumeType": "standard",
+ "VolumeId": "vol-049df61146c4d7901",
+ "State": "in-use",
+ "SnapshotId": "snap-1234567890abcdef0",
+ "CreateTime": "2013-12-18T22:35:00.084Z",
+ "Size": 8
+ }
+ ]
+ }
}
],
"smithy.api#paginated": {
@@ -40296,6 +40698,20 @@
"Value": true
}
}
+ },
+ {
+ "title": "To describe the enableDnsHostnames attribute",
+ "documentation": "This example describes the enableDnsHostnames attribute. This attribute indicates whether the instances launched in the VPC get DNS hostnames. If this attribute is true, instances in the VPC get DNS hostnames; otherwise, they do not.",
+ "input": {
+ "VpcId": "vpc-a01106c2",
+ "Attribute": "enableDnsHostnames"
+ },
+ "output": {
+ "VpcId": "vpc-a01106c2",
+ "EnableDnsHostnames": {
+ "Value": true
+ }
+ }
}
]
}
@@ -41820,7 +42236,7 @@
"target": "com.amazonaws.ec2#VolumeAttachment"
},
"traits": {
- "smithy.api#documentation": "Detaches an EBS volume from an instance. Make sure to unmount any file systems on the\n device within your operating system before detaching the volume. Failure to do so can result\n in the volume becoming stuck in the busy state while detaching. If this happens,\n detachment can be delayed indefinitely until you unmount the volume, force detachment, reboot\n the instance, or all three. If an EBS volume is the root device of an instance, it can't be\n detached while the instance is running. To detach the root volume, stop the instance\n first.
\n When a volume with an Amazon Web Services Marketplace product code is detached from an instance, the\n product code is no longer associated with the instance.
\n For more information, see Detach an Amazon EBS volume in the\n Amazon Elastic Compute Cloud User Guide.
",
+ "smithy.api#documentation": "Detaches an EBS volume from an instance. Make sure to unmount any file systems on the\n device within your operating system before detaching the volume. Failure to do so can result\n in the volume becoming stuck in the busy state while detaching. If this happens,\n detachment can be delayed indefinitely until you unmount the volume, force detachment, reboot\n the instance, or all three. If an EBS volume is the root device of an instance, it can't be\n detached while the instance is running. To detach the root volume, stop the instance\n first.
\n When a volume with an Amazon Web Services Marketplace product code is detached from an instance, the\n product code is no longer associated with the instance.
\n You can't detach or force detach volumes that are attached to Amazon ECS or \n Fargate tasks. Attempting to do this results in the UnsupportedOperationException \n exception with the Unable to detach volume attached to ECS tasks error message.
\n For more information, see Detach an Amazon EBS volume in the\n Amazon Elastic Compute Cloud User Guide.
",
"smithy.api#examples": [
{
"title": "To detach a volume from an instance",
@@ -44651,6 +45067,22 @@
"smithy.api#documentation": "The ID of the EBS volume.
",
"smithy.api#xmlName": "volumeId"
}
+ },
+ "AssociatedResource": {
+ "target": "com.amazonaws.ec2#String",
+ "traits": {
+ "aws.protocols#ec2QueryName": "AssociatedResource",
+ "smithy.api#documentation": "The ARN of the Amazon ECS or Fargate task \n to which the volume is attached.
",
+ "smithy.api#xmlName": "associatedResource"
+ }
+ },
+ "VolumeOwnerId": {
+ "target": "com.amazonaws.ec2#String",
+ "traits": {
+ "aws.protocols#ec2QueryName": "VolumeOwnerId",
+ "smithy.api#documentation": "The ID of the Amazon Web Services account that owns the volume.
\n This parameter is returned only for volumes that are attached to \n Fargate tasks.
",
+ "smithy.api#xmlName": "volumeOwnerId"
+ }
}
},
"traits": {
@@ -46336,7 +46768,7 @@
"target": "com.amazonaws.ec2#SnapshotBlockPublicAccessState",
"traits": {
"smithy.api#clientOptional": {},
- "smithy.api#documentation": "The mode in which to enable block public access for snapshots for the Region. \n Specify one of the following values:
\n \n - \n
\n block-all-sharing - Prevents all public sharing of snapshots in \n the Region. Users in the account will no longer be able to request new public \n sharing. Additionally, snapshots that are already publicly shared are treated as \n private and they are no longer publicly available.
\n \n If you enable block public access for snapshots in block-all-sharing \n mode, it does not change the permissions for snapshots that are already publicly shared. \n Instead, it prevents these snapshots from be publicly visible and publicly accessible. \n Therefore, the attributes for these snapshots still indicate that they are publicly \n shared, even though they are not publicly available.
\n \n \n - \n
\n block-new-sharing - Prevents only new public sharing of snapshots \n in the Region. Users in the account will no longer be able to request new public \n sharing. However, snapshots that are already publicly shared, remain publicly \n available.
\n \n
",
+ "smithy.api#documentation": "The mode in which to enable block public access for snapshots for the Region. \n Specify one of the following values:
\n \n - \n
\n block-all-sharing - Prevents all public sharing of snapshots in \n the Region. Users in the account will no longer be able to request new public \n sharing. Additionally, snapshots that are already publicly shared are treated as \n private and they are no longer publicly available.
\n \n If you enable block public access for snapshots in block-all-sharing \n mode, it does not change the permissions for snapshots that are already publicly shared. \n Instead, it prevents these snapshots from be publicly visible and publicly accessible. \n Therefore, the attributes for these snapshots still indicate that they are publicly \n shared, even though they are not publicly available.
\n \n \n - \n
\n block-new-sharing - Prevents only new public sharing of snapshots \n in the Region. Users in the account will no longer be able to request new public \n sharing. However, snapshots that are already publicly shared, remain publicly \n available.
\n \n
\n \n unblocked is not a valid value for EnableSnapshotBlockPublicAccess.
",
"smithy.api#required": {}
}
},
@@ -50272,7 +50704,7 @@
"MaxResults": {
"target": "com.amazonaws.ec2#GetCapacityReservationUsageRequestMaxResults",
"traits": {
- "smithy.api#documentation": "The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned nextToken value. This value can be between 5 and 500. If maxResults is given a larger value than 500, you receive an error.
\n Valid range: Minimum value of 1. Maximum value of 1000.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request. To get the next page of items, make another request with the token returned in the output. For more information, \n see Pagination.
"
}
},
"DryRun": {
@@ -50851,7 +51283,7 @@
"MaxResults": {
"target": "com.amazonaws.ec2#GetGroupsForCapacityReservationRequestMaxResults",
"traits": {
- "smithy.api#documentation": "The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned nextToken value. This value can be between 5 and 500. If maxResults is given a larger value than 500, you receive an error.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request. To get the next page of items, make another request with the token returned in the output. For more information, \n see Pagination.
"
}
},
"DryRun": {
@@ -52682,7 +53114,7 @@
"TargetCapacityUnitType": {
"target": "com.amazonaws.ec2#TargetCapacityUnitType",
"traits": {
- "smithy.api#documentation": "The unit for the target capacity.
\n Default: units (translates to number of instances)
"
+ "smithy.api#documentation": "The unit for the target capacity.
"
}
},
"SingleAvailabilityZone": {
@@ -58662,7 +59094,7 @@
"HttpTokens": {
"target": "com.amazonaws.ec2#HttpTokensState",
"traits": {
- "smithy.api#documentation": "IMDSv2 uses token-backed sessions. Set the use of HTTP tokens to optional\n (in other words, set the use of IMDSv2 to optional) or\n required (in other words, set the use of IMDSv2 to\n required).
\n \n - \n
\n optional - When IMDSv2 is optional, you can choose to retrieve instance metadata with or without \n a session token in your request. If you retrieve the IAM role credentials \n without a token, the IMDSv1 role credentials are returned. If you retrieve the IAM role credentials \n using a valid session token, the IMDSv2 role credentials are returned.
\n \n - \n
\n required - When IMDSv2 is required, you must send a session token \n with any instance metadata retrieval requests. In this state, retrieving the IAM role \n credentials always returns IMDSv2 credentials; IMDSv1 credentials are not available.
\n \n
\n Default: optional\n
"
+ "smithy.api#documentation": "Indicates whether IMDSv2 is required.
\n \n - \n
\n optional - IMDSv2 is optional. You can choose whether to send a \n session token in your instance metadata retrieval requests. If you retrieve \n IAM role credentials without a session token, you receive the IMDSv1 role \n credentials. If you retrieve IAM role credentials using a valid session token, \n you receive the IMDSv2 role credentials.
\n \n - \n
\n required - IMDSv2 is required. You must send a session token \n in your instance metadata retrieval requests. With this option, retrieving the \n IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials are \n not available.
\n \n
\n Default: If the value of ImdsSupport for the Amazon Machine Image (AMI) \n for your instance is v2.0, the default is required.
"
}
},
"HttpPutResponseHopLimit": {
@@ -58709,7 +59141,7 @@
"target": "com.amazonaws.ec2#HttpTokensState",
"traits": {
"aws.protocols#ec2QueryName": "HttpTokens",
- "smithy.api#documentation": "IMDSv2 uses token-backed sessions. Indicates whether the use of HTTP tokens is\n optional (in other words, indicates whether the use of IMDSv2 is\n optional) or required (in other words, indicates whether\n the use of IMDSv2 is required).
\n \n - \n
\n optional - When IMDSv2 is optional, you can choose to retrieve instance metadata with or without \n a session token in your request. If you retrieve the IAM role credentials \n without a token, the IMDSv1 role credentials are returned. If you retrieve the IAM role credentials \n using a valid session token, the IMDSv2 role credentials are returned.
\n \n - \n
\n required - When IMDSv2 is required, you must send a session token \n with any instance metadata retrieval requests. In this state, retrieving the IAM role \n credentials always returns IMDSv2 credentials; IMDSv1 credentials are not available.
\n \n
\n Default: optional\n
",
+ "smithy.api#documentation": "Indicates whether IMDSv2 is required.
\n \n - \n
\n optional - IMDSv2 is optional. You can choose whether to send a \n session token in your instance metadata retrieval requests. If you retrieve \n IAM role credentials without a session token, you receive the IMDSv1 role \n credentials. If you retrieve IAM role credentials using a valid session token, \n you receive the IMDSv2 role credentials.
\n \n - \n
\n required - IMDSv2 is required. You must send a session token \n in your instance metadata retrieval requests. With this option, retrieving the \n IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials are \n not available.
\n \n
",
"smithy.api#xmlName": "httpTokens"
}
},
@@ -64900,6 +65332,18 @@
"traits": {
"smithy.api#enumValue": "r7i.metal-48xl"
}
+ },
+ "r7iz_metal_16xl": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "r7iz.metal-16xl"
+ }
+ },
+ "r7iz_metal_32xl": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "r7iz.metal-32xl"
+ }
}
}
},
@@ -73590,6 +74034,21 @@
}
},
"output": {}
+ },
+ {
+ "title": "To grant launch permissions",
+ "documentation": "This example grants launch permissions for the specified AMI to the specified AWS account.",
+ "input": {
+ "ImageId": "ami-5731123e",
+ "LaunchPermission": {
+ "Add": [
+ {
+ "UserId": "123456789012"
+ }
+ ]
+ }
+ },
+ "output": {}
}
]
}
@@ -73711,6 +74170,17 @@
}
},
"output": {}
+ },
+ {
+ "title": "To enable enhanced networking",
+ "documentation": "This example enables enhanced networking for the specified stopped instance.",
+ "input": {
+ "InstanceId": "i-1234567890abcdef0",
+ "EnaSupport": {
+ "Value": true
+ }
+ },
+ "output": {}
}
]
}
@@ -73736,7 +74206,7 @@
"target": "com.amazonaws.ec2#InstanceBlockDeviceMappingSpecificationList",
"traits": {
"aws.protocols#ec2QueryName": "BlockDeviceMapping",
- "smithy.api#documentation": "Modifies the DeleteOnTermination attribute for volumes that are currently\n attached. The volume must be owned by the caller. If no value is specified for\n DeleteOnTermination, the default is true and the volume is\n deleted when the instance is terminated.
\n To add instance store volumes to an Amazon EBS-backed instance, you must add them when\n you launch the instance. For more information, see Update the block device mapping when launching an instance in the\n Amazon EC2 User Guide.
",
+ "smithy.api#documentation": "Modifies the DeleteOnTermination attribute for volumes that are currently\n attached. The volume must be owned by the caller. If no value is specified for\n DeleteOnTermination, the default is true and the volume is\n deleted when the instance is terminated. You can't modify the DeleteOnTermination \n attribute for volumes that are attached to Fargate tasks.
\n To add instance store volumes to an Amazon EBS-backed instance, you must add them when\n you launch the instance. For more information, see Update the block device mapping when launching an instance in the\n Amazon EC2 User Guide.
",
"smithy.api#xmlName": "blockDeviceMapping"
}
},
@@ -74204,7 +74674,7 @@
"HttpTokens": {
"target": "com.amazonaws.ec2#HttpTokensState",
"traits": {
- "smithy.api#documentation": "IMDSv2 uses token-backed sessions. Set the use of HTTP tokens to optional\n (in other words, set the use of IMDSv2 to optional) or\n required (in other words, set the use of IMDSv2 to\n required).
\n \n - \n
\n optional - When IMDSv2 is optional, you can choose to retrieve instance metadata with or without \n a session token in your request. If you retrieve the IAM role credentials \n without a token, the IMDSv1 role credentials are returned. If you retrieve the IAM role credentials \n using a valid session token, the IMDSv2 role credentials are returned.
\n \n - \n
\n required - When IMDSv2 is required, you must send a session token \n with any instance metadata retrieval requests. In this state, retrieving the IAM role \n credentials always returns IMDSv2 credentials; IMDSv1 credentials are not available.
\n \n
\n Default: optional\n
"
+ "smithy.api#documentation": "Indicates whether IMDSv2 is required.
\n \n - \n
\n optional - IMDSv2 is optional. You can choose whether to send a \n session token in your instance metadata retrieval requests. If you retrieve \n IAM role credentials without a session token, you receive the IMDSv1 role \n credentials. If you retrieve IAM role credentials using a valid session token, \n you receive the IMDSv2 role credentials.
\n \n - \n
\n required - IMDSv2 is required. You must send a session token \n in your instance metadata retrieval requests. With this option, retrieving the \n IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials are \n not available.
\n \n
\n Default: If the value of ImdsSupport for the Amazon Machine Image (AMI) \n for your instance is v2.0, the default is required.
"
}
},
"HttpPutResponseHopLimit": {
@@ -75014,6 +75484,37 @@
"DeleteOnTermination": false
}
}
+ },
+ {
+ "title": "To modify the description attribute of a network interface",
+ "documentation": "This example modifies the description attribute of the specified network interface.",
+ "input": {
+ "NetworkInterfaceId": "eni-686ea200",
+ "Description": {
+ "Value": "My description"
+ }
+ }
+ },
+ {
+ "title": "To modify the groupSet attribute of a network interface",
+ "documentation": "This example command modifies the groupSet attribute of the specified network interface.",
+ "input": {
+ "NetworkInterfaceId": "eni-686ea200",
+ "Groups": [
+ "sg-903004f8",
+ "sg-1a2b3c4d"
+ ]
+ }
+ },
+ {
+ "title": "To modify the sourceDestCheck attribute of a network interface",
+ "documentation": "This example command modifies the sourceDestCheck attribute of the specified network interface.",
+ "input": {
+ "NetworkInterfaceId": "eni-686ea200",
+ "SourceDestCheck": {
+ "Value": false
+ }
+ }
}
]
}
@@ -75308,6 +75809,19 @@
]
},
"output": {}
+ },
+ {
+ "title": "To make a snapshot public",
+ "documentation": "This example makes the snapshot ``snap-1234567890abcdef0`` public.",
+ "input": {
+ "SnapshotId": "snap-1234567890abcdef0",
+ "Attribute": "createVolumePermission",
+ "OperationType": "add",
+ "GroupNames": [
+ "all"
+ ]
+ },
+ "output": {}
}
]
}
@@ -77021,6 +77535,16 @@
"Value": false
}
}
+ },
+ {
+ "title": "To modify the enableDnsHostnames attribute",
+ "documentation": "This example modifies the enableDnsHostnames attribute. This attribute indicates whether instances launched in the VPC get DNS hostnames. If this attribute is true, instances in the VPC get DNS hostnames; otherwise, they do not.",
+ "input": {
+ "VpcId": "vpc-a01106c2",
+ "EnableDnsHostnames": {
+ "Value": false
+ }
+ }
}
]
}
@@ -86428,6 +86952,104 @@
"output": {
"SpotFleetRequestId": "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE"
}
+ },
+ {
+ "title": "To request a Spot fleet in the Availability Zone with the lowest price",
+ "documentation": "This example creates a Spot fleet request with two launch specifications that differ only by Availability Zone. The Spot fleet launches the instances in the specified Availability Zone with the lowest price. If your account supports EC2-VPC only, Amazon EC2 launches the Spot instances in the default subnet of the Availability Zone.",
+ "input": {
+ "SpotFleetRequestConfig": {
+ "SpotPrice": "0.04",
+ "TargetCapacity": 2,
+ "IamFleetRole": "arn:aws:iam::123456789012:role/my-spot-fleet-role",
+ "LaunchSpecifications": [
+ {
+ "ImageId": "ami-1a2b3c4d",
+ "KeyName": "my-key-pair",
+ "SecurityGroups": [
+ {
+ "GroupId": "sg-1a2b3c4d"
+ }
+ ],
+ "InstanceType": "m3.medium",
+ "Placement": {
+ "AvailabilityZone": "us-west-2a, us-west-2b"
+ },
+ "IamInstanceProfile": {
+ "Arn": "arn:aws:iam::123456789012:instance-profile/my-iam-role"
+ }
+ }
+ ]
+ }
+ },
+ "output": {
+ "SpotFleetRequestId": "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE"
+ }
+ },
+ {
+ "title": "To launch Spot instances in a subnet and assign them public IP addresses",
+ "documentation": "This example assigns public addresses to instances launched in a nondefault VPC. Note that when you specify a network interface, you must include the subnet ID and security group ID using the network interface.",
+ "input": {
+ "SpotFleetRequestConfig": {
+ "SpotPrice": "0.04",
+ "TargetCapacity": 2,
+ "IamFleetRole": "arn:aws:iam::123456789012:role/my-spot-fleet-role",
+ "LaunchSpecifications": [
+ {
+ "ImageId": "ami-1a2b3c4d",
+ "KeyName": "my-key-pair",
+ "InstanceType": "m3.medium",
+ "NetworkInterfaces": [
+ {
+ "DeviceIndex": 0,
+ "SubnetId": "subnet-1a2b3c4d",
+ "Groups": [
+ "sg-1a2b3c4d"
+ ],
+ "AssociatePublicIpAddress": true
+ }
+ ],
+ "IamInstanceProfile": {
+ "Arn": "arn:aws:iam::880185128111:instance-profile/my-iam-role"
+ }
+ }
+ ]
+ }
+ },
+ "output": {
+ "SpotFleetRequestId": "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE"
+ }
+ },
+ {
+ "title": "To request a Spot fleet using the diversified allocation strategy",
+ "documentation": "This example creates a Spot fleet request that launches 30 instances using the diversified allocation strategy. The launch specifications differ by instance type. The Spot fleet distributes the instances across the launch specifications such that there are 10 instances of each type.",
+ "input": {
+ "SpotFleetRequestConfig": {
+ "SpotPrice": "0.70",
+ "TargetCapacity": 30,
+ "AllocationStrategy": "diversified",
+ "IamFleetRole": "arn:aws:iam::123456789012:role/my-spot-fleet-role",
+ "LaunchSpecifications": [
+ {
+ "ImageId": "ami-1a2b3c4d",
+ "InstanceType": "c4.2xlarge",
+ "SubnetId": "subnet-1a2b3c4d"
+ },
+ {
+ "ImageId": "ami-1a2b3c4d",
+ "InstanceType": "m3.2xlarge",
+ "SubnetId": "subnet-1a2b3c4d"
+ },
+ {
+ "ImageId": "ami-1a2b3c4d",
+ "InstanceType": "r3.2xlarge",
+ "SubnetId": "subnet-1a2b3c4d"
+ }
+ ]
+ }
+ },
+ "output": {
+ "SpotFleetRequestId": "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE"
+ }
}
]
}
@@ -86509,6 +87131,26 @@
}
}
}
+ },
+ {
+ "title": "To create a one-time Spot Instance request",
+ "documentation": "This example command creates a one-time Spot Instance request for five instances in the specified subnet. Amazon EC2 launches the instances in the specified subnet. If the VPC is a nondefault VPC, the instances do not receive a public IP address by default.",
+ "input": {
+ "SpotPrice": "0.050",
+ "InstanceCount": 5,
+ "Type": "one-time",
+ "LaunchSpecification": {
+ "ImageId": "ami-1a2b3c4d",
+ "SecurityGroupIds": [
+ "sg-1a2b3c4d"
+ ],
+ "InstanceType": "m3.medium",
+ "SubnetId": "subnet-1a2b3c4d",
+ "IamInstanceProfile": {
+ "Arn": "arn:aws:iam::123456789012:instance-profile/my-iam-role"
+ }
+ }
+ }
}
]
}
@@ -91403,7 +92045,7 @@
"AssociatePublicIpAddress": {
"target": "com.amazonaws.ec2#Boolean",
"traits": {
- "smithy.api#documentation": "Indicates whether to assign a public IPv4 address to instances launched in a VPC. The\n public IPv4 address can only be assigned to a network interface for eth0, and can only be\n assigned to a new network interface, not an existing one. You cannot specify more than one\n network interface in the request. If launching into a default subnet, the default value is\n true.
"
+ "smithy.api#documentation": "Indicates whether to assign a public IPv4 address to instances launched in a VPC. The\n public IPv4 address can only be assigned to a network interface for eth0, and can only be\n assigned to a new network interface, not an existing one. You cannot specify more than one\n network interface in the request. If launching into a default subnet, the default value is\n true.
\n Starting on February 1, 2024, Amazon Web Services will charge for all public IPv4 addresses, including public IPv4 addresses \nassociated with running instances and Elastic IP addresses. For more information, see the Public IPv4 Address tab on the Amazon VPC pricing page.
"
}
},
"DeleteOnTermination": {
@@ -94106,7 +94748,7 @@
"target": "com.amazonaws.ec2#TargetCapacityUnitType",
"traits": {
"aws.protocols#ec2QueryName": "TargetCapacityUnitType",
- "smithy.api#documentation": "The unit for the target capacity. TargetCapacityUnitType can only be specified when InstanceRequirements is specified.
\n Default: units (translates to number of instances)
",
+ "smithy.api#documentation": "The unit for the target capacity. You can specify this parameter only when \n using attribute-based instance type selection.
\n Default: units (the number of instances)
",
"smithy.api#xmlName": "targetCapacityUnitType"
}
},
@@ -95322,7 +95964,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "Message",
- "smithy.api#documentation": "The message for the state change.
\n \n - \n
\n Server.InsufficientInstanceCapacity: There was insufficient\n capacity available to satisfy the launch request.
\n \n - \n
\n Server.InternalError: An internal error caused the instance to\n terminate during launch.
\n \n - \n
\n Server.ScheduledStop: The instance was stopped due to a scheduled\n retirement.
\n \n - \n
\n Server.SpotInstanceShutdown: The instance was stopped because the\n number of Spot requests with a maximum price equal to or higher than the Spot\n price exceeded available capacity or because of an increase in the Spot\n price.
\n \n - \n
\n Server.SpotInstanceTermination: The instance was terminated\n because the number of Spot requests with a maximum price equal to or higher than\n the Spot price exceeded available capacity or because of an increase in the Spot\n price.
\n \n - \n
\n Client.InstanceInitiatedShutdown: The instance was shut down\n using the shutdown -h command from the instance.
\n \n - \n
\n Client.InstanceTerminated: The instance was terminated or\n rebooted during AMI creation.
\n \n - \n
\n Client.InternalError: A client error caused the instance to\n terminate during launch.
\n \n - \n
\n Client.InvalidSnapshot.NotFound: The specified snapshot was not\n found.
\n \n - \n
\n Client.UserInitiatedHibernate: Hibernation was initiated on the\n instance.
\n \n - \n
\n Client.UserInitiatedShutdown: The instance was shut down using\n the Amazon EC2 API.
\n \n - \n
\n Client.VolumeLimitExceeded: The limit on the number of EBS\n volumes or total storage was exceeded. Decrease usage or request an increase in\n your account limits.
\n \n
",
+ "smithy.api#documentation": "The message for the state change.
\n \n - \n
\n Server.InsufficientInstanceCapacity: There was insufficient\n capacity available to satisfy the launch request.
\n \n - \n
\n Server.InternalError: An internal error caused the instance to\n terminate during launch.
\n \n - \n
\n Server.ScheduledStop: The instance was stopped due to a scheduled\n retirement.
\n \n - \n
\n Server.SpotInstanceShutdown: The instance was stopped because the\n number of Spot requests with a maximum price equal to or higher than the Spot\n price exceeded available capacity or because of an increase in the Spot\n price.
\n \n - \n
\n Server.SpotInstanceTermination: The instance was terminated\n because the number of Spot requests with a maximum price equal to or higher than\n the Spot price exceeded available capacity or because of an increase in the Spot\n price.
\n \n - \n
\n Client.InstanceInitiatedShutdown: The instance was shut down\n from the operating system of the instance.
\n \n - \n
\n Client.InstanceTerminated: The instance was terminated or\n rebooted during AMI creation.
\n \n - \n
\n Client.InternalError: A client error caused the instance to\n terminate during launch.
\n \n - \n
\n Client.InvalidSnapshot.NotFound: The specified snapshot was not\n found.
\n \n - \n
\n Client.UserInitiatedHibernate: Hibernation was initiated on the\n instance.
\n \n - \n
\n Client.UserInitiatedShutdown: The instance was shut down using\n the Amazon EC2 API.
\n \n - \n
\n Client.VolumeLimitExceeded: The limit on the number of EBS\n volumes or total storage was exceeded. Decrease usage or request an increase in\n your account limits.
\n \n
",
"smithy.api#xmlName": "message"
}
}
@@ -96446,7 +97088,7 @@
"target": "com.amazonaws.ec2#Integer",
"traits": {
"aws.protocols#ec2QueryName": "TotalTargetCapacity",
- "smithy.api#documentation": "The number of units to request, filled using\n DefaultTargetCapacityType.
",
+ "smithy.api#documentation": "The number of units to request, filled the default target capacity type.
",
"smithy.api#xmlName": "totalTargetCapacity"
}
},
@@ -96470,7 +97112,7 @@
"target": "com.amazonaws.ec2#DefaultTargetCapacityType",
"traits": {
"aws.protocols#ec2QueryName": "DefaultTargetCapacityType",
- "smithy.api#documentation": "The default TotalTargetCapacity, which is either Spot or\n On-Demand.
",
+ "smithy.api#documentation": "The default target capacity type.
",
"smithy.api#xmlName": "defaultTargetCapacityType"
}
},
@@ -96478,7 +97120,7 @@
"target": "com.amazonaws.ec2#TargetCapacityUnitType",
"traits": {
"aws.protocols#ec2QueryName": "TargetCapacityUnitType",
- "smithy.api#documentation": "The unit for the target capacity. TargetCapacityUnitType can only be specified when InstanceRequirements is specified.
\n Default: units (translates to number of instances)
",
+ "smithy.api#documentation": "The unit for the target capacity.
",
"smithy.api#xmlName": "targetCapacityUnitType"
}
}
@@ -96494,7 +97136,7 @@
"target": "com.amazonaws.ec2#Integer",
"traits": {
"smithy.api#clientOptional": {},
- "smithy.api#documentation": "The number of units to request, filled using\n DefaultTargetCapacityType.
",
+ "smithy.api#documentation": "The number of units to request, filled using the default target capacity type.
",
"smithy.api#required": {}
}
},
@@ -96513,18 +97155,18 @@
"DefaultTargetCapacityType": {
"target": "com.amazonaws.ec2#DefaultTargetCapacityType",
"traits": {
- "smithy.api#documentation": "The default TotalTargetCapacity, which is either Spot or\n On-Demand.
"
+ "smithy.api#documentation": "The default target capacity type.
"
}
},
"TargetCapacityUnitType": {
"target": "com.amazonaws.ec2#TargetCapacityUnitType",
"traits": {
- "smithy.api#documentation": "The unit for the target capacity. TargetCapacityUnitType can only be specified when InstanceRequirements is specified.
\n Default: units (translates to number of instances)
"
+ "smithy.api#documentation": "The unit for the target capacity. You can specify this parameter only when using\n attributed-based instance type selection.
\n Default: units (the number of instances)
"
}
}
},
"traits": {
- "smithy.api#documentation": "The number of units to request. You can choose to set the target capacity as the number of \n instances. Or you can set the target capacity to a performance characteristic that is important to your application workload,\n such as vCPUs, memory, or I/O. If the request type is maintain, you can\n specify a target capacity of 0 and add capacity later.
\n You can use the On-Demand Instance MaxTotalPrice parameter, the Spot Instance\n MaxTotalPrice parameter, or both parameters to ensure that your fleet cost\n does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances\n in your request, EC2 Fleet will launch instances until it reaches the maximum amount that you're\n willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops\n launching instances even if it hasn’t met the target capacity. The\n MaxTotalPrice parameters are located in OnDemandOptionsRequest \n and SpotOptionsRequest.
"
+ "smithy.api#documentation": "The number of units to request. You can choose to set the target capacity as the number of \n instances. Or you can set the target capacity to a performance characteristic that is important to your application workload,\n such as vCPUs, memory, or I/O. If the request type is maintain, you can\n specify a target capacity of 0 and add capacity later.
\n You can use the On-Demand Instance MaxTotalPrice parameter, the Spot Instance\n MaxTotalPrice parameter, or both parameters to ensure that your fleet cost\n does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances\n in your request, EC2 Fleet will launch instances until it reaches the maximum amount that you're\n willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops\n launching instances even if it hasn't met the target capacity. The\n MaxTotalPrice parameters are located in OnDemandOptionsRequest \n and SpotOptionsRequest.
"
}
},
"com.amazonaws.ec2#TargetCapacityUnitType": {
@@ -103442,7 +104084,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "Device",
- "smithy.api#documentation": "The device name.
",
+ "smithy.api#documentation": "The device name.
\n If the volume is attached to a Fargate task, this parameter \n returns null.
",
"smithy.api#xmlName": "device"
}
},
@@ -103450,7 +104092,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "InstanceId",
- "smithy.api#documentation": "The ID of the instance.
",
+ "smithy.api#documentation": "The ID of the instance.
\n If the volume is attached to a Fargate task, this parameter \n returns null.
",
"smithy.api#xmlName": "instanceId"
}
},
@@ -103477,6 +104119,22 @@
"smithy.api#documentation": "Indicates whether the EBS volume is deleted on instance termination.
",
"smithy.api#xmlName": "deleteOnTermination"
}
+ },
+ "AssociatedResource": {
+ "target": "com.amazonaws.ec2#String",
+ "traits": {
+ "aws.protocols#ec2QueryName": "AssociatedResource",
+ "smithy.api#documentation": "The ARN of the Amazon ECS or Fargate task \n to which the volume is attached.
",
+ "smithy.api#xmlName": "associatedResource"
+ }
+ },
+ "InstanceOwningService": {
+ "target": "com.amazonaws.ec2#String",
+ "traits": {
+ "aws.protocols#ec2QueryName": "InstanceOwningService",
+ "smithy.api#documentation": "The service principal of Amazon Web Services service that owns the underlying \n instance to which the volume is attached.
\n This parameter is returned only for volumes that are attached to \n Fargate tasks.
",
+ "smithy.api#xmlName": "instanceOwningService"
+ }
}
},
"traits": {
diff --git a/codegen/sdk-codegen/aws-models/ecs.json b/codegen/sdk-codegen/aws-models/ecs.json
index e253632c839..fad608528b6 100644
--- a/codegen/sdk-codegen/aws-models/ecs.json
+++ b/codegen/sdk-codegen/aws-models/ecs.json
@@ -1321,7 +1321,7 @@
"type": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The type of the attachment, such as ElasticNetworkInterface.
"
+ "smithy.api#documentation": "The type of the attachment, such as ElasticNetworkInterface,\n\t\t\t\tService Connect, and AmazonElasticBlockStorage.
"
}
},
"status": {
@@ -1333,7 +1333,7 @@
"details": {
"target": "com.amazonaws.ecs#AttachmentDetails",
"traits": {
- "smithy.api#documentation": "Details of the attachment. For elastic network interfaces, this includes the network\n\t\t\tinterface ID, the MAC address, the subnet ID, and the private IPv4 address.
"
+ "smithy.api#documentation": "Details of the attachment.
\n For elastic network interfaces, this includes the network interface ID, the MAC\n\t\t\taddress, the subnet ID, and the private IPv4 address.
\n For Service Connect services, this includes portName,\n\t\t\t\tclientAliases, discoveryName, and\n\t\t\t\tingressPortOverride.
\n For elastic block storage, this includes roleArn, encrypted,\n\t\t\t\tfilesystemType, iops, kmsKeyId,\n\t\t\t\tsizeInGiB, snapshotId, tagSpecifications,\n\t\t\t\tthroughput, and volumeType.
"
}
}
},
@@ -1441,7 +1441,7 @@
"autoScalingGroupArn": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) that identifies the Auto Scaling group, or the Auto Scaling group name.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) that identifies the Auto Scaling group, or the Auto Scaling group\n\t\t\tname.
",
"smithy.api#required": {}
}
},
@@ -1454,13 +1454,13 @@
"managedTerminationProtection": {
"target": "com.amazonaws.ecs#ManagedTerminationProtection",
"traits": {
- "smithy.api#documentation": "The managed termination protection setting to use for the Auto Scaling group capacity\n\t\t\tprovider. This determines whether the Auto Scaling group has managed termination\n\t\t\tprotection. The default is off.
\n \n When using managed termination protection, managed scaling must also be used\n\t\t\t\totherwise managed termination protection doesn't work.
\n \n When managed termination protection is on, Amazon ECS prevents the Amazon EC2 instances in an Auto\n\t\t\tScaling group that contain tasks from being terminated during a scale-in action. The\n\t\t\tAuto Scaling group and each instance in the Auto Scaling group must have instance\n\t\t\tprotection from scale-in actions on as well. For more information, see Instance Protection in the Auto Scaling User Guide.
\n When managed termination protection is off, your Amazon EC2 instances aren't protected from\n\t\t\ttermination when the Auto Scaling group scales in.
"
+ "smithy.api#documentation": "The managed termination protection setting to use for the Auto Scaling group capacity\n\t\t\tprovider. This determines whether the Auto Scaling group has managed termination\n\t\t\tprotection. The default is off.
\n \n When using managed termination protection, managed scaling must also be used\n\t\t\t\totherwise managed termination protection doesn't work.
\n \n When managed termination protection is on, Amazon ECS prevents the Amazon EC2 instances in an\n\t\t\tAuto Scaling group that contain tasks from being terminated during a scale-in action.\n\t\t\tThe Auto Scaling group and each instance in the Auto Scaling group must have instance\n\t\t\tprotection from scale-in actions on as well. For more information, see Instance Protection in the Auto Scaling User Guide.
\n When managed termination protection is off, your Amazon EC2 instances aren't protected from\n\t\t\ttermination when the Auto Scaling group scales in.
"
}
},
"managedDraining": {
"target": "com.amazonaws.ecs#ManagedDraining",
"traits": {
- "smithy.api#documentation": "The managed draining option for the Auto Scaling group capacity provider. When you enable this, Amazon ECS manages and gracefully drains the EC2 container instances that are in the Auto Scaling group capacity provider.
\n The default is ENABLED.
"
+ "smithy.api#documentation": "The managed draining option for the Auto Scaling group capacity provider. When you enable this, Amazon ECS manages and gracefully drains the EC2 container instances that are in the Auto Scaling group capacity provider.
"
}
}
},
@@ -1480,13 +1480,13 @@
"managedTerminationProtection": {
"target": "com.amazonaws.ecs#ManagedTerminationProtection",
"traits": {
- "smithy.api#documentation": "The managed termination protection setting to use for the Auto Scaling group capacity\n\t\t\tprovider. This determines whether the Auto Scaling group has managed termination\n\t\t\tprotection.
\n \n When using managed termination protection, managed scaling must also be used\n\t\t\t\totherwise managed termination protection doesn't work.
\n \n When managed termination protection is on, Amazon ECS prevents the Amazon EC2 instances in an Auto\n\t\t\tScaling group that contain tasks from being terminated during a scale-in action. The\n\t\t\tAuto Scaling group and each instance in the Auto Scaling group must have instance\n\t\t\tprotection from scale-in actions on. For more information, see Instance Protection in the Auto Scaling User Guide.
\n When managed termination protection is off, your Amazon EC2 instances aren't protected from\n\t\t\ttermination when the Auto Scaling group scales in.
"
+ "smithy.api#documentation": "The managed termination protection setting to use for the Auto Scaling group capacity\n\t\t\tprovider. This determines whether the Auto Scaling group has managed termination\n\t\t\tprotection.
\n \n When using managed termination protection, managed scaling must also be used\n\t\t\t\totherwise managed termination protection doesn't work.
\n \n When managed termination protection is on, Amazon ECS prevents the Amazon EC2 instances in an\n\t\t\tAuto Scaling group that contain tasks from being terminated during a scale-in action.\n\t\t\tThe Auto Scaling group and each instance in the Auto Scaling group must have instance\n\t\t\tprotection from scale-in actions on. For more information, see Instance Protection in the Auto Scaling User Guide.
\n When managed termination protection is off, your Amazon EC2 instances aren't protected from\n\t\t\ttermination when the Auto Scaling group scales in.
"
}
},
"managedDraining": {
"target": "com.amazonaws.ecs#ManagedDraining",
"traits": {
- "smithy.api#documentation": "The managed draining option for the Auto Scaling group capacity provider. When you enable this, Amazon ECS manages and gracefully drains the EC2 container instances that are in the Auto Scaling group capacity provider.
\n The default is ENABLED.
"
+ "smithy.api#documentation": "The managed draining option for the Auto Scaling group capacity provider. When you enable this, Amazon ECS manages and gracefully drains the EC2 container instances that are in the Auto Scaling group capacity provider.
"
}
}
},
@@ -1836,7 +1836,7 @@
"settings": {
"target": "com.amazonaws.ecs#ClusterSettings",
"traits": {
- "smithy.api#documentation": "The settings for the cluster. This parameter indicates whether CloudWatch Container Insights is on\n\t\t\tor off for a cluster.
"
+ "smithy.api#documentation": "The settings for the cluster. This parameter indicates whether CloudWatch Container Insights\n\t\t\tis on or off for a cluster.
"
}
},
"capacityProviders": {
@@ -2009,7 +2009,7 @@
"namespace": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The namespace name or full Amazon Resource Name (ARN) of the Cloud Map namespace that's used when you create a service and don't specify\n\t\t\ta Service Connect configuration. The namespace name can include up to 1024 characters.\n\t\t\tThe name is case-sensitive. The name can't include hyphens (-), tilde (~), greater than\n\t\t\t(>), less than (<), or slash (/).
\n If you enter an existing namespace name or ARN, then that namespace will be used.\n\t\t\tAny namespace type is supported. The namespace must be in this account and this Amazon Web Services\n\t\t\tRegion.
\n If you enter a new name, a Cloud Map namespace will be created. Amazon ECS creates a\n\t\t\tCloud Map namespace with the \"API calls\" method of instance discovery only. This instance\n\t\t\tdiscovery method is the \"HTTP\" namespace type in the Command Line Interface. Other types of instance\n\t\t\tdiscovery aren't used by Service Connect.
\n If you update the cluster with an empty string \"\" for the namespace name,\n\t\t\tthe cluster configuration for Service Connect is removed. Note that the namespace will\n\t\t\tremain in Cloud Map and must be deleted separately.
\n For more information about Cloud Map, see Working\n\t\t\t\twith Services in the Cloud Map Developer Guide.
",
+ "smithy.api#documentation": "The namespace name or full Amazon Resource Name (ARN) of the Cloud Map namespace that's used when you create a service and don't specify\n\t\t\ta Service Connect configuration. The namespace name can include up to 1024 characters.\n\t\t\tThe name is case-sensitive. The name can't include hyphens (-), tilde (~), greater than\n\t\t\t(>), less than (<), or slash (/).
\n If you enter an existing namespace name or ARN, then that namespace will be used.\n\t\t\tAny namespace type is supported. The namespace must be in this account and this Amazon Web Services\n\t\t\tRegion.
\n If you enter a new name, a Cloud Map namespace will be created. Amazon ECS creates a\n\t\t\tCloud Map namespace with the \"API calls\" method of instance discovery only. This instance\n\t\t\tdiscovery method is the \"HTTP\" namespace type in the Command Line Interface. Other types of instance\n\t\t\tdiscovery aren't used by Service Connect.
\n If you update the cluster with an empty string \"\" for the namespace name,\n\t\t\tthe cluster configuration for Service Connect is removed. Note that the namespace will\n\t\t\tremain in Cloud Map and must be deleted separately.
\n For more information about Cloud Map, see Working with Services\n\t\t\tin the Cloud Map Developer Guide.
",
"smithy.api#required": {}
}
}
@@ -2030,7 +2030,7 @@
"value": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The value to set for the cluster setting. The supported values are enabled and\n\t\t\t\tdisabled.
\n If you set name to containerInsights and value\n\t\t\tto enabled, CloudWatch Container Insights will be on for the cluster, otherwise\n\t\t\tit will be off unless the containerInsights account setting is turned on.\n\t\t\tIf a cluster value is specified, it will override the containerInsights\n\t\t\tvalue set with PutAccountSetting or PutAccountSettingDefault.
"
+ "smithy.api#documentation": "The value to set for the cluster setting. The supported values are\n\t\t\t\tenabled and disabled.
\n If you set name to containerInsights and value\n\t\t\tto enabled, CloudWatch Container Insights will be on for the cluster, otherwise\n\t\t\tit will be off unless the containerInsights account setting is turned on.\n\t\t\tIf a cluster value is specified, it will override the containerInsights\n\t\t\tvalue set with PutAccountSetting or PutAccountSettingDefault.
"
}
}
},
@@ -2096,7 +2096,7 @@
"resourceIds": {
"target": "com.amazonaws.ecs#ResourceIds",
"traits": {
- "smithy.api#documentation": "The existing task ARNs which are already associated with the clientToken.
"
+ "smithy.api#documentation": "The existing task ARNs which are already associated with the\n\t\t\t\tclientToken.
"
}
},
"message": {
@@ -2107,7 +2107,7 @@
}
},
"traits": {
- "smithy.api#documentation": "The RunTask request could not be processed due to conflicts. The provided\n\t\t\t\tclientToken is already in use with a different RunTask\n\t\t\trequest. The resourceIds are the existing task ARNs which are already\n\t\t\tassociated with the clientToken.
\n To fix this issue:
\n ",
+ "smithy.api#documentation": "The RunTask request could not be processed due to conflicts. The provided\n\t\t\t\tclientToken is already in use with a different RunTask\n\t\t\trequest. The resourceIds are the existing task ARNs which are already\n\t\t\tassociated with the clientToken.
\n To fix this issue:
\n ",
"smithy.api#error": "client"
}
},
@@ -2412,7 +2412,7 @@
"disableNetworking": {
"target": "com.amazonaws.ecs#BoxedBoolean",
"traits": {
- "smithy.api#documentation": "When this parameter is true, networking is off within the container. This parameter maps to\n\t\t\t\tNetworkDisabled in the Create a container section of\n\t\t\tthe Docker Remote API.
\n \n This parameter is not supported for Windows containers.
\n "
+ "smithy.api#documentation": "When this parameter is true, networking is off within the container. This parameter\n\t\t\tmaps to NetworkDisabled in the Create a container section\n\t\t\tof the Docker Remote API.
\n \n This parameter is not supported for Windows containers.
\n "
}
},
"privileged": {
@@ -2448,7 +2448,7 @@
"dockerSecurityOptions": {
"target": "com.amazonaws.ecs#StringList",
"traits": {
- "smithy.api#documentation": "A list of strings to provide custom configuration for multiple\n\t\t\tsecurity systems. For more information about valid values, see Docker Run Security Configuration. This field isn't valid\n\t\t\tfor containers in tasks using the Fargate launch\n\t\t\ttype.
\n For Linux tasks on EC2, this parameter can be used to reference custom\n\t\t\tlabels for SELinux and AppArmor multi-level security systems.
\n For any tasks on EC2, this parameter can be used to reference a\n\t\t\tcredential spec file that configures a container for Active Directory\n\t\t\tauthentication. For more\n\t\t\tinformation, see Using gMSAs for Windows\n\t\t\t\tContainers and Using gMSAs for Linux\n\t\t\t\t\tContainers in the Amazon Elastic Container Service Developer Guide.
\n This parameter maps to SecurityOpt in the\n\t\t\tCreate a container section of the Docker Remote API and the\n\t\t\t\t--security-opt option to docker\n\t\t\t\trun.
\n \n The Amazon ECS container agent running on a container instance must register with the\n\t\t\t\t\tECS_SELINUX_CAPABLE=true or ECS_APPARMOR_CAPABLE=true\n\t\t\t\tenvironment variables before containers placed on that instance can use these\n\t\t\t\tsecurity options. For more information, see Amazon ECS Container\n\t\t\t\t\tAgent Configuration in the Amazon Elastic Container Service Developer Guide.
\n \n For more information about valid values, see Docker\n\t\t\t\tRun Security Configuration.
\n Valid values: \"no-new-privileges\" | \"apparmor:PROFILE\" | \"label:value\" |\n\t\t\t\"credentialspec:CredentialSpecFilePath\"
"
+ "smithy.api#documentation": "A list of strings to provide custom configuration for multiple security systems. For\n\t\t\tmore information about valid values, see Docker\n\t\t\t\tRun Security Configuration. This field isn't valid for containers in tasks\n\t\t\tusing the Fargate launch type.
\n For Linux tasks on EC2, this parameter can be used to reference custom\n\t\t\tlabels for SELinux and AppArmor multi-level security systems.
\n For any tasks on EC2, this parameter can be used to reference a\n\t\t\tcredential spec file that configures a container for Active Directory authentication.\n\t\t\tFor more information, see Using gMSAs for Windows\n\t\t\t\tContainers and Using gMSAs for Linux\n\t\t\t\tContainers in the Amazon Elastic Container Service Developer Guide.
\n This parameter maps to SecurityOpt in the\n\t\t\tCreate a container section of the Docker Remote API and the\n\t\t\t\t--security-opt option to docker\n\t\t\t\trun.
\n \n The Amazon ECS container agent running on a container instance must register with the\n\t\t\t\t\tECS_SELINUX_CAPABLE=true or ECS_APPARMOR_CAPABLE=true\n\t\t\t\tenvironment variables before containers placed on that instance can use these\n\t\t\t\tsecurity options. For more information, see Amazon ECS Container\n\t\t\t\t\tAgent Configuration in the Amazon Elastic Container Service Developer Guide.
\n \n For more information about valid values, see Docker\n\t\t\t\tRun Security Configuration.
\n Valid values: \"no-new-privileges\" | \"apparmor:PROFILE\" | \"label:value\" |\n\t\t\t\"credentialspec:CredentialSpecFilePath\"
"
}
},
"interactive": {
@@ -2490,7 +2490,7 @@
"systemControls": {
"target": "com.amazonaws.ecs#SystemControls",
"traits": {
- "smithy.api#documentation": "A list of namespaced kernel parameters to set in the container. This parameter maps to\n\t\t\t\tSysctls in the Create a container section of the\n\t\t\tDocker Remote API and the --sysctl option to docker run. For example, you can\n\t\t\tconfigure net.ipv4.tcp_keepalive_time setting to maintain\n\t\t\tlonger lived connections.
\n \n We don't recommended that you specify network-related systemControls\n\t\t\t\tparameters for multiple containers in a single task that also uses either the\n\t\t\t\t\tawsvpc or host network modes. For tasks that use the\n\t\t\t\t\tawsvpc network mode, the container that's started last determines\n\t\t\t\twhich systemControls parameters take effect. For tasks that use the\n\t\t\t\t\thost network mode, it changes the container instance's namespaced\n\t\t\t\tkernel parameters as well as the containers.
\n \n \n This parameter is not supported for Windows containers.
\n \n \n This parameter is only supported for tasks that are hosted on\n Fargate if the tasks are using platform version 1.4.0 or later\n (Linux). This isn't supported for Windows containers on\n Fargate.
\n "
+ "smithy.api#documentation": "A list of namespaced kernel parameters to set in the container. This parameter maps to\n\t\t\t\tSysctls in the Create a container section of the\n\t\t\tDocker Remote API and the --sysctl option to docker run. For example, you can configure\n\t\t\t\tnet.ipv4.tcp_keepalive_time setting to maintain longer lived\n\t\t\tconnections.
\n \n We don't recommended that you specify network-related systemControls\n\t\t\t\tparameters for multiple containers in a single task that also uses either the\n\t\t\t\t\tawsvpc or host network modes. For tasks that use the\n\t\t\t\t\tawsvpc network mode, the container that's started last determines\n\t\t\t\twhich systemControls parameters take effect. For tasks that use the\n\t\t\t\t\thost network mode, it changes the container instance's namespaced\n\t\t\t\tkernel parameters as well as the containers.
\n \n \n This parameter is not supported for Windows containers.
\n \n \n This parameter is only supported for tasks that are hosted on\n Fargate if the tasks are using platform version 1.4.0 or later\n (Linux). This isn't supported for Windows containers on\n Fargate.
\n "
}
},
"resourceRequirements": {
@@ -2508,7 +2508,7 @@
"credentialSpecs": {
"target": "com.amazonaws.ecs#StringList",
"traits": {
- "smithy.api#documentation": "A list of ARNs in SSM or Amazon S3 to a credential spec\n\t\t\t\t(CredSpec) file that configures the container for Active Directory\n\t\t\tauthentication. We recommend that you use this parameter instead of the\n\t\t\t\tdockerSecurityOptions. The maximum number of ARNs is\n\t\t\t1.
\n There are two formats for each ARN.
\n \n - credentialspecdomainless:MyARN
\n - \n
You use credentialspecdomainless:MyARN to provide a\n\t\t\t\t\t\t\tCredSpec with an additional section for a secret in Secrets Manager.\n\t\t\t\t\t\tYou provide the login credentials to the domain in the secret.
\n Each task that runs on any container instance can join different\n\t\t\t\t\t\tdomains.
\n You can use this format without joining the container instance to a\n\t\t\t\t\t\tdomain.
\n \n - credentialspec:MyARN
\n - \n
You use credentialspec:MyARN to provide a\n\t\t\t\t\t\t\tCredSpec for a single domain.
\n You must join the container instance to the domain before you start any\n\t\t\t\t\t\ttasks that use this task definition.
\n \n
\n In both formats, replace MyARN with the ARN in\n\t\t\tSSM or Amazon S3.
\n If you provide a credentialspecdomainless:MyARN, the\n\t\t\t\tcredspec must provide a ARN in Secrets Manager for a secret containing the\n\t\t\tusername, password, and the domain to connect to. For better security, the instance\n\t\t\tisn't joined to the domain for domainless authentication. Other applications on the\n\t\t\tinstance can't use the domainless credentials. You can use this parameter to run tasks\n\t\t\ton the same instance, even it the tasks need to join different domains. For more\n\t\t\tinformation, see Using gMSAs for Windows\n\t\t\t\tContainers and Using gMSAs for Linux\n\t\t\t\tContainers.
"
+ "smithy.api#documentation": "A list of ARNs in SSM or Amazon S3 to a credential spec (CredSpec) file that\n\t\t\tconfigures the container for Active Directory authentication. We recommend that you use\n\t\t\tthis parameter instead of the dockerSecurityOptions. The maximum number of\n\t\t\tARNs is 1.
\n There are two formats for each ARN.
\n \n - credentialspecdomainless:MyARN
\n - \n
You use credentialspecdomainless:MyARN to provide a\n\t\t\t\t\t\t\tCredSpec with an additional section for a secret in Secrets Manager.\n\t\t\t\t\t\tYou provide the login credentials to the domain in the secret.
\n Each task that runs on any container instance can join different\n\t\t\t\t\t\tdomains.
\n You can use this format without joining the container instance to a\n\t\t\t\t\t\tdomain.
\n \n - credentialspec:MyARN
\n - \n
You use credentialspec:MyARN to provide a\n\t\t\t\t\t\t\tCredSpec for a single domain.
\n You must join the container instance to the domain before you start any\n\t\t\t\t\t\ttasks that use this task definition.
\n \n
\n In both formats, replace MyARN with the ARN in SSM or Amazon S3.
\n If you provide a credentialspecdomainless:MyARN, the\n\t\t\t\tcredspec must provide a ARN in Secrets Manager for a secret containing the\n\t\t\tusername, password, and the domain to connect to. For better security, the instance\n\t\t\tisn't joined to the domain for domainless authentication. Other applications on the\n\t\t\tinstance can't use the domainless credentials. You can use this parameter to run tasks\n\t\t\ton the same instance, even it the tasks need to join different domains. For more\n\t\t\tinformation, see Using gMSAs for Windows\n\t\t\t\tContainers and Using gMSAs for Linux\n\t\t\t\tContainers.
"
}
}
},
@@ -2619,7 +2619,7 @@
"target": "com.amazonaws.ecs#Integer",
"traits": {
"smithy.api#default": 0,
- "smithy.api#documentation": "The number of tasks on the container instance that have a desired status (desiredStatus) of RUNNING.
"
+ "smithy.api#documentation": "The number of tasks on the container instance that have a desired status\n\t\t\t\t(desiredStatus) of RUNNING.
"
}
},
"pendingTasksCount": {
@@ -2807,7 +2807,7 @@
}
},
"traits": {
- "smithy.api#documentation": "The overrides that are sent to a container. An empty container override can be passed\n\t\t\tin. An example of an empty container override is {\"containerOverrides\": [ ]\n\t\t\t\t}. If a non-empty container override is specified, the name\n\t\t\tparameter must be included.
\n You can use Secrets Manager or Amazon Web Services Systems Manager Parameter Store to store the sensitive\n\t\t\tdata. For more information, see Retrieve secrets through environment variables in the Amazon ECS Developer Guide.
"
+ "smithy.api#documentation": "The overrides that are sent to a container. An empty container override can be passed\n\t\t\tin. An example of an empty container override is {\"containerOverrides\": [ ]\n\t\t\t\t}. If a non-empty container override is specified, the name\n\t\t\tparameter must be included.
\n You can use Secrets Manager or Amazon Web Services Systems Manager Parameter Store to store the\n\t\t\tsensitive data. For more information, see Retrieve secrets through\n\t\t\t\tenvironment variables in the Amazon ECS Developer Guide.
"
}
},
"com.amazonaws.ecs#ContainerOverrides": {
@@ -2972,7 +2972,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Creates a new Amazon ECS cluster. By default, your account receives a default\n\t\t\tcluster when you launch your first container instance. However, you can create your own\n\t\t\tcluster with a unique name with the CreateCluster action.
\n \n When you call the CreateCluster API operation, Amazon ECS attempts to\n\t\t\t\tcreate the Amazon ECS service-linked role for your account. This is so that it can manage\n\t\t\t\trequired resources in other Amazon Web Services services on your behalf. However, if the user\n\t\t\t\tthat makes the call doesn't have permissions to create the service-linked role, it\n\t\t\t\tisn't created. For more information, see Using\n\t\t\t\t\tservice-linked roles for Amazon ECS in the Amazon Elastic Container Service Developer Guide.
\n ",
+ "smithy.api#documentation": "Creates a new Amazon ECS cluster. By default, your account receives a default\n\t\t\tcluster when you launch your first container instance. However, you can create your own\n\t\t\tcluster with a unique name with the CreateCluster action.
\n \n When you call the CreateCluster API operation, Amazon ECS attempts to\n\t\t\t\tcreate the Amazon ECS service-linked role for your account. This is so that it can manage\n\t\t\t\trequired resources in other Amazon Web Services services on your behalf. However, if the user that\n\t\t\t\tmakes the call doesn't have permissions to create the service-linked role, it isn't\n\t\t\t\tcreated. For more information, see Using\n\t\t\t\t\tservice-linked roles for Amazon ECS in the Amazon Elastic Container Service Developer Guide.
\n ",
"smithy.api#examples": [
{
"title": "To create a new cluster",
@@ -3025,13 +3025,13 @@
"capacityProviders": {
"target": "com.amazonaws.ecs#StringList",
"traits": {
- "smithy.api#documentation": "The short name of one or more capacity providers to associate with the cluster. A\n\t\t\tcapacity provider must be associated with a cluster before it can be included as part of\n\t\t\tthe default capacity provider strategy of the cluster or used in a capacity provider\n\t\t\tstrategy when calling the CreateService or RunTask\n\t\t\tactions.
\n If specifying a capacity provider that uses an Auto Scaling group, the capacity\n\t\t\tprovider must be created but not associated with another cluster. New Auto Scaling group\n\t\t\tcapacity providers can be created with the CreateCapacityProvider API\n\t\t\toperation.
\n To use a Fargate capacity provider, specify either the FARGATE or\n\t\t\t\tFARGATE_SPOT capacity providers. The Fargate capacity providers are\n\t\t\tavailable to all accounts and only need to be associated with a cluster to be\n\t\t\tused.
\n The PutCapacityProvider API operation is used to update the\n\t\t\tlist of available capacity providers for a cluster after the cluster is created.
"
+ "smithy.api#documentation": "The short name of one or more capacity providers to associate with the cluster. A\n\t\t\tcapacity provider must be associated with a cluster before it can be included as part of\n\t\t\tthe default capacity provider strategy of the cluster or used in a capacity provider\n\t\t\tstrategy when calling the CreateService or\n\t\t\t\tRunTask actions.
\n If specifying a capacity provider that uses an Auto Scaling group, the capacity\n\t\t\tprovider must be created but not associated with another cluster. New Auto Scaling group\n\t\t\tcapacity providers can be created with the CreateCapacityProvider API operation.
\n To use a Fargate capacity provider, specify either the FARGATE or\n\t\t\t\tFARGATE_SPOT capacity providers. The Fargate capacity providers are\n\t\t\tavailable to all accounts and only need to be associated with a cluster to be\n\t\t\tused.
\n The PutCapacityProvider API operation is used to update the list of available\n\t\t\tcapacity providers for a cluster after the cluster is created.
"
}
},
"defaultCapacityProviderStrategy": {
"target": "com.amazonaws.ecs#CapacityProviderStrategy",
"traits": {
- "smithy.api#documentation": "The capacity provider strategy to set as the default for the cluster. After a default\n\t\t\tcapacity provider strategy is set for a cluster, when you call the CreateService or RunTask APIs with no capacity\n\t\t\tprovider strategy or launch type specified, the default capacity provider strategy for\n\t\t\tthe cluster is used.
\n If a default capacity provider strategy isn't defined for a cluster when it was\n\t\t\tcreated, it can be defined later with the PutClusterCapacityProviders\n\t\t\tAPI operation.
"
+ "smithy.api#documentation": "The capacity provider strategy to set as the default for the cluster. After a default\n\t\t\tcapacity provider strategy is set for a cluster, when you call the CreateService or RunTask APIs with no\n\t\t\tcapacity provider strategy or launch type specified, the default capacity provider\n\t\t\tstrategy for the cluster is used.
\n If a default capacity provider strategy isn't defined for a cluster when it was\n\t\t\tcreated, it can be defined later with the PutClusterCapacityProviders\n\t\t\tAPI operation.
"
}
},
"serviceConnectDefaults": {
@@ -3097,7 +3097,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Runs and maintains your desired number of tasks from a specified task definition. If\n\t\t\tthe number of tasks running in a service drops below the desiredCount,\n\t\t\tAmazon ECS runs another copy of the task in the specified cluster. To update an existing\n\t\t\tservice, see the UpdateService action.
\n \n Starting April 15, 2023, Amazon Web Services will not onboard new customers to Amazon Elastic Inference (EI), and will help current customers migrate their workloads to options that offer better price and performance. After April 15, 2023, new customers will not be able to launch instances with Amazon EI accelerators in Amazon SageMaker, Amazon ECS, or Amazon EC2. However, customers who have used Amazon EI at least once during the past 30-day period are considered current customers and will be able to continue using the service.
\n \n In addition to maintaining the desired count of tasks in your service, you can\n\t\t\toptionally run your service behind one or more load balancers. The load balancers\n\t\t\tdistribute traffic across the tasks that are associated with the service. For more\n\t\t\tinformation, see Service load balancing in the Amazon Elastic Container Service Developer Guide.
\n Tasks for services that don't use a load balancer are considered healthy if they're in\n\t\t\tthe RUNNING state. Tasks for services that use a load balancer are\n\t\t\tconsidered healthy if they're in the RUNNING state and are reported as\n\t\t\thealthy by the load balancer.
\n There are two service scheduler strategies available:
\n \n - \n
\n REPLICA - The replica scheduling strategy places and\n\t\t\t\t\tmaintains your desired number of tasks across your cluster. By default, the\n\t\t\t\t\tservice scheduler spreads tasks across Availability Zones. You can use task\n\t\t\t\t\tplacement strategies and constraints to customize task placement decisions. For\n\t\t\t\t\tmore information, see Service scheduler concepts in the Amazon Elastic Container Service Developer Guide.
\n \n - \n
\n DAEMON - The daemon scheduling strategy deploys exactly one\n\t\t\t\t\ttask on each active container instance that meets all of the task placement\n\t\t\t\t\tconstraints that you specify in your cluster. The service scheduler also\n\t\t\t\t\tevaluates the task placement constraints for running tasks. It also stops tasks\n\t\t\t\t\tthat don't meet the placement constraints. When using this strategy, you don't\n\t\t\t\t\tneed to specify a desired number of tasks, a task placement strategy, or use\n\t\t\t\t\tService Auto Scaling policies. For more information, see Service scheduler concepts in the Amazon Elastic Container Service Developer Guide.
\n \n
\n You can optionally specify a deployment configuration for your service. The deployment\n\t\t\tis initiated by changing properties. For example, the deployment might be initiated by\n\t\t\tthe task definition or by your desired count of a service. This is done with an UpdateService operation. The default value for a replica service for\n\t\t\t\tminimumHealthyPercent is 100%. The default value for a daemon service\n\t\t\tfor minimumHealthyPercent is 0%.
\n If a service uses the ECS deployment controller, the minimum healthy\n\t\t\tpercent represents a lower limit on the number of tasks in a service that must remain in\n\t\t\tthe RUNNING state during a deployment. Specifically, it represents it as a\n\t\t\tpercentage of your desired number of tasks (rounded up to the nearest integer). This\n\t\t\thappens when any of your container instances are in the DRAINING state if\n\t\t\tthe service contains tasks using the EC2 launch type. Using this\n\t\t\tparameter, you can deploy without using additional cluster capacity. For example, if you\n\t\t\tset your service to have desired number of four tasks and a minimum healthy percent of\n\t\t\t50%, the scheduler might stop two existing tasks to free up cluster capacity before\n\t\t\tstarting two new tasks. If they're in the RUNNING state, tasks for services\n\t\t\tthat don't use a load balancer are considered healthy . If they're in the\n\t\t\t\tRUNNING state and reported as healthy by the load balancer, tasks for\n\t\t\tservices that do use a load balancer are considered healthy . The\n\t\t\tdefault value for minimum healthy percent is 100%.
\n If a service uses the ECS deployment controller, the maximum percent parameter represents an upper limit on the\n\t\t\tnumber of tasks in a service that are allowed in the RUNNING or\n\t\t\t\tPENDING state during a deployment. Specifically, it represents it as a\n\t\t\tpercentage of the desired number of tasks (rounded down to the nearest integer). This\n\t\t\thappens when any of your container instances are in the DRAINING state if\n\t\t\tthe service contains tasks using the EC2 launch type. Using this\n\t\t\tparameter, you can define the deployment batch size. For example, if your service has a\n\t\t\tdesired number of four tasks and a maximum percent value of 200%, the scheduler may\n\t\t\tstart four new tasks before stopping the four older tasks (provided that the cluster\n\t\t\tresources required to do this are available). The default value for maximum percent is\n\t\t\t200%.
\n If a service uses either the CODE_DEPLOY or EXTERNAL\n\t\t\tdeployment controller types and tasks that use the EC2 launch type, the\n\t\t\t\tminimum healthy percent and maximum percent values are used only to define the lower and upper limit\n\t\t\ton the number of the tasks in the service that remain in the RUNNING state.\n\t\t\tThis is while the container instances are in the DRAINING state. If the\n\t\t\ttasks in the service use the Fargate launch type, the minimum healthy\n\t\t\tpercent and maximum percent values aren't used. This is the case even if they're\n\t\t\tcurrently visible when describing your service.
\n When creating a service that uses the EXTERNAL deployment controller, you\n\t\t\tcan specify only parameters that aren't controlled at the task set level. The only\n\t\t\trequired parameter is the service name. You control your services using the CreateTaskSet operation. For more information, see Amazon ECS deployment types in the Amazon Elastic Container Service Developer Guide.
\n When the service scheduler launches new tasks, it determines task placement. For\n\t\t\tinformation about task placement and task placement strategies, see Amazon ECS\n\t\t\t\ttask placement in the Amazon Elastic Container Service Developer Guide.
",
+ "smithy.api#documentation": "Runs and maintains your desired number of tasks from a specified task definition. If\n\t\t\tthe number of tasks running in a service drops below the desiredCount,\n\t\t\tAmazon ECS runs another copy of the task in the specified cluster. To update an existing\n\t\t\tservice, see the UpdateService action.
\n \n Starting April 15, 2023, Amazon Web Services will not onboard new customers to Amazon Elastic Inference (EI), and will help current customers migrate their workloads to options that offer better price and performance. After April 15, 2023, new customers will not be able to launch instances with Amazon EI accelerators in Amazon SageMaker, Amazon ECS, or Amazon EC2. However, customers who have used Amazon EI at least once during the past 30-day period are considered current customers and will be able to continue using the service.
\n \n In addition to maintaining the desired count of tasks in your service, you can\n\t\t\toptionally run your service behind one or more load balancers. The load balancers\n\t\t\tdistribute traffic across the tasks that are associated with the service. For more\n\t\t\tinformation, see Service load balancing in the Amazon Elastic Container Service Developer Guide.
\n You can attach Amazon EBS volumes to Amazon ECS tasks by configuring the volume when creating or\n\t\t\tupdating a service. volumeConfigurations is only supported for REPLICA\n\t\t\tservice and not DAEMON service. For more infomation, see Amazon EBS volumes in the Amazon Elastic Container Service Developer Guide.
\n Tasks for services that don't use a load balancer are considered healthy if they're in\n\t\t\tthe RUNNING state. Tasks for services that use a load balancer are\n\t\t\tconsidered healthy if they're in the RUNNING state and are reported as\n\t\t\thealthy by the load balancer.
\n There are two service scheduler strategies available:
\n \n - \n
\n REPLICA - The replica scheduling strategy places and\n\t\t\t\t\tmaintains your desired number of tasks across your cluster. By default, the\n\t\t\t\t\tservice scheduler spreads tasks across Availability Zones. You can use task\n\t\t\t\t\tplacement strategies and constraints to customize task placement decisions. For\n\t\t\t\t\tmore information, see Service scheduler concepts in the Amazon Elastic Container Service Developer Guide.
\n \n - \n
\n DAEMON - The daemon scheduling strategy deploys exactly one\n\t\t\t\t\ttask on each active container instance that meets all of the task placement\n\t\t\t\t\tconstraints that you specify in your cluster. The service scheduler also\n\t\t\t\t\tevaluates the task placement constraints for running tasks. It also stops tasks\n\t\t\t\t\tthat don't meet the placement constraints. When using this strategy, you don't\n\t\t\t\t\tneed to specify a desired number of tasks, a task placement strategy, or use\n\t\t\t\t\tService Auto Scaling policies. For more information, see Service scheduler concepts in the Amazon Elastic Container Service Developer Guide.
\n \n
\n You can optionally specify a deployment configuration for your service. The deployment\n\t\t\tis initiated by changing properties. For example, the deployment might be initiated by\n\t\t\tthe task definition or by your desired count of a service. This is done with an UpdateService operation. The default value for a replica service for\n\t\t\t\tminimumHealthyPercent is 100%. The default value for a daemon service\n\t\t\tfor minimumHealthyPercent is 0%.
\n If a service uses the ECS deployment controller, the minimum healthy\n\t\t\tpercent represents a lower limit on the number of tasks in a service that must remain in\n\t\t\tthe RUNNING state during a deployment. Specifically, it represents it as a\n\t\t\tpercentage of your desired number of tasks (rounded up to the nearest integer). This\n\t\t\thappens when any of your container instances are in the DRAINING state if\n\t\t\tthe service contains tasks using the EC2 launch type. Using this\n\t\t\tparameter, you can deploy without using additional cluster capacity. For example, if you\n\t\t\tset your service to have desired number of four tasks and a minimum healthy percent of\n\t\t\t50%, the scheduler might stop two existing tasks to free up cluster capacity before\n\t\t\tstarting two new tasks. If they're in the RUNNING state, tasks for services\n\t\t\tthat don't use a load balancer are considered healthy . If they're in the\n\t\t\t\tRUNNING state and reported as healthy by the load balancer, tasks for\n\t\t\tservices that do use a load balancer are considered healthy . The\n\t\t\tdefault value for minimum healthy percent is 100%.
\n If a service uses the ECS deployment controller, the maximum percent parameter represents an upper limit on the\n\t\t\tnumber of tasks in a service that are allowed in the RUNNING or\n\t\t\t\tPENDING state during a deployment. Specifically, it represents it as a\n\t\t\tpercentage of the desired number of tasks (rounded down to the nearest integer). This\n\t\t\thappens when any of your container instances are in the DRAINING state if\n\t\t\tthe service contains tasks using the EC2 launch type. Using this\n\t\t\tparameter, you can define the deployment batch size. For example, if your service has a\n\t\t\tdesired number of four tasks and a maximum percent value of 200%, the scheduler may\n\t\t\tstart four new tasks before stopping the four older tasks (provided that the cluster\n\t\t\tresources required to do this are available). The default value for maximum percent is\n\t\t\t200%.
\n If a service uses either the CODE_DEPLOY or EXTERNAL\n\t\t\tdeployment controller types and tasks that use the EC2 launch type, the\n\t\t\t\tminimum healthy percent and maximum percent values are used only to define the lower and upper limit\n\t\t\ton the number of the tasks in the service that remain in the RUNNING state.\n\t\t\tThis is while the container instances are in the DRAINING state. If the\n\t\t\ttasks in the service use the Fargate launch type, the minimum healthy\n\t\t\tpercent and maximum percent values aren't used. This is the case even if they're\n\t\t\tcurrently visible when describing your service.
\n When creating a service that uses the EXTERNAL deployment controller, you\n\t\t\tcan specify only parameters that aren't controlled at the task set level. The only\n\t\t\trequired parameter is the service name. You control your services using the CreateTaskSet operation. For more information, see Amazon ECS deployment types in the Amazon Elastic Container Service Developer Guide.
\n When the service scheduler launches new tasks, it determines task placement. For\n\t\t\tinformation about task placement and task placement strategies, see Amazon ECS\n\t\t\t\ttask placement in the Amazon Elastic Container Service Developer Guide.
",
"smithy.api#examples": [
{
"title": "To create a new service",
@@ -3226,7 +3226,7 @@
"taskDefinition": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The family and revision (family:revision) or\n\t\t\tfull ARN of the task definition to run in your service. If a revision\n\t\t\tisn't specified, the latest ACTIVE revision is used.
\n A task definition must be specified if the service uses either the ECS or\n\t\t\t\tCODE_DEPLOY deployment controllers.
\n For more information about deployment types, see Amazon ECS deployment types.
"
+ "smithy.api#documentation": "The family and revision (family:revision) or\n\t\t\tfull ARN of the task definition to run in your service. If a revision\n\t\t\tisn't specified, the latest ACTIVE revision is used.
\n A task definition must be specified if the service uses either the ECS or\n\t\t\t\tCODE_DEPLOY deployment controllers.
\n For more information about deployment types, see Amazon ECS deployment\n\t\t\t\ttypes.
"
}
},
"loadBalancers": {
@@ -3244,7 +3244,7 @@
"desiredCount": {
"target": "com.amazonaws.ecs#BoxedInteger",
"traits": {
- "smithy.api#documentation": "The number of instantiations of the specified task definition to place and keep running in your service.
\n This is required if schedulingStrategy is REPLICA or isn't\n\t\t\tspecified. If schedulingStrategy is DAEMON then this isn't\n\t\t\trequired.
"
+ "smithy.api#documentation": "The number of instantiations of the specified task definition to place and keep\n\t\t\trunning in your service.
\n This is required if schedulingStrategy is REPLICA or isn't\n\t\t\tspecified. If schedulingStrategy is DAEMON then this isn't\n\t\t\trequired.
"
}
},
"clientToken": {
@@ -3274,7 +3274,7 @@
"role": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The name or full Amazon Resource Name (ARN) of the IAM role that allows Amazon ECS to make calls to your\n\t\t\tload balancer on your behalf. This parameter is only permitted if you are using a load\n\t\t\tbalancer with your service and your task definition doesn't use the awsvpc\n\t\t\tnetwork mode. If you specify the role parameter, you must also specify a\n\t\t\tload balancer object with the loadBalancers parameter.
\n \n If your account has already created the Amazon ECS service-linked role, that role is\n\t\t\t\tused for your service unless you specify a role here. The service-linked role is\n\t\t\t\trequired if your task definition uses the awsvpc network mode or if the\n\t\t\t\tservice is configured to use service discovery, an external deployment controller,\n\t\t\t\tmultiple target groups, or Elastic Inference accelerators in which case you don't\n\t\t\t\tspecify a role here. For more information, see Using\n\t\t\t\t\tservice-linked roles for Amazon ECS in the Amazon Elastic Container Service Developer Guide.
\n \n If your specified role has a path other than /, then you must either\n\t\t\tspecify the full role ARN (this is recommended) or prefix the role name with the path.\n\t\t\tFor example, if a role with the name bar has a path of /foo/\n\t\t\tthen you would specify /foo/bar as the role name. For more information, see\n\t\t\t\tFriendly names and paths in the IAM User Guide.
"
+ "smithy.api#documentation": "The name or full Amazon Resource Name (ARN) of the IAM role that allows Amazon ECS to make calls to your\n\t\t\tload balancer on your behalf. This parameter is only permitted if you are using a load\n\t\t\tbalancer with your service and your task definition doesn't use the awsvpc\n\t\t\tnetwork mode. If you specify the role parameter, you must also specify a\n\t\t\tload balancer object with the loadBalancers parameter.
\n \n If your account has already created the Amazon ECS service-linked role, that role is\n\t\t\t\tused for your service unless you specify a role here. The service-linked role is\n\t\t\t\trequired if your task definition uses the awsvpc network mode or if the\n\t\t\t\tservice is configured to use service discovery, an external deployment controller,\n\t\t\t\tmultiple target groups, or Elastic Inference accelerators in which case you don't\n\t\t\t\tspecify a role here. For more information, see Using\n\t\t\t\t\tservice-linked roles for Amazon ECS in the Amazon Elastic Container Service Developer Guide.
\n \n If your specified role has a path other than /, then you must either\n\t\t\tspecify the full role ARN (this is recommended) or prefix the role name with the path.\n\t\t\tFor example, if a role with the name bar has a path of /foo/\n\t\t\tthen you would specify /foo/bar as the role name. For more information, see\n\t\t\t\tFriendly names and paths in the IAM User\n\t\t\tGuide.
"
}
},
"deploymentConfiguration": {
@@ -3350,6 +3350,12 @@
"traits": {
"smithy.api#documentation": "The configuration for this service to discover and connect to\n\tservices, and be discovered by, and connected from, other services within a namespace.
\n Tasks that run in a namespace can use short names to connect\n\tto services in the namespace. Tasks can connect to services across all of the clusters in the namespace.\n\tTasks connect through a managed proxy container\n\tthat collects logs and metrics for increased visibility.\n\tOnly the tasks that Amazon ECS services create are supported with Service Connect.\n\tFor more information, see Service Connect in the Amazon Elastic Container Service Developer Guide.
"
}
+ },
+ "volumeConfigurations": {
+ "target": "com.amazonaws.ecs#ServiceVolumeConfigurations",
+ "traits": {
+ "smithy.api#documentation": "The configuration for a volume specified in the task definition as a volume that is\n\t\t\tconfigured at launch time. Currently, the only supported volume type is an Amazon EBS\n\t\t\tvolume.
"
+ }
}
},
"traits": {
@@ -3443,7 +3449,7 @@
"taskDefinition": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The task definition for the tasks in the task set to use. If a revision isn't specified, the\n\t\t\tlatest ACTIVE revision is used.
",
+ "smithy.api#documentation": "The task definition for the tasks in the task set to use. If a revision isn't\n\t\t\tspecified, the latest ACTIVE revision is used.
",
"smithy.api#required": {}
}
},
@@ -3540,7 +3546,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Disables an account setting for a specified user, role, or the root user for\n\t\t\tan account.
",
+ "smithy.api#documentation": "Disables an account setting for a specified user, role, or the root user for an\n\t\t\taccount.
",
"smithy.api#examples": [
{
"title": "To delete your account setting",
@@ -3587,7 +3593,7 @@
"principalArn": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the principal. It can be an user, role, or\n\t\t\tthe root user. If you specify the root user, it disables the account setting for all users, roles, and the root user of the account unless a user or role explicitly\n\t\t\toverrides these settings. If this field is omitted, the setting is changed only for the\n\t\t\tauthenticated user.
"
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the principal. It can be an user, role, or the\n\t\t\troot user. If you specify the root user, it disables the account setting for all users, roles,\n\t\t\tand the root user of the account unless a user or role explicitly overrides these settings.\n\t\t\tIf this field is omitted, the setting is changed only for the authenticated user.
"
}
}
},
@@ -3909,7 +3915,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes one or more task definitions.
\n You must deregister a task definition revision before you delete it. For more information,\n\t\t\tsee DeregisterTaskDefinition.
\n When you delete a task definition revision, it is immediately transitions from the\n\t\tINACTIVE to DELETE_IN_PROGRESS. Existing tasks and services\n\t\tthat reference a DELETE_IN_PROGRESS task definition revision continue to run\n\t\twithout disruption. Existing services that reference a DELETE_IN_PROGRESS task\n\t\tdefinition revision can still scale up or down by modifying the service's desired\n\t\tcount.
\n You can't use a DELETE_IN_PROGRESS task definition revision to run new tasks\n\t\t\tor create new services. You also can't update an existing service to reference a\n\t\t\tDELETE_IN_PROGRESS task definition revision.
\n A task definition revision will stay in DELETE_IN_PROGRESS status until\n\t\t\tall the associated tasks and services have been terminated.
\n When you delete all INACTIVE task definition revisions, the task definition name is not displayed in the console and not returned in the API. If a task definition revisions are in the DELETE_IN_PROGRESS state, the task definition name is displayed in the console and returned in the API. The task definition name is retained by Amazon ECS and the revision is incremented the next time you create a task definition with that name.
"
+ "smithy.api#documentation": "Deletes one or more task definitions.
\n You must deregister a task definition revision before you delete it. For more\n\t\t\tinformation, see DeregisterTaskDefinition.
\n When you delete a task definition revision, it is immediately transitions from the\n\t\t\t\tINACTIVE to DELETE_IN_PROGRESS. Existing tasks and\n\t\t\tservices that reference a DELETE_IN_PROGRESS task definition revision\n\t\t\tcontinue to run without disruption. Existing services that reference a\n\t\t\t\tDELETE_IN_PROGRESS task definition revision can still scale up or down\n\t\t\tby modifying the service's desired count.
\n You can't use a DELETE_IN_PROGRESS task definition revision to run new\n\t\t\ttasks or create new services. You also can't update an existing service to reference a\n\t\t\t\tDELETE_IN_PROGRESS task definition revision.
\n A task definition revision will stay in DELETE_IN_PROGRESS status until\n\t\t\tall the associated tasks and services have been terminated.
\n When you delete all INACTIVE task definition revisions, the task\n\t\t\tdefinition name is not displayed in the console and not returned in the API. If a task\n\t\t\tdefinition revisions are in the DELETE_IN_PROGRESS state, the task\n\t\t\tdefinition name is displayed in the console and returned in the API. The task definition\n\t\t\tname is retained by Amazon ECS and the revision is incremented the next time you create a\n\t\t\ttask definition with that name.
"
}
},
"com.amazonaws.ecs#DeleteTaskDefinitionsRequest": {
@@ -4151,6 +4157,12 @@
"traits": {
"smithy.api#documentation": "The list of Service Connect resources that are associated with this deployment. Each\n\t\t\tlist entry maps a discovery name to a Cloud Map service name.
"
}
+ },
+ "volumeConfigurations": {
+ "target": "com.amazonaws.ecs#ServiceVolumeConfigurations",
+ "traits": {
+ "smithy.api#documentation": "The details of the volume that was configuredAtLaunch. You can configure\n\t\t\tdifferent settings like the size, throughput, volumeType, and ecryption in ServiceManagedEBSVolumeConfiguration. The name of the volume\n\t\t\tmust match the name from the task definition.
"
+ }
}
},
"traits": {
@@ -4171,7 +4183,7 @@
"target": "com.amazonaws.ecs#Boolean",
"traits": {
"smithy.api#default": false,
- "smithy.api#documentation": "Determines whether to use the CloudWatch alarm option in the service deployment process.
",
+ "smithy.api#documentation": "Determines whether to use the CloudWatch alarm option in the service deployment\n\t\t\tprocess.
",
"smithy.api#required": {}
}
},
@@ -4185,7 +4197,7 @@
}
},
"traits": {
- "smithy.api#documentation": "One of the methods which provide a way for you to quickly identify when a deployment\n\t\t\thas failed, and then to optionally roll back the failure to the last working\n\t\t\tdeployment.
\n When the alarms are generated, Amazon ECS sets the service deployment to failed. Set the rollback\n\t\t\tparameter to have Amazon ECS to roll back your service to the last completed deployment\n\t\t\tafter a failure.
\n You can only use the DeploymentAlarms method to detect failures when the\n\t\t\t\tDeploymentController is set to ECS (rolling\n\t\t\tupdate).
\n For more information, see Rolling\n\t\t\t\tupdate in the \n Amazon Elastic Container Service Developer Guide\n .
"
+ "smithy.api#documentation": "One of the methods which provide a way for you to quickly identify when a deployment\n\t\t\thas failed, and then to optionally roll back the failure to the last working\n\t\t\tdeployment.
\n When the alarms are generated, Amazon ECS sets the service deployment to failed. Set the\n\t\t\trollback parameter to have Amazon ECS to roll back your service to the last completed\n\t\t\tdeployment after a failure.
\n You can only use the DeploymentAlarms method to detect failures when the\n\t\t\t\tDeploymentController is set to ECS (rolling\n\t\t\tupdate).
\n For more information, see Rolling\n\t\t\t\tupdate in the \n Amazon Elastic Container Service Developer Guide\n .
"
}
},
"com.amazonaws.ecs#DeploymentCircuitBreaker": {
@@ -4209,7 +4221,7 @@
}
},
"traits": {
- "smithy.api#documentation": "\n The deployment circuit breaker can only be used for services using the rolling\n\t\t\t\tupdate (ECS) deployment type.
\n \n The deployment circuit breaker determines whether a\n\t\t\tservice deployment will fail if the service can't reach a steady state. If it is turned on, a\n\t\t\tservice deployment will transition to a failed state and stop launching new tasks. You\n\t\t\tcan also configure Amazon ECS to roll back your service to the last completed deployment\n\t\t\tafter a failure. For more information, see Rolling\n\t\t\t\tupdate in the Amazon Elastic Container Service Developer Guide.
\n For more information about API failure reasons, see API failure reasons in the Amazon Elastic Container Service Developer Guide.
"
+ "smithy.api#documentation": "\n The deployment circuit breaker can only be used for services using the rolling\n\t\t\t\tupdate (ECS) deployment type.
\n \n The deployment circuit breaker determines whether a\n\t\t\tservice deployment will fail if the service can't reach a steady state. If it is turned\n\t\t\ton, a service deployment will transition to a failed state and stop launching new tasks.\n\t\t\tYou can also configure Amazon ECS to roll back your service to the last completed deployment\n\t\t\tafter a failure. For more information, see Rolling\n\t\t\t\tupdate in the Amazon Elastic Container Service Developer Guide.
\n For more information about API failure reasons, see API failure\n\t\t\t\treasons in the Amazon Elastic Container Service Developer Guide.
"
}
},
"com.amazonaws.ecs#DeploymentConfiguration": {
@@ -4218,7 +4230,7 @@
"deploymentCircuitBreaker": {
"target": "com.amazonaws.ecs#DeploymentCircuitBreaker",
"traits": {
- "smithy.api#documentation": "\n The deployment circuit breaker can only be used for services using the rolling\n\t\t\t\tupdate (ECS) deployment type.
\n \n The deployment circuit breaker determines whether a\n\t\t\tservice deployment will fail if the service can't reach a steady state. If you use the deployment\n\t\t\tcircuit breaker, a service deployment will transition to a failed state and\n\t\t\tstop launching new tasks. If you use the rollback option, when a service deployment fails, the\n\t\t\tservice is rolled back to the last deployment that completed successfully. For more information, see Rolling\n\t\t\t\tupdate in the Amazon Elastic Container Service Developer\n\t\t\t\t\tGuide\n
"
+ "smithy.api#documentation": "\n The deployment circuit breaker can only be used for services using the rolling\n\t\t\t\tupdate (ECS) deployment type.
\n \n The deployment circuit breaker determines whether a\n\t\t\tservice deployment will fail if the service can't reach a steady state. If you use the\n\t\t\tdeployment circuit breaker, a service deployment will transition to a failed state and\n\t\t\tstop launching new tasks. If you use the rollback option, when a service deployment\n\t\t\tfails, the service is rolled back to the last deployment that completed successfully.\n\t\t\tFor more information, see Rolling\n\t\t\t\tupdate in the Amazon Elastic Container Service Developer\n\t\t\t\tGuide\n
"
}
},
"maximumPercent": {
@@ -4410,7 +4422,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deregisters the specified task definition by family and revision. Upon deregistration, the\n\t\t\ttask definition is marked as INACTIVE. Existing tasks and services that\n\t\t\treference an INACTIVE task definition continue to run without disruption.\n\t\t\tExisting services that reference an INACTIVE task definition can still\n\t\t\tscale up or down by modifying the service's desired count. If you want to delete a task\n\t\t\tdefinition revision, you must first deregister the task definition revision.
\n You can't use an INACTIVE task definition to run new tasks or create new\n\t\t\tservices, and you can't update an existing service to reference an INACTIVE\n\t\t\ttask definition. However, there may be up to a 10-minute window following deregistration\n\t\t\twhere these restrictions have not yet taken effect.
\n \n At this time, INACTIVE task definitions remain discoverable in your\n\t\t\t\taccount indefinitely. However, this behavior is subject to change in the future. We\n\t\t\t\tdon't recommend that you rely on INACTIVE task definitions persisting\n\t\t\t\tbeyond the lifecycle of any associated tasks and services.
\n \n You must deregister a task definition revision before you delete it. For more information,\n\t\t\tsee DeleteTaskDefinitions.
"
+ "smithy.api#documentation": "Deregisters the specified task definition by family and revision. Upon deregistration,\n\t\t\tthe task definition is marked as INACTIVE. Existing tasks and services that\n\t\t\treference an INACTIVE task definition continue to run without disruption.\n\t\t\tExisting services that reference an INACTIVE task definition can still\n\t\t\tscale up or down by modifying the service's desired count. If you want to delete a task\n\t\t\tdefinition revision, you must first deregister the task definition revision.
\n You can't use an INACTIVE task definition to run new tasks or create new\n\t\t\tservices, and you can't update an existing service to reference an INACTIVE\n\t\t\ttask definition. However, there may be up to a 10-minute window following deregistration\n\t\t\twhere these restrictions have not yet taken effect.
\n \n At this time, INACTIVE task definitions remain discoverable in your\n\t\t\t\taccount indefinitely. However, this behavior is subject to change in the future. We\n\t\t\t\tdon't recommend that you rely on INACTIVE task definitions persisting\n\t\t\t\tbeyond the lifecycle of any associated tasks and services.
\n \n You must deregister a task definition revision before you delete it. For more\n\t\t\tinformation, see DeleteTaskDefinitions.
"
}
},
"com.amazonaws.ecs#DeregisterTaskDefinitionRequest": {
@@ -5546,19 +5558,75 @@
"smithy.api#default": 0
}
},
+ "com.amazonaws.ecs#EBSKMSKeyId": {
+ "type": "string"
+ },
+ "com.amazonaws.ecs#EBSResourceType": {
+ "type": "enum",
+ "members": {
+ "VOLUME": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "volume"
+ }
+ }
+ }
+ },
+ "com.amazonaws.ecs#EBSSnapshotId": {
+ "type": "string"
+ },
+ "com.amazonaws.ecs#EBSTagSpecification": {
+ "type": "structure",
+ "members": {
+ "resourceType": {
+ "target": "com.amazonaws.ecs#EBSResourceType",
+ "traits": {
+ "smithy.api#documentation": "The type of volume resource.
",
+ "smithy.api#required": {}
+ }
+ },
+ "tags": {
+ "target": "com.amazonaws.ecs#Tags",
+ "traits": {
+ "smithy.api#documentation": "The tags applied to this Amazon EBS volume. AmazonECSCreated and\n\t\t\t\tAmazonECSManaged are reserved tags that can't be used.
"
+ }
+ },
+ "propagateTags": {
+ "target": "com.amazonaws.ecs#PropagateTags",
+ "traits": {
+ "smithy.api#documentation": "Determines whether to propagate the tags from the task definition to \u2028the Amazon EBS\n\t\t\tvolume. Tags can only propagate to a SERVICE specified in\n\t\t\t\t\u2028ServiceVolumeConfiguration. If no value is specified, the tags aren't\n\t\t\t\u2028propagated.
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "The tag specifications of an Amazon EBS volume.
"
+ }
+ },
+ "com.amazonaws.ecs#EBSTagSpecifications": {
+ "type": "list",
+ "member": {
+ "target": "com.amazonaws.ecs#EBSTagSpecification"
+ }
+ },
+ "com.amazonaws.ecs#EBSVolumeType": {
+ "type": "string"
+ },
+ "com.amazonaws.ecs#ECSVolumeName": {
+ "type": "string"
+ },
"com.amazonaws.ecs#EFSAuthorizationConfig": {
"type": "structure",
"members": {
"accessPointId": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The Amazon EFS access point ID to use. If an access point is specified, the root directory\n\t\t\tvalue specified in the EFSVolumeConfiguration must either be omitted or set\n\t\t\tto / which will enforce the path set on the EFS access point. If an access\n\t\t\tpoint is used, transit encryption must be on in the\n\t\t\t\tEFSVolumeConfiguration. For more information, see Working with Amazon\n\t\t\t\tEFS access points in the Amazon Elastic File System User Guide.
"
+ "smithy.api#documentation": "The Amazon EFS access point ID to use. If an access point is specified, the root directory\n\t\t\tvalue specified in the EFSVolumeConfiguration must either be omitted or set\n\t\t\tto / which will enforce the path set on the EFS access point. If an access\n\t\t\tpoint is used, transit encryption must be on in the EFSVolumeConfiguration.\n\t\t\tFor more information, see Working with Amazon EFS access\n\t\t\t\tpoints in the Amazon Elastic File System User Guide.
"
}
},
"iam": {
"target": "com.amazonaws.ecs#EFSAuthorizationConfigIAM",
"traits": {
- "smithy.api#documentation": "Determines whether to use the Amazon ECS task role defined in a task definition when\n\t\t\tmounting the Amazon EFS file system. If it is turned on, transit encryption must be turned on in the\n\t\t\t\tEFSVolumeConfiguration. If this parameter is omitted, the default value\n\t\t\tof DISABLED is used. For more information, see Using\n\t\t\t\tAmazon EFS access points in the Amazon Elastic Container Service Developer Guide.
"
+ "smithy.api#documentation": "Determines whether to use the Amazon ECS task role defined in a task definition when\n\t\t\tmounting the Amazon EFS file system. If it is turned on, transit encryption must be turned on\n\t\t\tin the EFSVolumeConfiguration. If this parameter is omitted, the default\n\t\t\tvalue of DISABLED is used. For more information, see Using\n\t\t\t\tAmazon EFS access points in the Amazon Elastic Container Service Developer Guide.
"
}
}
},
@@ -5619,7 +5687,7 @@
"transitEncryption": {
"target": "com.amazonaws.ecs#EFSTransitEncryption",
"traits": {
- "smithy.api#documentation": "Determines whether to use encryption for Amazon EFS data in transit between the Amazon ECS host\n\t\t\tand the Amazon EFS server. Transit encryption must be turned on if Amazon EFS IAM authorization is\n\t\t\tused. If this parameter is omitted, the default value of DISABLED is used.\n\t\t\tFor more information, see Encrypting data in transit in\n\t\t\tthe Amazon Elastic File System User Guide.
"
+ "smithy.api#documentation": "Determines whether to use encryption for Amazon EFS data in transit between the Amazon ECS host\n\t\t\tand the Amazon EFS server. Transit encryption must be turned on if Amazon EFS IAM authorization\n\t\t\tis used. If this parameter is omitted, the default value of DISABLED is\n\t\t\tused. For more information, see Encrypting data in transit in\n\t\t\tthe Amazon Elastic File System User Guide.
"
}
},
"transitEncryptionPort": {
@@ -5658,7 +5726,7 @@
}
},
"traits": {
- "smithy.api#documentation": "A list of files containing the environment variables to pass to a container. You can specify\n\t\t\tup to ten environment files. The file must have a .env file extension. Each\n\t\t\tline in an environment file should contain an environment variable in\n\t\t\t\tVARIABLE=VALUE format. Lines beginning with # are treated\n\t\t\tas comments and are ignored.
\n If there are environment variables specified using the environment\n\t\t\tparameter in a container definition, they take precedence over the variables contained\n\t\t\twithin an environment file. If multiple environment files are specified that contain the\n\t\t\tsame variable, they're processed from the top down. We recommend that you use unique\n\t\t\tvariable names. For more information, see Specifying environment\n\t\t\t\tvariables in the Amazon Elastic Container Service Developer Guide.
\n You must use the following platforms for the Fargate launch type:
\n \n Consider the following when using the Fargate launch type:
\n \n - \n
The file is handled like a native Docker env-file.
\n \n - \n
There is no support for shell escape handling.
\n \n - \n
The container entry point interperts the VARIABLE values.
\n \n
"
+ "smithy.api#documentation": "A list of files containing the environment variables to pass to a container. You can\n\t\t\tspecify up to ten environment files. The file must have a .env file\n\t\t\textension. Each line in an environment file should contain an environment variable in\n\t\t\t\tVARIABLE=VALUE format. Lines beginning with # are treated\n\t\t\tas comments and are ignored.
\n If there are environment variables specified using the environment\n\t\t\tparameter in a container definition, they take precedence over the variables contained\n\t\t\twithin an environment file. If multiple environment files are specified that contain the\n\t\t\tsame variable, they're processed from the top down. We recommend that you use unique\n\t\t\tvariable names. For more information, see Specifying environment\n\t\t\t\tvariables in the Amazon Elastic Container Service Developer Guide.
\n You must use the following platforms for the Fargate launch type:
\n \n Consider the following when using the Fargate launch type:
\n \n - \n
The file is handled like a native Docker env-file.
\n \n - \n
There is no support for shell escape handling.
\n \n - \n
The container entry point interperts the VARIABLE values.
\n \n
"
}
},
"com.amazonaws.ecs#EnvironmentFileType": {
@@ -5697,7 +5765,7 @@
}
},
"traits": {
- "smithy.api#documentation": "The amount of ephemeral storage to allocate for the task. This parameter is used to\n\t\t\texpand the total amount of ephemeral storage available, beyond the default amount, for\n\t\t\ttasks hosted on Fargate. For more information, see Fargate task\n\t\t\t\tstorage in the Amazon ECS User Guide for Fargate.
\n \n For tasks using the Fargate launch type, the task requires\n\t\t\t\tthe following platforms:
\n \n "
+ "smithy.api#documentation": "The amount of ephemeral storage to allocate for the task. This parameter is used to\n\t\t\texpand the total amount of ephemeral storage available, beyond the default amount, for\n\t\t\ttasks hosted on Fargate. For more information, see Fargate task\n\t\t\t\tstorage in the Amazon ECS User Guide for Fargate.
\n \n For tasks using the Fargate launch type, the task requires the\n\t\t\t\tfollowing platforms:
\n \n "
}
},
"com.amazonaws.ecs#ExecuteCommand": {
@@ -5729,7 +5797,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Runs a command remotely on a container within a task.
\n If you use a condition key in your IAM policy to refine the conditions for the policy\n\t\t\tstatement, for example limit the actions to a specific cluster, you receive an\n\t\t\t\tAccessDeniedException when there is a mismatch between the condition\n\t\t\tkey value and the corresponding parameter value.
\n For information about required permissions and considerations, see Using Amazon ECS Exec for\n\t\t\tdebugging in the Amazon ECS Developer Guide.
"
+ "smithy.api#documentation": "Runs a command remotely on a container within a task.
\n If you use a condition key in your IAM policy to refine the conditions for the\n\t\t\tpolicy statement, for example limit the actions to a specific cluster, you receive an\n\t\t\t\tAccessDeniedException when there is a mismatch between the condition\n\t\t\tkey value and the corresponding parameter value.
\n For information about required permissions and considerations, see Using Amazon ECS\n\t\t\t\tExec for debugging in the Amazon ECS Developer Guide.\n\t\t
"
}
},
"com.amazonaws.ecs#ExecuteCommandConfiguration": {
@@ -5771,7 +5839,7 @@
"target": "com.amazonaws.ecs#Boolean",
"traits": {
"smithy.api#default": false,
- "smithy.api#documentation": "Determines whether to use encryption on the CloudWatch logs. If not specified, encryption\n\t\t\twill be off.
"
+ "smithy.api#documentation": "Determines whether to use encryption on the CloudWatch logs. If not specified,\n\t\t\tencryption will be off.
"
}
},
"s3BucketName": {
@@ -6122,7 +6190,7 @@
"protectedTasks": {
"target": "com.amazonaws.ecs#ProtectedTasks",
"traits": {
- "smithy.api#documentation": "A list of tasks with the following information.
\n \n - \n
\n taskArn: The task ARN.
\n \n - \n
\n protectionEnabled: The protection status of the task. If scale-in\n\t\t\t\t\tprotection is turned on for a task, the value is true. Otherwise, it\n\t\t\t\t\tis false.
\n \n - \n
\n expirationDate: The epoch time when protection for the task will\n\t\t\t\t\texpire.
\n \n
"
+ "smithy.api#documentation": "A list of tasks with the following information.
\n \n - \n
\n taskArn: The task ARN.
\n \n - \n
\n protectionEnabled: The protection status of the task. If scale-in\n\t\t\t\t\tprotection is turned on for a task, the value is true. Otherwise,\n\t\t\t\t\tit is false.
\n \n - \n
\n expirationDate: The epoch time when protection for the task will\n\t\t\t\t\texpire.
\n \n
"
}
},
"failures": {
@@ -6148,7 +6216,7 @@
"command": {
"target": "com.amazonaws.ecs#StringList",
"traits": {
- "smithy.api#documentation": "A string array representing the command that the container runs to determine if it is\n\t\t\thealthy. The string array must start with CMD to run the command arguments\n\t\t\tdirectly, or CMD-SHELL to run the command with the container's default\n\t\t\tshell.
\n When you use the Amazon Web Services Management Console JSON panel, the Command Line Interface, or the APIs, enclose the list of\n\t\t\tcommands in double quotes and brackets.
\n \n [ \"CMD-SHELL\", \"curl -f http://localhost/ || exit 1\" ]\n
\n You don't include the double quotes and brackets when you use the Amazon Web Services Management Console.
\n \n CMD-SHELL, curl -f http://localhost/ || exit 1\n
\n An exit code of 0 indicates success, and non-zero exit code indicates failure. For\n\t\t\tmore information, see HealthCheck in the Create a container\n\t\t\tsection of the Docker Remote API.
",
+ "smithy.api#documentation": "A string array representing the command that the container runs to determine if it is\n\t\t\thealthy. The string array must start with CMD to run the command arguments\n\t\t\tdirectly, or CMD-SHELL to run the command with the container's default\n\t\t\tshell.
\n When you use the Amazon Web Services Management Console JSON panel, the Command Line Interface, or the APIs, enclose the list\n\t\t\tof commands in double quotes and brackets.
\n \n [ \"CMD-SHELL\", \"curl -f http://localhost/ || exit 1\" ]\n
\n You don't include the double quotes and brackets when you use the Amazon Web Services Management Console.
\n \n CMD-SHELL, curl -f http://localhost/ || exit 1\n
\n An exit code of 0 indicates success, and non-zero exit code indicates failure. For\n\t\t\tmore information, see HealthCheck in the Create a container\n\t\t\tsection of the Docker Remote API.
",
"smithy.api#required": {}
}
},
@@ -6178,7 +6246,7 @@
}
},
"traits": {
- "smithy.api#documentation": "An object representing a container health check. Health check parameters that are\n\t\t\tspecified in a container definition override any Docker health checks that exist in the\n\t\t\tcontainer image (such as those specified in a parent image or from the image's\n\t\t\tDockerfile). This configuration maps to the HEALTHCHECK parameter of docker run.
\n \n The Amazon ECS container agent only monitors and reports on the health checks specified\n\t\t\t\tin the task definition. Amazon ECS does not monitor Docker health checks that are\n\t\t\t\tembedded in a container image and not specified in the container definition. Health\n\t\t\t\tcheck parameters that are specified in a container definition override any Docker\n\t\t\t\thealth checks that exist in the container image.
\n \n You can view the health status of both individual containers and a task with the\n\t\t\tDescribeTasks API operation or when viewing the task details in the console.
\n The health check is designed to make sure that your containers survive agent restarts,\n\t\t\tupgrades, or temporary unavailability.
\n The following describes the possible healthStatus values for a\n\t\t\tcontainer:
\n \n - \n
\n HEALTHY-The container health check has passed\n\t\t\t\t\tsuccessfully.
\n \n - \n
\n UNHEALTHY-The container health check has failed.
\n \n - \n
\n UNKNOWN-The container health check is being evaluated,\n\t\t\t\t\tthere's no container health check defined, or Amazon ECS doesn't have the health\n\t\t\t\t\tstatus of the container.
\n \n
\n The following describes the possible healthStatus values based on the\n\t\t\tcontainer health checker status of essential containers in the task with the following\n\t\t\tpriority order (high to low):
\n \n - \n
\n UNHEALTHY-One or more essential containers have failed\n\t\t\t\t\ttheir health check.
\n \n - \n
\n UNKNOWN-Any essential container running within the task is\n\t\t\t\t\tin an UNKNOWN state and no other essential containers have an\n\t\t\t\t\t\tUNHEALTHY state.
\n \n - \n
\n HEALTHY-All essential containers within the task have\n\t\t\t\t\tpassed their health checks.
\n \n
\n Consider the following task health example with 2 containers.
\n \n - \n
If Container1 is UNHEALTHY and Container2 is\n\t\t\t\t\tUNKNOWN, the task health is UNHEALTHY.
\n \n - \n
If Container1 is UNHEALTHY and Container2 is\n\t\t\t\t\tHEALTHY, the task health is UNHEALTHY.
\n \n - \n
If Container1 is HEALTHY and Container2 is UNKNOWN,\n\t\t\t\t\tthe task health is UNKNOWN.
\n \n - \n
If Container1 is HEALTHY and Container2 is HEALTHY,\n\t\t\t\t\tthe task health is HEALTHY.
\n \n
\n Consider the following task health example with 3 containers.
\n \n - \n
If Container1 is UNHEALTHY and Container2 is UNKNOWN, and Container3\n\t\t\t\t\tis UNKNOWN, the task health is UNHEALTHY.
\n \n - \n
If Container1 is UNHEALTHY and Container2 is UNKNOWN, and Container3\n\t\t\t\t\tis HEALTHY, the task health is UNHEALTHY.
\n \n - \n
If Container1 is UNHEALTHY and Container2 is HEALTHY, and Container3\n\t\t\t\t\tis HEALTHY, the task health is UNHEALTHY.
\n \n - \n
If Container1 is HEALTHY and Container2 is UNKNOWN, and Container3\n\t\t\t\t\tis HEALTHY, the task health is UNKNOWN.
\n \n - \n
If Container1 is HEALTHY and Container2 is UNKNOWN,\n\t\t\t\t\tand Container3 is UNKNOWN, the task health is\n\t\t\t\t\tUNKNOWN.
\n \n - \n
If Container1 is HEALTHY and Container2 is HEALTHY,\n\t\t\t\t\tand Container3 is HEALTHY, the task health is\n\t\t\t\t\tHEALTHY.
\n \n
\n If a task is run manually, and not as part of a service, the task will continue its\n\t\t\tlifecycle regardless of its health status. For tasks that are part of a service, if the\n\t\t\ttask reports as unhealthy then the task will be stopped and the service scheduler will\n\t\t\treplace it.
\n The following are notes about container health check support:
\n \n - \n
When the Amazon ECS agent cannot connect to the Amazon ECS service, the service reports\n\t\t\t\t\tthe container as UNHEALTHY.
\n \n - \n
The health check statuses are the \"last heard from\" response from the Amazon ECS\n\t\t\t\t\tagent. There are no assumptions made about the status of the container health\n\t\t\t\t\tchecks.
\n \n - \n
Container health checks require version 1.17.0 or greater of the Amazon ECS\n\t\t\t\t\tcontainer agent. For more information, see Updating the\n\t\t\t\t\t\tAmazon ECS container agent.
\n \n - \n
Container health checks are supported for Fargate tasks if\n\t\t\t\t\tyou're using platform version 1.1.0 or greater. For more\n\t\t\t\t\tinformation, see Fargate\n\t\t\t\t\t\tplatform versions.
\n \n - \n
Container health checks aren't supported for tasks that are part of a service\n\t\t\t\t\tthat's configured to use a Classic Load Balancer.
\n \n
"
+ "smithy.api#documentation": "An object representing a container health check. Health check parameters that are\n\t\t\tspecified in a container definition override any Docker health checks that exist in the\n\t\t\tcontainer image (such as those specified in a parent image or from the image's\n\t\t\tDockerfile). This configuration maps to the HEALTHCHECK parameter of docker run.
\n \n The Amazon ECS container agent only monitors and reports on the health checks specified\n\t\t\t\tin the task definition. Amazon ECS does not monitor Docker health checks that are\n\t\t\t\tembedded in a container image and not specified in the container definition. Health\n\t\t\t\tcheck parameters that are specified in a container definition override any Docker\n\t\t\t\thealth checks that exist in the container image.
\n \n You can view the health status of both individual containers and a task with the\n\t\t\tDescribeTasks API operation or when viewing the task details in the console.
\n The health check is designed to make sure that your containers survive agent restarts,\n\t\t\tupgrades, or temporary unavailability.
\n The following describes the possible healthStatus values for a\n\t\t\tcontainer:
\n \n - \n
\n HEALTHY-The container health check has passed\n\t\t\t\t\tsuccessfully.
\n \n - \n
\n UNHEALTHY-The container health check has failed.
\n \n - \n
\n UNKNOWN-The container health check is being evaluated,\n\t\t\t\t\tthere's no container health check defined, or Amazon ECS doesn't have the health\n\t\t\t\t\tstatus of the container.
\n \n
\n The following describes the possible healthStatus values based on the\n\t\t\tcontainer health checker status of essential containers in the task with the following\n\t\t\tpriority order (high to low):
\n \n - \n
\n UNHEALTHY-One or more essential containers have failed\n\t\t\t\t\ttheir health check.
\n \n - \n
\n UNKNOWN-Any essential container running within the task is\n\t\t\t\t\tin an UNKNOWN state and no other essential containers have an\n\t\t\t\t\t\tUNHEALTHY state.
\n \n - \n
\n HEALTHY-All essential containers within the task have\n\t\t\t\t\tpassed their health checks.
\n \n
\n Consider the following task health example with 2 containers.
\n \n - \n
If Container1 is UNHEALTHY and Container2 is\n\t\t\t\t\tUNKNOWN, the task health is UNHEALTHY.
\n \n - \n
If Container1 is UNHEALTHY and Container2 is\n\t\t\t\t\tHEALTHY, the task health is UNHEALTHY.
\n \n - \n
If Container1 is HEALTHY and Container2 is UNKNOWN,\n\t\t\t\t\tthe task health is UNKNOWN.
\n \n - \n
If Container1 is HEALTHY and Container2 is HEALTHY,\n\t\t\t\t\tthe task health is HEALTHY.
\n \n
\n Consider the following task health example with 3 containers.
\n \n - \n
If Container1 is UNHEALTHY and Container2 is\n\t\t\t\t\tUNKNOWN, and Container3 is UNKNOWN, the task health is\n\t\t\t\t\t\tUNHEALTHY.
\n \n - \n
If Container1 is UNHEALTHY and Container2 is\n\t\t\t\t\tUNKNOWN, and Container3 is HEALTHY, the task health is\n\t\t\t\t\t\tUNHEALTHY.
\n \n - \n
If Container1 is UNHEALTHY and Container2 is\n\t\t\t\t\tHEALTHY, and Container3 is HEALTHY, the task health is\n\t\t\t\t\t\tUNHEALTHY.
\n \n - \n
If Container1 is HEALTHY and Container2 is UNKNOWN,\n\t\t\t\t\tand Container3 is HEALTHY, the task health is\n\t\t\t\t\tUNKNOWN.
\n \n - \n
If Container1 is HEALTHY and Container2 is UNKNOWN,\n\t\t\t\t\tand Container3 is UNKNOWN, the task health is\n\t\t\t\t\tUNKNOWN.
\n \n - \n
If Container1 is HEALTHY and Container2 is HEALTHY,\n\t\t\t\t\tand Container3 is HEALTHY, the task health is\n\t\t\t\t\tHEALTHY.
\n \n
\n If a task is run manually, and not as part of a service, the task will continue its\n\t\t\tlifecycle regardless of its health status. For tasks that are part of a service, if the\n\t\t\ttask reports as unhealthy then the task will be stopped and the service scheduler will\n\t\t\treplace it.
\n The following are notes about container health check support:
\n \n - \n
When the Amazon ECS agent cannot connect to the Amazon ECS service, the service reports\n\t\t\t\t\tthe container as UNHEALTHY.
\n \n - \n
The health check statuses are the \"last heard from\" response from the Amazon ECS\n\t\t\t\t\tagent. There are no assumptions made about the status of the container health\n\t\t\t\t\tchecks.
\n \n - \n
Container health checks require version 1.17.0 or greater of the Amazon ECS\n\t\t\t\t\tcontainer agent. For more information, see Updating the\n\t\t\t\t\t\tAmazon ECS container agent.
\n \n - \n
Container health checks are supported for Fargate tasks if\n\t\t\t\t\tyou're using platform version 1.1.0 or greater. For more\n\t\t\t\t\tinformation, see Fargate\n\t\t\t\t\t\tplatform versions.
\n \n - \n
Container health checks aren't supported for tasks that are part of a service\n\t\t\t\t\tthat's configured to use a Classic Load Balancer.
\n \n
"
}
},
"com.amazonaws.ecs#HealthStatus": {
@@ -6246,6 +6314,9 @@
"smithy.api#documentation": "Details on a container instance bind mount host volume.
"
}
},
+ "com.amazonaws.ecs#IAMRoleArn": {
+ "type": "string"
+ },
"com.amazonaws.ecs#InferenceAccelerator": {
"type": "structure",
"members": {
@@ -6265,7 +6336,7 @@
}
},
"traits": {
- "smithy.api#documentation": "Details on an Elastic Inference accelerator. For more information, see Working with Amazon Elastic Inference on\n\t\t\t\tAmazon ECS in the Amazon Elastic Container Service Developer Guide.
"
+ "smithy.api#documentation": "Details on an Elastic Inference accelerator. For more information, see Working with Amazon Elastic Inference on Amazon ECS in the\n\t\t\tAmazon Elastic Container Service Developer Guide.
"
}
},
"com.amazonaws.ecs#InferenceAcceleratorOverride": {
@@ -6536,13 +6607,13 @@
"maxSwap": {
"target": "com.amazonaws.ecs#BoxedInteger",
"traits": {
- "smithy.api#documentation": "The total amount of swap memory (in MiB) a container can use. This parameter will be\n\t\t\ttranslated to the --memory-swap option to docker run where the value would be the sum of\n\t\t\tthe container memory plus the maxSwap value.
\n If a maxSwap value of 0 is specified, the container will not\n\t\t\tuse swap. Accepted values are 0 or any positive integer. If the\n\t\t\t\tmaxSwap parameter is omitted, the container will use the swap\n\t\t\tconfiguration for the container instance it is running on. A maxSwap value\n\t\t\tmust be set for the swappiness parameter to be used.
\n \n If you're using tasks that use the Fargate launch type, the\n\t\t\t\t\tmaxSwap parameter isn't supported.
\n If you're using tasks on Amazon Linux 2023 the swappiness parameter isn't supported.
\n "
+ "smithy.api#documentation": "The total amount of swap memory (in MiB) a container can use. This parameter will be\n\t\t\ttranslated to the --memory-swap option to docker run where the value would be the sum of\n\t\t\tthe container memory plus the maxSwap value.
\n If a maxSwap value of 0 is specified, the container will not\n\t\t\tuse swap. Accepted values are 0 or any positive integer. If the\n\t\t\t\tmaxSwap parameter is omitted, the container will use the swap\n\t\t\tconfiguration for the container instance it is running on. A maxSwap value\n\t\t\tmust be set for the swappiness parameter to be used.
\n \n If you're using tasks that use the Fargate launch type, the\n\t\t\t\t\tmaxSwap parameter isn't supported.
\n If you're using tasks on Amazon Linux 2023 the swappiness parameter isn't\n\t\t\t\tsupported.
\n "
}
},
"swappiness": {
"target": "com.amazonaws.ecs#BoxedInteger",
"traits": {
- "smithy.api#documentation": "This allows you to tune a container's memory swappiness behavior. A\n\t\t\t\tswappiness value of 0 will cause swapping to not happen\n\t\t\tunless absolutely necessary. A swappiness value of 100 will\n\t\t\tcause pages to be swapped very aggressively. Accepted values are whole numbers between\n\t\t\t\t0 and 100. If the swappiness parameter is not\n\t\t\tspecified, a default value of 60 is used. If a value is not specified for\n\t\t\t\tmaxSwap then this parameter is ignored. This parameter maps to the\n\t\t\t\t--memory-swappiness option to docker run.
\n \n If you're using tasks that use the Fargate launch type, the\n\t\t\t\t\tswappiness parameter isn't supported.
\n If you're using tasks on Amazon Linux 2023 the swappiness parameter isn't supported.
\n "
+ "smithy.api#documentation": "This allows you to tune a container's memory swappiness behavior. A\n\t\t\t\tswappiness value of 0 will cause swapping to not happen\n\t\t\tunless absolutely necessary. A swappiness value of 100 will\n\t\t\tcause pages to be swapped very aggressively. Accepted values are whole numbers between\n\t\t\t\t0 and 100. If the swappiness parameter is not\n\t\t\tspecified, a default value of 60 is used. If a value is not specified for\n\t\t\t\tmaxSwap then this parameter is ignored. This parameter maps to the\n\t\t\t\t--memory-swappiness option to docker run.
\n \n If you're using tasks that use the Fargate launch type, the\n\t\t\t\t\tswappiness parameter isn't supported.
\n If you're using tasks on Amazon Linux 2023 the swappiness parameter isn't\n\t\t\t\tsupported.
\n "
}
}
},
@@ -6652,7 +6723,7 @@
"principalArn": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The ARN of the principal, which can be a user, role, or the root user. If\n\t\t\tthis field is omitted, the account settings are listed only for the authenticated\n\t\t\tuser.
\n \n Federated users assume the account setting of the root user and can't have\n\t\t\t\texplicit account settings set for them.
\n "
+ "smithy.api#documentation": "The ARN of the principal, which can be a user, role, or the root user. If this field is\n\t\t\tomitted, the account settings are listed only for the authenticated user.
\n \n Federated users assume the account setting of the root user and can't have explicit\n\t\t\t\taccount settings set for them.
\n "
}
},
"effectiveSettings": {
@@ -7481,7 +7552,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Returns a list of tasks. You can filter the results by cluster, task definition\n\t\t\tfamily, container instance, launch type, what IAM principal started the task, or by the\n\t\t\tdesired status of the task.
\n Recently stopped tasks might appear in the returned results.
",
+ "smithy.api#documentation": "Returns a list of tasks. You can filter the results by cluster, task definition\n\t\t\tfamily, container instance, launch type, what IAM principal started the task, or by\n\t\t\tthe desired status of the task.
\n Recently stopped tasks might appear in the returned results.
",
"smithy.api#examples": [
{
"title": "To list the tasks in a cluster",
@@ -7662,7 +7733,7 @@
}
},
"traits": {
- "smithy.api#documentation": "The log configuration for the container. This parameter maps to LogConfig\n\t\t\tin the Create a container section of the Docker Remote API and the\n\t\t\t\t--log-driver option to \n docker\n\t\t\t\t\trun\n .
\n By default, containers use the same logging driver that the Docker daemon uses.\n\t\t\tHowever, the container might use a different logging driver than the Docker daemon by\n\t\t\tspecifying a log driver configuration in the container definition. For more information\n\t\t\tabout the options for different supported log drivers, see Configure logging\n\t\t\t\tdrivers in the Docker documentation.
\n Understand the following when specifying a log configuration for your\n\t\t\tcontainers.
\n \n - \n
Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon.\n\t\t\t\t\tAdditional log drivers may be available in future releases of the Amazon ECS\n\t\t\t\t\tcontainer agent.
\n For tasks on Fargate, the supported log drivers are awslogs,\n\t\t\t\t\t\tsplunk, and awsfirelens.
\n For tasks hosted on Amazon EC2 instances, the supported log drivers are\n\t\t\t\t\t\tawslogs, fluentd, gelf,\n\t\t\t\t\t\tjson-file, journald,\n\t\t\t\t\t\tlogentries,syslog, splunk, and\n\t\t\t\t\t\tawsfirelens.
\n \n - \n
This parameter requires version 1.18 of the Docker Remote API or greater on\n\t\t\t\t\tyour container instance.
\n \n - \n
For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must\n\t\t\t\t\tregister the available logging drivers with the\n\t\t\t\t\t\tECS_AVAILABLE_LOGGING_DRIVERS environment variable before\n\t\t\t\t\tcontainers placed on that instance can use these log configuration options. For\n\t\t\t\t\tmore information, see Amazon ECS container agent configuration in the\n\t\t\t\t\tAmazon Elastic Container Service Developer Guide.
\n \n - \n
For tasks that are on Fargate, because you don't have access to the\n\t\t\t\t\tunderlying infrastructure your tasks are hosted on, any additional software\n\t\t\t\t\tneeded must be installed outside of the task. For example, the Fluentd output\n\t\t\t\t\taggregators or a remote host running Logstash to send Gelf logs to.
\n \n
"
+ "smithy.api#documentation": "The log configuration for the container. This parameter maps to LogConfig\n\t\t\tin the Create a container section of the Docker Remote API and the\n\t\t\t\t--log-driver option to \n docker\n\t\t\t\t\trun\n .
\n By default, containers use the same logging driver that the Docker daemon uses.\n\t\t\tHowever, the container might use a different logging driver than the Docker daemon by\n\t\t\tspecifying a log driver configuration in the container definition. For more information\n\t\t\tabout the options for different supported log drivers, see Configure logging\n\t\t\t\tdrivers in the Docker documentation.
\n Understand the following when specifying a log configuration for your\n\t\t\tcontainers.
\n \n - \n
Amazon ECS currently supports a subset of the logging drivers available to the\n\t\t\t\t\tDocker daemon. Additional log drivers may be available in future releases of the\n\t\t\t\t\tAmazon ECS container agent.
\n For tasks on Fargate, the supported log drivers are awslogs,\n\t\t\t\t\t\tsplunk, and awsfirelens.
\n For tasks hosted on Amazon EC2 instances, the supported log drivers are\n\t\t\t\t\t\tawslogs, fluentd, gelf,\n\t\t\t\t\t\tjson-file, journald,\n\t\t\t\t\t\tlogentries,syslog, splunk, and\n\t\t\t\t\t\tawsfirelens.
\n \n - \n
This parameter requires version 1.18 of the Docker Remote API or greater on\n\t\t\t\t\tyour container instance.
\n \n - \n
For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must\n\t\t\t\t\tregister the available logging drivers with the\n\t\t\t\t\t\tECS_AVAILABLE_LOGGING_DRIVERS environment variable before\n\t\t\t\t\tcontainers placed on that instance can use these log configuration options. For\n\t\t\t\t\tmore information, see Amazon ECS container agent configuration in the\n\t\t\t\t\tAmazon Elastic Container Service Developer Guide.
\n \n - \n
For tasks that are on Fargate, because you don't have access to the\n\t\t\t\t\tunderlying infrastructure your tasks are hosted on, any additional software\n\t\t\t\t\tneeded must be installed outside of the task. For example, the Fluentd output\n\t\t\t\t\taggregators or a remote host running Logstash to send Gelf logs to.
\n \n
"
}
},
"com.amazonaws.ecs#LogConfigurationOptionsMap": {
@@ -7852,7 +7923,7 @@
"targetCapacity": {
"target": "com.amazonaws.ecs#ManagedScalingTargetCapacity",
"traits": {
- "smithy.api#documentation": "The target capacity utilization as a percentage for the capacity provider. The\n\t\t\tspecified value must be greater than 0 and less than or equal to\n\t\t\t\t100. For example, if you want the capacity provider to maintain 10%\n\t\t\tspare capacity, then that means the utilization is 90%, so use a\n\t\t\t\ttargetCapacity of 90. The default value of\n\t\t\t\t100 percent results in the Amazon EC2 instances in your Auto Scaling group being\n\t\t\tcompletely used.
"
+ "smithy.api#documentation": "The target capacity utilization as a percentage for the capacity provider. The\n\t\t\tspecified value must be greater than 0 and less than or equal to\n\t\t\t\t100. For example, if you want the capacity provider to maintain 10%\n\t\t\tspare capacity, then that means the utilization is 90%, so use a\n\t\t\t\ttargetCapacity of 90. The default value of\n\t\t\t\t100 percent results in the Amazon EC2 instances in your Auto Scaling group\n\t\t\tbeing completely used.
"
}
},
"minimumScalingStepSize": {
@@ -7864,7 +7935,7 @@
"maximumScalingStepSize": {
"target": "com.amazonaws.ecs#ManagedScalingStepSize",
"traits": {
- "smithy.api#documentation": "The maximum number of Amazon EC2 instances that Amazon ECS will scale out at one time. The scale in\n\t\t\tprocess is not affected by this parameter. If this parameter is omitted, the default\n\t\t\tvalue of 10000 is used.
"
+ "smithy.api#documentation": "The maximum number of Amazon EC2 instances that Amazon ECS will scale out at one time. The scale\n\t\t\tin process is not affected by this parameter. If this parameter is omitted, the default\n\t\t\tvalue of 10000 is used.
"
}
},
"instanceWarmupPeriod": {
@@ -8031,13 +8102,13 @@
"containerPortRange": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The port number range on the container that's bound to the dynamically mapped host port\n\t\t\trange.
\n The following rules apply when you specify a containerPortRange:
\n \n - \n
You must use either the bridge network mode or the awsvpc\n\t\t\t\t\tnetwork mode.
\n \n - \n
This parameter is available for both the EC2 and Fargate launch types.
\n \n - \n
This parameter is available for both the Linux and Windows operating systems.
\n \n - \n
The container instance must have at least version 1.67.0 of the container agent\n\t\t\t\t\tand at least version 1.67.0-1 of the ecs-init package
\n \n - \n
You can specify a maximum of 100 port ranges per container.
\n \n - \n
You do not specify a hostPortRange. The value of the hostPortRange is set\n\t\t\t\t\tas follows:
\n \n - \n
For containers in a task with the awsvpc network mode,\n\t\t\t\t\t\t\tthe hostPortRange is set to the same value as the\n\t\t\t\t\t\t\t\tcontainerPortRange. This is a static mapping\n\t\t\t\t\t\t\tstrategy.
\n \n - \n
For containers in a task with the bridge network mode, the Amazon ECS agent finds open host ports from the default ephemeral range and passes it to docker to bind them to the container ports.
\n \n
\n \n - \n
The containerPortRange valid values are between 1 and\n\t\t\t\t\t65535.
\n \n - \n
A port can only be included in one port mapping per container.
\n \n - \n
You cannot specify overlapping port ranges.
\n \n - \n
The first port in the range must be less than last port in the range.
\n \n - \n
Docker recommends that you turn off the docker-proxy in the Docker daemon config file when you have a large number of ports.
\n For more information, see Issue #11185 on the Github website.
\n For information about how to turn off the docker-proxy in the Docker daemon config file, see Docker daemon in the Amazon ECS Developer Guide.
\n \n
\n You can call \n DescribeTasks\n to view the hostPortRange which\n\t\t\tare the host ports that are bound to the container ports.
"
+ "smithy.api#documentation": "The port number range on the container that's bound to the dynamically mapped host\n\t\t\tport range.
\n The following rules apply when you specify a containerPortRange:
\n \n - \n
You must use either the bridge network mode or the awsvpc\n\t\t\t\t\tnetwork mode.
\n \n - \n
This parameter is available for both the EC2 and Fargate launch types.
\n \n - \n
This parameter is available for both the Linux and Windows operating systems.
\n \n - \n
The container instance must have at least version 1.67.0 of the container agent\n\t\t\t\t\tand at least version 1.67.0-1 of the ecs-init package
\n \n - \n
You can specify a maximum of 100 port ranges per container.
\n \n - \n
You do not specify a hostPortRange. The value of the hostPortRange is set\n\t\t\t\t\tas follows:
\n \n - \n
For containers in a task with the awsvpc network mode,\n\t\t\t\t\t\t\tthe hostPortRange is set to the same value as the\n\t\t\t\t\t\t\t\tcontainerPortRange. This is a static mapping\n\t\t\t\t\t\t\tstrategy.
\n \n - \n
For containers in a task with the bridge network mode, the Amazon ECS agent finds open host ports from the default ephemeral range and passes it to docker to bind them to the container ports.
\n \n
\n \n - \n
The containerPortRange valid values are between 1 and\n\t\t\t\t\t65535.
\n \n - \n
A port can only be included in one port mapping per container.
\n \n - \n
You cannot specify overlapping port ranges.
\n \n - \n
The first port in the range must be less than last port in the range.
\n \n - \n
Docker recommends that you turn off the docker-proxy in the Docker daemon config file when you have a large number of ports.
\n For more information, see Issue #11185 on the Github website.
\n For information about how to turn off the docker-proxy in the Docker daemon config file, see Docker daemon in the Amazon ECS Developer Guide.
\n \n
\n You can call \n DescribeTasks\n to view the hostPortRange which\n\t\t\tare the host ports that are bound to the container ports.
"
}
},
"hostPortRange": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The port number range on the host that's used with the network binding. This is assigned is\n\t\t\tassigned by Docker and delivered by the Amazon ECS agent.
"
+ "smithy.api#documentation": "The port number range on the host that's used with the network binding. This is\n\t\t\tassigned is assigned by Docker and delivered by the Amazon ECS agent.
"
}
}
},
@@ -8384,13 +8455,13 @@
"hostPort": {
"target": "com.amazonaws.ecs#BoxedInteger",
"traits": {
- "smithy.api#documentation": "The port number on the container instance to reserve for your container.
\n If you specify a containerPortRange, leave this field empty and the value of\n\t\t\tthe hostPort is set as follows:
\n \n - \n
For containers in a task with the awsvpc network mode, the\n\t\t\t\t\t\thostPort is set to the same value as the\n\t\t\t\t\t\tcontainerPort. This is a static mapping strategy.
\n \n - \n
For containers in a task with the bridge network mode, the Amazon ECS agent finds\n\t\t\t\t\topen ports on the host and automatically binds them to the container ports. This\n\t\t\t\t\tis a dynamic mapping strategy.
\n \n
\n If you use containers in a task with the awsvpc or host\n\t\t\tnetwork mode, the hostPort can either be left blank or set to the same\n\t\t\tvalue as the containerPort.
\n If you use containers in a task with the bridge network mode, you can\n\t\t\tspecify a non-reserved host port for your container port mapping, or you can omit the\n\t\t\t\thostPort (or set it to 0) while specifying a\n\t\t\t\tcontainerPort and your container automatically receives a port in the\n\t\t\tephemeral port range for your container instance operating system and Docker\n\t\t\tversion.
\n The default ephemeral port range for Docker version 1.6.0 and later is listed on the\n\t\t\tinstance under /proc/sys/net/ipv4/ip_local_port_range. If this kernel\n\t\t\tparameter is unavailable, the default ephemeral port range from 49153 through 65535\n\t\t\t(Linux) or 49152 through 65535 (Windows) is used. Do not attempt to specify a host port\n\t\t\tin the ephemeral port range as these are reserved for automatic assignment. In general,\n\t\t\tports below 32768 are outside of the ephemeral port range.
\n The default reserved ports are 22 for SSH, the Docker ports 2375 and 2376, and the\n\t\t\tAmazon ECS container agent ports 51678-51680. Any host port that was previously specified in\n\t\t\ta running task is also reserved while the task is running. That is, after a task stops,\n\t\t\tthe host port is released. The current reserved ports are displayed in the\n\t\t\tremainingResources of DescribeContainerInstances\n\t\t\toutput. A container instance can have up to 100 reserved ports at a time. This number\n\t\t\tincludes the default reserved ports. Automatically assigned ports aren't included in the\n\t\t\t100 reserved ports quota.
"
+ "smithy.api#documentation": "The port number on the container instance to reserve for your container.
\n If you specify a containerPortRange, leave this field empty and the value\n\t\t\tof the hostPort is set as follows:
\n \n - \n
For containers in a task with the awsvpc network mode, the\n\t\t\t\t\t\thostPort is set to the same value as the\n\t\t\t\t\t\tcontainerPort. This is a static mapping strategy.
\n \n - \n
For containers in a task with the bridge network mode, the Amazon ECS\n\t\t\t\t\tagent finds open ports on the host and automatically binds them to the container\n\t\t\t\t\tports. This is a dynamic mapping strategy.
\n \n
\n If you use containers in a task with the awsvpc or host\n\t\t\tnetwork mode, the hostPort can either be left blank or set to the same\n\t\t\tvalue as the containerPort.
\n If you use containers in a task with the bridge network mode, you can\n\t\t\tspecify a non-reserved host port for your container port mapping, or you can omit the\n\t\t\t\thostPort (or set it to 0) while specifying a\n\t\t\t\tcontainerPort and your container automatically receives a port in the\n\t\t\tephemeral port range for your container instance operating system and Docker\n\t\t\tversion.
\n The default ephemeral port range for Docker version 1.6.0 and later is listed on the\n\t\t\tinstance under /proc/sys/net/ipv4/ip_local_port_range. If this kernel\n\t\t\tparameter is unavailable, the default ephemeral port range from 49153 through 65535\n\t\t\t(Linux) or 49152 through 65535 (Windows) is used. Do not attempt to specify a host port\n\t\t\tin the ephemeral port range as these are reserved for automatic assignment. In general,\n\t\t\tports below 32768 are outside of the ephemeral port range.
\n The default reserved ports are 22 for SSH, the Docker ports 2375 and 2376, and the\n\t\t\tAmazon ECS container agent ports 51678-51680. Any host port that was previously specified in\n\t\t\ta running task is also reserved while the task is running. That is, after a task stops,\n\t\t\tthe host port is released. The current reserved ports are displayed in the\n\t\t\t\tremainingResources of DescribeContainerInstances output. A container instance can have up to 100\n\t\t\treserved ports at a time. This number includes the default reserved ports. Automatically\n\t\t\tassigned ports aren't included in the 100 reserved ports quota.
"
}
},
"protocol": {
"target": "com.amazonaws.ecs#TransportProtocol",
"traits": {
- "smithy.api#documentation": "The protocol used for the port mapping. Valid values are tcp and\n\t\t\tudp. The default is tcp. protocol is immutable in a \n\t\t\tService Connect service. Updating this field requires a service deletion and \n\t\t\tredeployment.\n\t\t
"
+ "smithy.api#documentation": "The protocol used for the port mapping. Valid values are tcp and\n\t\t\t\tudp. The default is tcp. protocol is\n\t\t\timmutable in a Service Connect service. Updating this field requires a service deletion\n\t\t\tand redeployment.
"
}
},
"name": {
@@ -8402,13 +8473,13 @@
"appProtocol": {
"target": "com.amazonaws.ecs#ApplicationProtocol",
"traits": {
- "smithy.api#documentation": "The application protocol that's used for the port mapping. This parameter only applies\n\t\t\tto Service Connect. We recommend that you set this parameter to be consistent with the\n\t\t\tprotocol that your application uses. If you set this parameter, Amazon ECS adds\n\t\t\tprotocol-specific connection handling to the Service Connect proxy. If you set this\n\t\t\tparameter, Amazon ECS adds protocol-specific telemetry in the Amazon ECS console and CloudWatch.
\n If you don't set a value for this parameter, then TCP is used. However, Amazon ECS doesn't\n\t\t\tadd protocol-specific telemetry for TCP.
\n \n appProtocol is immutable in a Service Connect service. Updating this field \n\t\t\trequires a service deletion and redeployment.
\n Tasks that run in a namespace can use short names to connect\n\tto services in the namespace. Tasks can connect to services across all of the clusters in the namespace.\n\tTasks connect through a managed proxy container\n\tthat collects logs and metrics for increased visibility.\n\tOnly the tasks that Amazon ECS services create are supported with Service Connect.\n\tFor more information, see Service Connect in the Amazon Elastic Container Service Developer Guide.
"
+ "smithy.api#documentation": "The application protocol that's used for the port mapping. This parameter only applies\n\t\t\tto Service Connect. We recommend that you set this parameter to be consistent with the\n\t\t\tprotocol that your application uses. If you set this parameter, Amazon ECS adds\n\t\t\tprotocol-specific connection handling to the Service Connect proxy. If you set this\n\t\t\tparameter, Amazon ECS adds protocol-specific telemetry in the Amazon ECS console and CloudWatch.
\n If you don't set a value for this parameter, then TCP is used. However, Amazon ECS doesn't\n\t\t\tadd protocol-specific telemetry for TCP.
\n \n appProtocol is immutable in a Service Connect service. Updating this\n\t\t\tfield requires a service deletion and redeployment.
\n Tasks that run in a namespace can use short names to connect\n\tto services in the namespace. Tasks can connect to services across all of the clusters in the namespace.\n\tTasks connect through a managed proxy container\n\tthat collects logs and metrics for increased visibility.\n\tOnly the tasks that Amazon ECS services create are supported with Service Connect.\n\tFor more information, see Service Connect in the Amazon Elastic Container Service Developer Guide.
"
}
},
"containerPortRange": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The port number range on the container that's bound to the dynamically mapped host port\n\t\t\trange.
\n The following rules apply when you specify a containerPortRange:
\n \n - \n
You must use either the bridge network mode or the awsvpc\n\t\t\t\t\tnetwork mode.
\n \n - \n
This parameter is available for both the EC2 and Fargate launch types.
\n \n - \n
This parameter is available for both the Linux and Windows operating systems.
\n \n - \n
The container instance must have at least version 1.67.0 of the container agent\n\t\t\t\t\tand at least version 1.67.0-1 of the ecs-init package
\n \n - \n
You can specify a maximum of 100 port ranges per container.
\n \n - \n
You do not specify a hostPortRange. The value of the hostPortRange is set\n\t\t\t\t\tas follows:
\n \n - \n
For containers in a task with the awsvpc network mode,\n\t\t\t\t\t\t\tthe hostPortRange is set to the same value as the\n\t\t\t\t\t\t\t\tcontainerPortRange. This is a static mapping\n\t\t\t\t\t\t\tstrategy.
\n \n - \n
For containers in a task with the bridge network mode, the Amazon ECS agent finds open host ports from the default ephemeral range and passes it to docker to bind them to the container ports.
\n \n
\n \n - \n
The containerPortRange valid values are between 1 and\n\t\t\t\t\t65535.
\n \n - \n
A port can only be included in one port mapping per container.
\n \n - \n
You cannot specify overlapping port ranges.
\n \n - \n
The first port in the range must be less than last port in the range.
\n \n - \n
Docker recommends that you turn off the docker-proxy in the Docker daemon config file when you have a large number of ports.
\n For more information, see Issue #11185 on the Github website.
\n For information about how to turn off the docker-proxy in the Docker daemon config file, see Docker daemon in the Amazon ECS Developer Guide.
\n \n
\n You can call \n DescribeTasks\n to view the hostPortRange which\n\t\t\tare the host ports that are bound to the container ports.
"
+ "smithy.api#documentation": "The port number range on the container that's bound to the dynamically mapped host\n\t\t\tport range.
\n The following rules apply when you specify a containerPortRange:
\n \n - \n
You must use either the bridge network mode or the awsvpc\n\t\t\t\t\tnetwork mode.
\n \n - \n
This parameter is available for both the EC2 and Fargate launch types.
\n \n - \n
This parameter is available for both the Linux and Windows operating systems.
\n \n - \n
The container instance must have at least version 1.67.0 of the container agent\n\t\t\t\t\tand at least version 1.67.0-1 of the ecs-init package
\n \n - \n
You can specify a maximum of 100 port ranges per container.
\n \n - \n
You do not specify a hostPortRange. The value of the hostPortRange is set\n\t\t\t\t\tas follows:
\n \n - \n
For containers in a task with the awsvpc network mode,\n\t\t\t\t\t\t\tthe hostPortRange is set to the same value as the\n\t\t\t\t\t\t\t\tcontainerPortRange. This is a static mapping\n\t\t\t\t\t\t\tstrategy.
\n \n - \n
For containers in a task with the bridge network mode, the Amazon ECS agent finds open host ports from the default ephemeral range and passes it to docker to bind them to the container ports.
\n \n
\n \n - \n
The containerPortRange valid values are between 1 and\n\t\t\t\t\t65535.
\n \n - \n
A port can only be included in one port mapping per container.
\n \n - \n
You cannot specify overlapping port ranges.
\n \n - \n
The first port in the range must be less than last port in the range.
\n \n - \n
Docker recommends that you turn off the docker-proxy in the Docker daemon config file when you have a large number of ports.
\n For more information, see Issue #11185 on the Github website.
\n For information about how to turn off the docker-proxy in the Docker daemon config file, see Docker daemon in the Amazon ECS Developer Guide.
\n \n
\n You can call \n DescribeTasks\n to view the hostPortRange which\n\t\t\tare the host ports that are bound to the container ports.
"
}
}
},
@@ -8467,7 +8538,7 @@
"target": "com.amazonaws.ecs#Boolean",
"traits": {
"smithy.api#default": false,
- "smithy.api#documentation": "The protection status of the task. If scale-in protection is on for a task, the\n\t\t\tvalue is true. Otherwise, it is false.
"
+ "smithy.api#documentation": "The protection status of the task. If scale-in protection is on for a task, the value\n\t\t\tis true. Otherwise, it is false.
"
}
},
"expirationDate": {
@@ -8551,7 +8622,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Modifies an account setting. Account settings are set on a per-Region basis.
\n If you change the root user account setting, the default settings are reset for users\n\t\t\tand roles that do not have specified individual account settings. For more information,\n\t\t\tsee Account\n\t\t\t\tSettings in the Amazon Elastic Container Service Developer Guide.
\n When you specify serviceLongArnFormat, taskLongArnFormat, or\n\t\t\t\tcontainerInstanceLongArnFormat, the Amazon Resource Name (ARN) and\n\t\t\tresource ID format of the resource type for a specified user, role, or the root user for an\n\t\t\taccount is affected. The opt-in and opt-out account setting must be set for each Amazon ECS\n\t\t\tresource separately. The ARN and resource ID format of a resource is defined by the\n\t\t\topt-in status of the user or role that created the resource. You must turn on this\n\t\t\tsetting to use Amazon ECS features such as resource tagging.
\n When you specify awsvpcTrunking, the elastic network interface (ENI) limit for\n\t\t\tany new container instances that support the feature is changed. If\n\t\t\t\tawsvpcTrunking is turned on, any new container instances that support\n\t\t\tthe feature are launched have the increased ENI limits available to them. For more\n\t\t\tinformation, see Elastic Network\n\t\t\t\tInterface Trunking in the Amazon Elastic Container Service Developer Guide.
\n When you specify containerInsights, the default setting indicating whether\n\t\t\tAmazon Web Services CloudWatch Container Insights is turned on for your clusters is changed. If\n\t\t\t\tcontainerInsights is turned on, any new clusters that are created will\n\t\t\thave Container Insights turned on unless you disable it during cluster creation. For\n\t\t\tmore information, see CloudWatch\n\t\t\t\tContainer Insights in the Amazon Elastic Container Service Developer Guide.
\n Amazon ECS is introducing tagging authorization for resource creation. Users must have\n\t\t\tpermissions for actions that create the resource, such as ecsCreateCluster.\n\t\t\tIf tags are specified when you create a resource, Amazon Web Services performs additional\n\t\t\tauthorization to verify if users or roles have permissions to create tags. Therefore,\n\t\t\tyou must grant explicit permissions to use the ecs:TagResource action. For\n\t\t\tmore information, see Grant\n\t\t\t\tpermission to tag resources on creation in the Amazon ECS Developer\n\t\t\t\t\tGuide.
\n When Amazon Web Services determines that a security or infrastructure update is needed for an Amazon ECS\n\t\t\ttask hosted on Fargate, the tasks need to be stopped and new tasks launched to replace\n\t\t\tthem. Use fargateTaskRetirementWaitPeriod to configure the wait time to\n\t\t\tretire a Fargate task. For information about the Fargate tasks maintenance, see Amazon Web Services Fargate task maintenance in the Amazon ECS Developer\n\t\t\t\t\tGuide.
\n The guardDutyActivate parameter is read-only in Amazon ECS and indicates whether\n\t\t\tAmazon ECS Runtime Monitoring is enabled or disabled by your security administrator in your\n\t\t\tAmazon ECS account. Amazon GuardDuty controls this account setting on your behalf. For more information, see Protecting Amazon ECS workloads with Amazon ECS Runtime Monitoring.
",
+ "smithy.api#documentation": "Modifies an account setting. Account settings are set on a per-Region basis.
\n If you change the root user account setting, the default settings are reset for users and\n\t\t\troles that do not have specified individual account settings. For more information, see\n\t\t\t\tAccount\n\t\t\t\tSettings in the Amazon Elastic Container Service Developer Guide.
\n When you specify serviceLongArnFormat, taskLongArnFormat, or\n\t\t\t\tcontainerInstanceLongArnFormat, the Amazon Resource Name (ARN) and\n\t\t\tresource ID format of the resource type for a specified user, role, or the root user for an\n\t\t\taccount is affected. The opt-in and opt-out account setting must be set for each Amazon ECS\n\t\t\tresource separately. The ARN and resource ID format of a resource is defined by the\n\t\t\topt-in status of the user or role that created the resource. You must turn on this\n\t\t\tsetting to use Amazon ECS features such as resource tagging.
\n When you specify awsvpcTrunking, the elastic network interface (ENI)\n\t\t\tlimit for any new container instances that support the feature is changed. If\n\t\t\t\tawsvpcTrunking is turned on, any new container instances that support\n\t\t\tthe feature are launched have the increased ENI limits available to them. For more\n\t\t\tinformation, see Elastic Network\n\t\t\t\tInterface Trunking in the Amazon Elastic Container Service Developer Guide.
\n When you specify containerInsights, the default setting indicating\n\t\t\twhether Amazon Web Services CloudWatch Container Insights is turned on for your clusters is changed. If\n\t\t\t\tcontainerInsights is turned on, any new clusters that are created will\n\t\t\thave Container Insights turned on unless you disable it during cluster creation. For\n\t\t\tmore information, see CloudWatch\n\t\t\t\tContainer Insights in the Amazon Elastic Container Service Developer Guide.
\n Amazon ECS is introducing tagging authorization for resource creation. Users must have\n\t\t\tpermissions for actions that create the resource, such as ecsCreateCluster.\n\t\t\tIf tags are specified when you create a resource, Amazon Web Services performs additional\n\t\t\tauthorization to verify if users or roles have permissions to create tags. Therefore,\n\t\t\tyou must grant explicit permissions to use the ecs:TagResource action. For\n\t\t\tmore information, see Grant\n\t\t\t\tpermission to tag resources on creation in the Amazon ECS Developer\n\t\t\t\tGuide.
\n When Amazon Web Services determines that a security or infrastructure update is needed for an Amazon ECS\n\t\t\ttask hosted on Fargate, the tasks need to be stopped and new tasks launched to replace\n\t\t\tthem. Use fargateTaskRetirementWaitPeriod to configure the wait time to\n\t\t\tretire a Fargate task. For information about the Fargate tasks maintenance, see\n\t\t\t\tAmazon Web Services Fargate task\n\t\t\t\tmaintenance in the Amazon ECS Developer Guide.
\n The guardDutyActivate parameter is read-only in Amazon ECS and indicates whether\n\t\t\tAmazon ECS Runtime Monitoring is enabled or disabled by your security administrator in your\n\t\t\tAmazon ECS account. Amazon GuardDuty controls this account setting on your behalf. For more information, see Protecting Amazon ECS workloads with Amazon ECS Runtime Monitoring.
",
"smithy.api#examples": [
{
"title": "To modify your account settings",
@@ -8607,7 +8678,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Modifies an account setting for all users on an account for whom no individual\n\t\t\taccount setting has been specified. Account settings are set on a per-Region\n\t\t\tbasis.
",
+ "smithy.api#documentation": "Modifies an account setting for all users on an account for whom no individual account\n\t\t\tsetting has been specified. Account settings are set on a per-Region basis.
",
"smithy.api#examples": [
{
"title": "To modify the default account settings for all IAM users or roles on an account",
@@ -8633,14 +8704,14 @@
"name": {
"target": "com.amazonaws.ecs#SettingName",
"traits": {
- "smithy.api#documentation": "The resource name for which to modify the account setting. If you specify\n\t\t\t\tserviceLongArnFormat, the ARN for your Amazon ECS services is affected. If\n\t\t\tyou specify taskLongArnFormat, the ARN and resource ID for your Amazon ECS\n\t\t\ttasks is affected. If you specify containerInstanceLongArnFormat, the ARN\n\t\t\tand resource ID for your Amazon ECS container instances is affected. If you specify\n\t\t\t\tawsvpcTrunking, the ENI limit for your Amazon ECS container instances is\n\t\t\taffected. If you specify containerInsights, the default setting for Amazon Web Services\n\t\t\tCloudWatch Container Insights for your clusters is affected. If you specify\n\t\t\t\ttagResourceAuthorization, the opt-in option for tagging resources on\n\t\t\tcreation is affected. For information about the opt-in timeline, see Tagging authorization timeline in the Amazon ECS Developer\n\t\t\t\tGuide. If you specify fargateTaskRetirementWaitPeriod, the\n\t\t\tdefault wait time to retire a Fargate task due to required maintenance is\n\t\t\taffected.
\n When you specify fargateFIPSMode for the name and\n\t\t\tenabled for the value, Fargate uses FIPS-140 compliant\n\t\t\tcryptographic algorithms on your tasks. For more information about FIPS-140 compliance\n\t\t\twith Fargate, see Amazon Web Services Fargate Federal Information Processing Standard (FIPS) 140-2\n\t\t\t\tcompliance in the Amazon Elastic Container Service Developer Guide.
\n When Amazon Web Services determines that a security or infrastructure update is needed for an Amazon ECS task\n\t\t\thosted on Fargate, the tasks need to be stopped and new tasks launched to replace\n\t\t\tthem. Use fargateTaskRetirementWaitPeriod to set the wait time to retire a\n\t\t\tFargate task to the default. For information about the Fargate tasks maintenance,\n\t\t\tsee Amazon Web Services Fargate task\n\t\t\t\tmaintenance in the Amazon ECS Developer Guide.
\n The guardDutyActivate parameter is read-only in Amazon ECS and indicates whether\n\t\t\tAmazon ECS Runtime Monitoring is enabled or disabled by your security administrator in your\n\t\t\tAmazon ECS account. Amazon GuardDuty controls this account setting on your behalf. For more information, see Protecting Amazon ECS workloads with Amazon ECS Runtime Monitoring.
",
+ "smithy.api#documentation": "The resource name for which to modify the account setting. If you specify\n\t\t\t\tserviceLongArnFormat, the ARN for your Amazon ECS services is affected. If\n\t\t\tyou specify taskLongArnFormat, the ARN and resource ID for your Amazon ECS\n\t\t\ttasks is affected. If you specify containerInstanceLongArnFormat, the ARN\n\t\t\tand resource ID for your Amazon ECS container instances is affected. If you specify\n\t\t\t\tawsvpcTrunking, the ENI limit for your Amazon ECS container instances is\n\t\t\taffected. If you specify containerInsights, the default setting for Amazon Web Services\n\t\t\tCloudWatch Container Insights for your clusters is affected. If you specify\n\t\t\t\ttagResourceAuthorization, the opt-in option for tagging resources on\n\t\t\tcreation is affected. For information about the opt-in timeline, see Tagging authorization timeline in the Amazon ECS Developer\n\t\t\t\tGuide. If you specify fargateTaskRetirementWaitPeriod, the\n\t\t\tdefault wait time to retire a Fargate task due to required maintenance is\n\t\t\taffected.
\n When you specify fargateFIPSMode for the name and\n\t\t\t\tenabled for the value, Fargate uses FIPS-140 compliant\n\t\t\tcryptographic algorithms on your tasks. For more information about FIPS-140 compliance\n\t\t\twith Fargate, see Amazon Web Services Fargate\n\t\t\t\tFederal Information Processing Standard (FIPS) 140-2 compliance in the\n\t\t\tAmazon Elastic Container Service Developer Guide.
\n When Amazon Web Services determines that a security or infrastructure update is needed for an Amazon ECS\n\t\t\ttask hosted on Fargate, the tasks need to be stopped and new tasks launched to replace\n\t\t\tthem. Use fargateTaskRetirementWaitPeriod to set the wait time to retire a\n\t\t\tFargate task to the default. For information about the Fargate tasks maintenance,\n\t\t\tsee Amazon Web Services Fargate task\n\t\t\t\tmaintenance in the Amazon ECS Developer Guide.
\n The guardDutyActivate parameter is read-only in Amazon ECS and indicates whether\n\t\t\tAmazon ECS Runtime Monitoring is enabled or disabled by your security administrator in your\n\t\t\tAmazon ECS account. Amazon GuardDuty controls this account setting on your behalf. For more information, see Protecting Amazon ECS workloads with Amazon ECS Runtime Monitoring.
",
"smithy.api#required": {}
}
},
"value": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The account setting value for the specified principal ARN. Accepted values are\n\t\t\t\tenabled, disabled, on, and\n\t\t\toff.
\n When you specify fargateTaskRetirementWaitPeriod for the\n\t\t\t\tname, the following are the valid values:
\n \n - \n
\n 0 - Amazon Web Services sends the notification, and immediately retires the affected tasks.
\n \n - \n
\n 7 - Amazon Web Services sends the notification, and waits 7 calendar days to retire the tasks.
\n \n - \n
\n 14 - Amazon Web Services sends the notification, and waits 14 calendar days to retire the tasks.
\n \n
",
+ "smithy.api#documentation": "The account setting value for the specified principal ARN. Accepted values are\n\t\t\t\tenabled, disabled, on, and\n\t\t\toff.
\n When you specify fargateTaskRetirementWaitPeriod for the\n\t\t\t\tname, the following are the valid values:
\n \n - \n
\n 0 - Amazon Web Services sends the notification, and immediately retires the\n\t\t\t\t\taffected tasks.
\n \n - \n
\n 7 - Amazon Web Services sends the notification, and waits 7 calendar days to\n\t\t\t\t\tretire the tasks.
\n \n - \n
\n 14 - Amazon Web Services sends the notification, and waits 14 calendar days to\n\t\t\t\t\tretire the tasks.
\n \n
",
"smithy.api#required": {}
}
}
@@ -8676,14 +8747,14 @@
"value": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The account setting value for the specified principal ARN. Accepted values are\n\t\t\t\tenabled, disabled, on, and\n\t\t\toff.
\n When you specify fargateTaskRetirementWaitPeriod for the name, the\n\t\t\tfollowing are the valid values:
\n \n - \n
\n 0 - Amazon Web Services sends the notification, and immediately retires the affected tasks.
\n \n - \n
\n 7 - Amazon Web Services sends the notification, and waits 7 calendar days to retire the tasks.
\n \n - \n
\n 14 - Amazon Web Services sends the notification, and waits 14 calendar days to retire the tasks.
\n \n
",
+ "smithy.api#documentation": "The account setting value for the specified principal ARN. Accepted values are\n\t\t\t\tenabled, disabled, on, and\n\t\t\toff.
\n When you specify fargateTaskRetirementWaitPeriod for the\n\t\t\t\tname, the following are the valid values:
\n \n - \n
\n 0 - Amazon Web Services sends the notification, and immediately retires the\n\t\t\t\t\taffected tasks.
\n \n - \n
\n 7 - Amazon Web Services sends the notification, and waits 7 calendar days to\n\t\t\t\t\tretire the tasks.
\n \n - \n
\n 14 - Amazon Web Services sends the notification, and waits 14 calendar days to\n\t\t\t\t\tretire the tasks.
\n \n
",
"smithy.api#required": {}
}
},
"principalArn": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The ARN of the principal, which can be a user, role, or the root user. If\n\t\t\tyou specify the root user, it modifies the account setting for all users, roles,\n\t\t\tand the root user of the account unless a user or role explicitly overrides these\n\t\t\tsettings. If this field is omitted, the setting is changed only for the authenticated\n\t\t\tuser.
\n \n You must use the root user when you set the Fargate wait time\n\t\t\t\t\t(fargateTaskRetirementWaitPeriod).
\n Federated users assume the account setting of the root user and can't have\n\t\t\t\texplicit account settings set for them.
\n "
+ "smithy.api#documentation": "The ARN of the principal, which can be a user, role, or the root user. If you specify\n\t\t\tthe root user, it modifies the account setting for all users, roles, and the root user of the\n\t\t\taccount unless a user or role explicitly overrides these settings. If this field is\n\t\t\tomitted, the setting is changed only for the authenticated user.
\n \n You must use the root user when you set the Fargate wait time\n\t\t\t\t\t(fargateTaskRetirementWaitPeriod).
\n Federated users assume the account setting of the root user and can't have explicit\n\t\t\t\taccount settings set for them.
\n "
}
}
},
@@ -8960,7 +9031,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Registers a new task definition from the supplied family and\n\t\t\t\tcontainerDefinitions. Optionally, you can add data volumes to your\n\t\t\tcontainers with the volumes parameter. For more information about task\n\t\t\tdefinition parameters and defaults, see Amazon ECS Task\n\t\t\t\tDefinitions in the Amazon Elastic Container Service Developer Guide.
\n You can specify a role for your task with the taskRoleArn parameter.\n\t\t\tWhen you specify a role for a task, its containers can then use the latest versions\n\t\t\tof the CLI or SDKs to make API requests to the Amazon Web Services services that are specified in\n\t\t\tthe policy that's associated with the role. For more information, see IAM\n\t\t\t\tRoles for Tasks in the Amazon Elastic Container Service Developer Guide.
\n You can specify a Docker networking mode for the containers in your task definition\n\t\t\twith the networkMode parameter. The available network modes correspond to\n\t\t\tthose described in Network\n\t\t\t\tsettings in the Docker run reference. If you specify the awsvpc\n\t\t\tnetwork mode, the task is allocated an elastic network interface, and you must specify a\n\t\t\t\tNetworkConfiguration when you create a service or run a task with\n\t\t\tthe task definition. For more information, see Task Networking\n\t\t\tin the Amazon Elastic Container Service Developer Guide.
",
+ "smithy.api#documentation": "Registers a new task definition from the supplied family and\n\t\t\t\tcontainerDefinitions. Optionally, you can add data volumes to your\n\t\t\tcontainers with the volumes parameter. For more information about task\n\t\t\tdefinition parameters and defaults, see Amazon ECS Task\n\t\t\t\tDefinitions in the Amazon Elastic Container Service Developer Guide.
\n You can specify a role for your task with the taskRoleArn parameter. When\n\t\t\tyou specify a role for a task, its containers can then use the latest versions of the\n\t\t\tCLI or SDKs to make API requests to the Amazon Web Services services that are specified in the\n\t\t\tpolicy that's associated with the role. For more information, see IAM\n\t\t\t\tRoles for Tasks in the Amazon Elastic Container Service Developer Guide.
\n You can specify a Docker networking mode for the containers in your task definition\n\t\t\twith the networkMode parameter. The available network modes correspond to\n\t\t\tthose described in Network\n\t\t\t\tsettings in the Docker run reference. If you specify the awsvpc\n\t\t\tnetwork mode, the task is allocated an elastic network interface, and you must specify a\n\t\t\t\tNetworkConfiguration when you create a service or run a task with\n\t\t\tthe task definition. For more information, see Task Networking\n\t\t\tin the Amazon Elastic Container Service Developer Guide.
",
"smithy.api#examples": [
{
"title": "To register a task definition",
@@ -9110,7 +9181,7 @@
"ephemeralStorage": {
"target": "com.amazonaws.ecs#EphemeralStorage",
"traits": {
- "smithy.api#documentation": "The amount of ephemeral storage to allocate for the task. This parameter is used to\n\t\t\texpand the total amount of ephemeral storage available, beyond the default amount, for\n\t\t\ttasks hosted on Fargate. For more information, see Fargate task\n\t\t\t\tstorage in the Amazon ECS User Guide for Fargate.
\n \n For tasks using the Fargate launch type, the task requires\n\t\t\t\tthe following platforms:
\n \n "
+ "smithy.api#documentation": "The amount of ephemeral storage to allocate for the task. This parameter is used to\n\t\t\texpand the total amount of ephemeral storage available, beyond the default amount, for\n\t\t\ttasks hosted on Fargate. For more information, see Fargate task\n\t\t\t\tstorage in the Amazon ECS User Guide for Fargate.
\n \n For tasks using the Fargate launch type, the task requires the\n\t\t\t\tfollowing platforms:
\n \n "
}
},
"runtimePlatform": {
@@ -9254,7 +9325,7 @@
"value": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The value for the specified resource type.
\n If the GPU type is used, the value is the number of physical\n\t\t\t\tGPUs the Amazon ECS container agent reserves for the container. The number\n\t\t\tof GPUs that's reserved for all containers in a task can't exceed the number of\n\t\t\tavailable GPUs on the container instance that the task is launched on.
\n If the InferenceAccelerator type is used, the value matches\n\t\t\tthe deviceName for an InferenceAccelerator specified in a\n\t\t\ttask definition.
",
+ "smithy.api#documentation": "The value for the specified resource type.
\n If the GPU type is used, the value is the number of physical\n\t\t\t\tGPUs the Amazon ECS container agent reserves for the container. The number\n\t\t\tof GPUs that's reserved for all containers in a task can't exceed the number of\n\t\t\tavailable GPUs on the container instance that the task is launched on.
\n If the InferenceAccelerator type is used, the value matches\n\t\t\tthe deviceName for an InferenceAccelerator specified in a task definition.
",
"smithy.api#required": {}
}
},
@@ -9267,7 +9338,7 @@
}
},
"traits": {
- "smithy.api#documentation": "The type and amount of a resource to assign to a container. The supported resource types are\n\t\t\tGPUs and Elastic Inference accelerators. For more information, see Working with\n\t\t\t\tGPUs on Amazon ECS or Working with\n\t\t\t\tAmazon Elastic Inference on Amazon ECS in the Amazon Elastic Container Service Developer Guide\n
"
+ "smithy.api#documentation": "The type and amount of a resource to assign to a container. The supported resource\n\t\t\ttypes are GPUs and Elastic Inference accelerators. For more information, see Working with\n\t\t\t\tGPUs on Amazon ECS or Working with Amazon Elastic\n\t\t\t\tInference on Amazon ECS in the Amazon Elastic Container Service Developer Guide\n
"
}
},
"com.amazonaws.ecs#ResourceRequirements": {
@@ -9340,7 +9411,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Starts a new task using the specified task definition.
\n You can allow Amazon ECS to place tasks for you, or you can customize how Amazon ECS places\n\t\t\ttasks using placement constraints and placement strategies. For more information, see\n\t\t\t\tScheduling Tasks in the Amazon Elastic Container Service Developer Guide.
\n Alternatively, you can use StartTask to use your own scheduler or\n\t\t\tplace tasks manually on specific container instances.
\n \n Starting April 15, 2023, Amazon Web Services will not onboard new customers to Amazon Elastic Inference (EI), and will help current customers migrate their workloads to options that offer better price and performance. After April 15, 2023, new customers will not be able to launch instances with Amazon EI accelerators in Amazon SageMaker, Amazon ECS, or Amazon EC2. However, customers who have used Amazon EI at least once during the past 30-day period are considered current customers and will be able to continue using the service.
\n \n The Amazon ECS API follows an eventual consistency model. This is because of the\n\t\t\tdistributed nature of the system supporting the API. This means that the result of an\n\t\t\tAPI command you run that affects your Amazon ECS resources might not be immediately visible\n\t\t\tto all subsequent commands you run. Keep this in mind when you carry out an API command\n\t\t\tthat immediately follows a previous API command.
\n To manage eventual consistency, you can do the following:
\n \n - \n
Confirm the state of the resource before you run a command to modify it. Run\n\t\t\t\t\tthe DescribeTasks command using an exponential backoff algorithm to ensure that\n\t\t\t\t\tyou allow enough time for the previous command to propagate through the system.\n\t\t\t\t\tTo do this, run the DescribeTasks command repeatedly, starting with a couple of\n\t\t\t\t\tseconds of wait time and increasing gradually up to five minutes of wait\n\t\t\t\t\ttime.
\n \n - \n
Add wait time between subsequent commands, even if the DescribeTasks command\n\t\t\t\t\treturns an accurate response. Apply an exponential backoff algorithm starting\n\t\t\t\t\twith a couple of seconds of wait time, and increase gradually up to about five\n\t\t\t\t\tminutes of wait time.
\n \n
",
+ "smithy.api#documentation": "Starts a new task using the specified task definition.
\n You can allow Amazon ECS to place tasks for you, or you can customize how Amazon ECS places\n\t\t\ttasks using placement constraints and placement strategies. For more information, see\n\t\t\t\tScheduling Tasks in the Amazon Elastic Container Service Developer Guide.
\n Alternatively, you can use StartTask to use your own scheduler or\n\t\t\tplace tasks manually on specific container instances.
\n \n Starting April 15, 2023, Amazon Web Services will not onboard new customers to Amazon Elastic Inference (EI), and will help current customers migrate their workloads to options that offer better price and performance. After April 15, 2023, new customers will not be able to launch instances with Amazon EI accelerators in Amazon SageMaker, Amazon ECS, or Amazon EC2. However, customers who have used Amazon EI at least once during the past 30-day period are considered current customers and will be able to continue using the service.
\n \n You can attach Amazon EBS volumes to Amazon ECS tasks by configuring the volume when creating or\n\t\t\tupdating a service. For more infomation, see Amazon EBS volumes in the Amazon Elastic Container Service Developer Guide.
\n The Amazon ECS API follows an eventual consistency model. This is because of the\n\t\t\tdistributed nature of the system supporting the API. This means that the result of an\n\t\t\tAPI command you run that affects your Amazon ECS resources might not be immediately visible\n\t\t\tto all subsequent commands you run. Keep this in mind when you carry out an API command\n\t\t\tthat immediately follows a previous API command.
\n To manage eventual consistency, you can do the following:
\n \n - \n
Confirm the state of the resource before you run a command to modify it. Run\n\t\t\t\t\tthe DescribeTasks command using an exponential backoff algorithm to ensure that\n\t\t\t\t\tyou allow enough time for the previous command to propagate through the system.\n\t\t\t\t\tTo do this, run the DescribeTasks command repeatedly, starting with a couple of\n\t\t\t\t\tseconds of wait time and increasing gradually up to five minutes of wait\n\t\t\t\t\ttime.
\n \n - \n
Add wait time between subsequent commands, even if the DescribeTasks command\n\t\t\t\t\treturns an accurate response. Apply an exponential backoff algorithm starting\n\t\t\t\t\twith a couple of seconds of wait time, and increase gradually up to about five\n\t\t\t\t\tminutes of wait time.
\n \n
",
"smithy.api#examples": [
{
"title": "To run a task on your default cluster",
@@ -9471,7 +9542,7 @@
"startedBy": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "An optional tag specified when a task is started. For example, if you automatically trigger\n\t\t\ta task to run a batch process job, you could apply a unique identifier for that job to\n\t\t\tyour task with the startedBy parameter. You can then identify which tasks\n\t\t\tbelong to that job by filtering the results of a ListTasks call with\n\t\t\tthe startedBy value. Up to 128 letters (uppercase and lowercase), numbers,\n\t\t\thyphens (-), and underscores (_) are allowed.
\n If a task is started by an Amazon ECS service, then the startedBy parameter\n\t\t\tcontains the deployment ID of the service that starts it.
"
+ "smithy.api#documentation": "An optional tag specified when a task is started. For example, if you automatically\n\t\t\ttrigger a task to run a batch process job, you could apply a unique identifier for that\n\t\t\tjob to your task with the startedBy parameter. You can then identify which\n\t\t\ttasks belong to that job by filtering the results of a ListTasks call\n\t\t\twith the startedBy value. Up to 128 letters (uppercase and lowercase),\n\t\t\tnumbers, hyphens (-), and underscores (_) are allowed.
\n If a task is started by an Amazon ECS service, then the startedBy parameter\n\t\t\tcontains the deployment ID of the service that starts it.
"
}
},
"tags": {
@@ -9483,16 +9554,22 @@
"taskDefinition": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The family and revision (family:revision) or\n\t\t\tfull ARN of the task definition to run. If a revision isn't specified,\n\t\t\tthe latest ACTIVE revision is used.
\n When you create a policy for run-task, you can set the resource to be the latest\n\t\t\ttask definition revision, or a specific revision.
\n The full ARN value must match the value that you specified as the\n\t\t\t\tResource of the principal's permissions policy.
\n When you specify the policy resource as the latest task definition version (by setting\n\t\t\tthe Resource in the policy to\n\t\t\t\tarn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName),\n\t\t\tthen set this value to\n\t\t\t\tarn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName.
\n When you specify the policy resource as a specific task definition version (by setting\n\t\t\tthe Resource in the policy to\n\t\t\t\tarn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName:1 or\n\t\t\t\tarn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName:*),\n\t\t\tthen set this value to\n\t\t\t\tarn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName:1.
\n For more information, see Policy Resources for Amazon ECS in the Amazon Elastic Container Service developer Guide.
",
+ "smithy.api#documentation": "The family and revision (family:revision) or\n\t\t\tfull ARN of the task definition to run. If a revision isn't specified,\n\t\t\tthe latest ACTIVE revision is used.
\n When you create a policy for run-task, you can set the resource to be the latest task\n\t\t\tdefinition revision, or a specific revision.
\n The full ARN value must match the value that you specified as the\n\t\t\t\tResource of the principal's permissions policy.
\n When you specify the policy resource as the latest task definition version (by setting\n\t\t\tthe Resource in the policy to\n\t\t\t\tarn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName),\n\t\t\tthen set this value to\n\t\t\t\tarn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName.
\n When you specify the policy resource as a specific task definition version (by setting\n\t\t\tthe Resource in the policy to\n\t\t\t\tarn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName:1 or\n\t\t\t\tarn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName:*),\n\t\t\tthen set this value to\n\t\t\t\tarn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName:1.
\n For more information, see Policy Resources for Amazon ECS in the Amazon Elastic Container Service developer Guide.
",
"smithy.api#required": {}
}
},
"clientToken": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "An identifier that you provide to ensure the idempotency of the request. It must be unique\n\t\t\tand is case sensitive. Up to 64 characters are allowed. The valid characters are characters in the range of 33-126, inclusive. For more information, see\n\t\t\t\tEnsuring idempotency.
",
+ "smithy.api#documentation": "An identifier that you provide to ensure the idempotency of the request. It must be\n\t\t\tunique and is case sensitive. Up to 64 characters are allowed. The valid characters are\n\t\t\tcharacters in the range of 33-126, inclusive. For more information, see Ensuring idempotency.
",
"smithy.api#idempotencyToken": {}
}
+ },
+ "volumeConfigurations": {
+ "target": "com.amazonaws.ecs#TaskVolumeConfigurations",
+ "traits": {
+ "smithy.api#documentation": "The details of the volume that was configuredAtLaunch. You can configure\n\t\t\tthe size, volumeType, IOPS, throughput, snapshot and encryption in in TaskManagedEBSVolumeConfiguration. The name of the volume must\n\t\t\tmatch the name from the task definition.
"
+ }
}
},
"traits": {
@@ -9618,7 +9695,7 @@
"valueFrom": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The secret to expose to the container. The supported values are either the full ARN\n\t\t\tof the Secrets Manager secret or the full ARN of the parameter in the SSM Parameter\n\t\t\tStore.
\n For information about the require Identity and Access Management permissions, see Required IAM permissions for Amazon ECS secrets (for Secrets Manager) or Required IAM permissions for Amazon ECS secrets (for Systems Manager Parameter\n\t\t\tstore) in the Amazon Elastic Container Service Developer Guide.
\n \n If the SSM Parameter Store parameter exists in the same Region as the task\n\t\t\t\tyou're launching, then you can use either the full ARN or name of the parameter.\n\t\t\t\tIf the parameter exists in a different Region, then the full ARN must be\n\t\t\t\tspecified.
\n ",
+ "smithy.api#documentation": "The secret to expose to the container. The supported values are either the full ARN\n\t\t\tof the Secrets Manager secret or the full ARN of the parameter in the SSM\n\t\t\tParameter Store.
\n For information about the require Identity and Access Management permissions, see Required IAM permissions for Amazon ECS secrets (for Secrets Manager) or\n\t\t\t\tRequired IAM permissions for Amazon ECS secrets (for Systems Manager Parameter\n\t\t\tstore) in the Amazon Elastic Container Service Developer Guide.
\n \n If the SSM Parameter Store parameter exists in the same Region as the task\n\t\t\t\tyou're launching, then you can use either the full ARN or name of the parameter.\n\t\t\t\tIf the parameter exists in a different Region, then the full ARN must be\n\t\t\t\tspecified.
\n ",
"smithy.api#required": {}
}
}
@@ -9894,7 +9971,7 @@
"namespace": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The namespace name or full Amazon Resource Name (ARN) of the Cloud Map namespace for use with Service Connect. The namespace must be in\n\t\t\tthe same Amazon Web Services Region as the Amazon ECS service and cluster. The type of namespace doesn't\n\t\t\taffect Service Connect. For more information about Cloud Map, see Working with Services in the\n\t\t\tCloud Map Developer Guide.
"
+ "smithy.api#documentation": "The namespace name or full Amazon Resource Name (ARN) of the Cloud Map namespace for use with Service Connect. The namespace must be in\n\t\t\tthe same Amazon Web Services Region as the Amazon ECS service and cluster. The type of namespace doesn't\n\t\t\taffect Service Connect. For more information about Cloud Map, see Working\n\t\t\t\twith Services in the Cloud Map Developer Guide.
"
}
},
"services": {
@@ -10025,6 +10102,75 @@
"target": "com.amazonaws.ecs#ServiceField"
}
},
+ "com.amazonaws.ecs#ServiceManagedEBSVolumeConfiguration": {
+ "type": "structure",
+ "members": {
+ "encrypted": {
+ "target": "com.amazonaws.ecs#BoxedBoolean",
+ "traits": {
+ "smithy.api#documentation": "Indicates whether the volume should be encrypted. If no value is specified, encryption\n\t\t\tis turned on by default. This parameter maps 1:1 with the Encrypted\n\t\t\tparameter of the CreateVolume API in\n\t\t\tthe Amazon EC2 API Reference.
"
+ }
+ },
+ "kmsKeyId": {
+ "target": "com.amazonaws.ecs#EBSKMSKeyId",
+ "traits": {
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) identifier of the Amazon Web Services Key Management Service key to use for Amazon EBS encryption. When\n\t\t\tencryption is turned on and no Amazon Web Services Key Management Service key is specified, the default Amazon Web Services managed key\n\t\t\tfor Amazon EBS volumes is used. This parameter maps 1:1 with the KmsKeyId\n\t\t\tparameter of the CreateVolume API in\n\t\t\tthe Amazon EC2 API Reference.
\n \n Amazon Web Services authenticates the Amazon Web Services Key Management Service key asynchronously. Therefore, if you specify an\n\t\t\t\tID, alias, or ARN that is invalid, the action can appear to complete, but\n\t\t\t\teventually fails.
\n "
+ }
+ },
+ "volumeType": {
+ "target": "com.amazonaws.ecs#EBSVolumeType",
+ "traits": {
+ "smithy.api#documentation": "The volume type. This parameter maps 1:1 with the VolumeType parameter of\n\t\t\tthe CreateVolume API in the Amazon EC2 API Reference. For more\n\t\t\tinformation, see Amazon EBS volume types in\n\t\t\tthe Amazon EC2 User Guide.
\n The following are the supported volume types.
\n \n - \n
General Purpose SSD: gp2|gp3\n
\n \n - \n
Provisioned IOPS SSD: io1|io2\n
\n \n - \n
Throughput Optimized HDD: st1\n
\n \n - \n
Cold HDD: sc1\n
\n \n - \n
Magnetic: standard\n
\n \n The magnetic volume type is not supported on Fargate.
\n \n \n
"
+ }
+ },
+ "sizeInGiB": {
+ "target": "com.amazonaws.ecs#BoxedInteger",
+ "traits": {
+ "smithy.api#documentation": "The size of the volume in GiB. You must specify either a volume size or a snapshot ID.\n\t\t\tIf you specify a snapshot ID, the snapshot size is used for the volume size by default.\n\t\t\tYou can optionally specify a volume size greater than or equal to the snapshot size.\n\t\t\tThis parameter maps 1:1 with the Size parameter of the CreateVolume API in the Amazon EC2 API Reference.
\n The following are the supported volume size values for each volume type.
\n "
+ }
+ },
+ "snapshotId": {
+ "target": "com.amazonaws.ecs#EBSSnapshotId",
+ "traits": {
+ "smithy.api#documentation": "The snapshot that Amazon ECS uses to create the volume. You must specify either a snapshot\n\t\t\tID or a volume size. This parameter maps 1:1 with the SnapshotId parameter\n\t\t\tof the CreateVolume API in\n\t\t\tthe Amazon EC2 API Reference.
"
+ }
+ },
+ "iops": {
+ "target": "com.amazonaws.ecs#BoxedInteger",
+ "traits": {
+ "smithy.api#documentation": "The number of I/O operations per second (IOPS). For gp3,\n\t\t\tio1, and io2 volumes, this represents the number of IOPS that\n\t\t\tare provisioned for the volume. For gp2 volumes, this represents the\n\t\t\tbaseline performance of the volume and the rate at which the volume accumulates I/O\n\t\t\tcredits for bursting.
\n The following are the supported values for each volume type.
\n \n - \n
\n gp3: 3,000 - 16,000 IOPS
\n \n - \n
\n io1: 100 - 64,000 IOPS
\n \n - \n
\n io2: 100 - 256,000 IOPS
\n \n
\n This parameter is required for io1 and io2 volume types. The\n\t\t\tdefault for gp3 volumes is 3,000 IOPS. This parameter is not\n\t\t\tsupported for st1, sc1, or standard volume\n\t\t\ttypes.
\n This parameter maps 1:1 with the Iops parameter of the CreateVolume API in the Amazon EC2 API Reference.
"
+ }
+ },
+ "throughput": {
+ "target": "com.amazonaws.ecs#BoxedInteger",
+ "traits": {
+ "smithy.api#documentation": "The throughput to provision for a volume, in MiB/s, with a maximum of 1,000 MiB/s.\n\t\t\tThis parameter maps 1:1 with the Throughput parameter of the CreateVolume API in the Amazon EC2 API Reference.
\n \n This parameter is only supported for the gp3 volume type.
\n "
+ }
+ },
+ "tagSpecifications": {
+ "target": "com.amazonaws.ecs#EBSTagSpecifications",
+ "traits": {
+ "smithy.api#documentation": "The tags to apply to the volume. Amazon ECS applies service-managed tags by default. This\n\t\t\tparameter maps 1:1 with the TagSpecifications.N parameter of the CreateVolume API in the Amazon EC2 API Reference.
"
+ }
+ },
+ "roleArn": {
+ "target": "com.amazonaws.ecs#IAMRoleArn",
+ "traits": {
+ "smithy.api#documentation": "The ARN of the IAM role to associate with this volume. This is the Amazon ECS\n\t\t\tinfrastructure IAM role that is used to manage your Amazon Web Services infrastructure. We recommend\n\t\t\tusing the Amazon ECS-managed AmazonECSInfrastructureRolePolicyForVolumes IAM\n\t\t\tpolicy with this role. For more information, see Amazon ECS\n\t\t\t\tinfrastructure IAM role in the Amazon ECS Developer\n\t\t\tGuide.
",
+ "smithy.api#required": {}
+ }
+ },
+ "filesystemType": {
+ "target": "com.amazonaws.ecs#TaskFilesystemType",
+ "traits": {
+ "smithy.api#documentation": "The Linux filesystem type for the volume. For volumes created from a snapshot, you\n\t\t\tmust specify the same filesystem type that the volume was using when the snapshot was\n\t\t\tcreated. If there is a filesystem type mismatch, the task will fail to start.
\n The available filesystem types are\u2028 ext3, ext4, and\n\t\t\t\txfs. If no value is specified, the xfs filesystem type is\n\t\t\tused by default.
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "The configuration for the Amazon EBS volume that Amazon ECS creates and manages on your behalf.\n\t\t\tThese settings are used to create each Amazon EBS volume, with one volume created for each\n\t\t\ttask in the service.
\n Many of these parameters map 1:1 with the Amazon EBS CreateVolume API request\n\t\t\tparameters.
"
+ }
+ },
"com.amazonaws.ecs#ServiceNotActiveException": {
"type": "structure",
"members": {
@@ -10093,6 +10239,33 @@
"smithy.api#documentation": "The details for the service registry.
\n Each service may be associated with one service registry. Multiple service registries\n\t\t\tfor each service are not supported.
\n When you add, update, or remove the service registries configuration, Amazon ECS starts a\n\t\t\tnew deployment. New tasks are registered and deregistered to the updated service\n\t\t\tregistry configuration.
"
}
},
+ "com.amazonaws.ecs#ServiceVolumeConfiguration": {
+ "type": "structure",
+ "members": {
+ "name": {
+ "target": "com.amazonaws.ecs#ECSVolumeName",
+ "traits": {
+ "smithy.api#documentation": "The name of the volume. This value must match the volume name from the\n\t\t\t\tVolume object in the task definition.
",
+ "smithy.api#required": {}
+ }
+ },
+ "managedEBSVolume": {
+ "target": "com.amazonaws.ecs#ServiceManagedEBSVolumeConfiguration",
+ "traits": {
+ "smithy.api#documentation": "The configuration for the Amazon EBS volume that Amazon ECS creates and manages on your behalf.\n\t\t\tThese settings are used to create each Amazon EBS volume, with one volume created for each\n\t\t\ttask in the service. The Amazon EBS volumes are visible in your account in the Amazon EC2 console\n\t\t\tonce they are created.
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "The configuration for a volume specified in the task definition as a volume that is\n\t\t\tconfigured at launch time. Currently, the only supported volume type is an Amazon EBS\n\t\t\tvolume.
"
+ }
+ },
+ "com.amazonaws.ecs#ServiceVolumeConfigurations": {
+ "type": "list",
+ "member": {
+ "target": "com.amazonaws.ecs#ServiceVolumeConfiguration"
+ }
+ },
"com.amazonaws.ecs#Services": {
"type": "list",
"member": {
@@ -10143,7 +10316,7 @@
"principalArn": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The ARN of the principal. It can be a user, role, or the root user. If this\n\t\t\tfield is omitted, the authenticated user is assumed.
"
+ "smithy.api#documentation": "The ARN of the principal. It can be a user, role, or the root user. If this field is\n\t\t\tomitted, the authenticated user is assumed.
"
}
},
"type": {
@@ -10293,10 +10466,13 @@
},
{
"target": "com.amazonaws.ecs#ServerException"
+ },
+ {
+ "target": "com.amazonaws.ecs#UnsupportedFeatureException"
}
],
"traits": {
- "smithy.api#documentation": "Starts a new task from the specified task definition on the specified container\n\t\t\tinstance or instances.
\n \n Starting April 15, 2023, Amazon Web Services will not onboard new customers to Amazon Elastic Inference (EI), and will help current customers migrate their workloads to options that offer better price and performance. After April 15, 2023, new customers will not be able to launch instances with Amazon EI accelerators in Amazon SageMaker, Amazon ECS, or Amazon EC2. However, customers who have used Amazon EI at least once during the past 30-day period are considered current customers and will be able to continue using the service.
\n \n Alternatively, you can use RunTask to place tasks for you. For more\n\t\t\tinformation, see Scheduling Tasks in the Amazon Elastic Container Service Developer Guide.
"
+ "smithy.api#documentation": "Starts a new task from the specified task definition on the specified container\n\t\t\tinstance or instances.
\n \n Starting April 15, 2023, Amazon Web Services will not onboard new customers to Amazon Elastic Inference (EI), and will help current customers migrate their workloads to options that offer better price and performance. After April 15, 2023, new customers will not be able to launch instances with Amazon EI accelerators in Amazon SageMaker, Amazon ECS, or Amazon EC2. However, customers who have used Amazon EI at least once during the past 30-day period are considered current customers and will be able to continue using the service.
\n \n Alternatively, you can use RunTask to place tasks for you. For more\n\t\t\tinformation, see Scheduling Tasks in the Amazon Elastic Container Service Developer Guide.
\n You can attach Amazon EBS volumes to Amazon ECS tasks by configuring the volume when creating or\n\t\t\tupdating a service. For more infomation, see Amazon EBS volumes in the Amazon Elastic Container Service Developer Guide.
"
}
},
"com.amazonaws.ecs#StartTaskRequest": {
@@ -10326,7 +10502,7 @@
"target": "com.amazonaws.ecs#Boolean",
"traits": {
"smithy.api#default": false,
- "smithy.api#documentation": "Whether or not the execute command functionality is turned on for the task. If\n\t\t\t\ttrue, this turns on the execute command functionality on all containers in\n\t\t\tthe task.
"
+ "smithy.api#documentation": "Whether or not the execute command functionality is turned on for the task. If\n\t\t\t\ttrue, this turns on the execute command functionality on all containers\n\t\t\tin the task.
"
}
},
"group": {
@@ -10377,6 +10553,12 @@
"smithy.api#documentation": "The family and revision (family:revision) or\n\t\t\tfull ARN of the task definition to start. If a revision isn't specified,\n\t\t\tthe latest ACTIVE revision is used.
",
"smithy.api#required": {}
}
+ },
+ "volumeConfigurations": {
+ "target": "com.amazonaws.ecs#TaskVolumeConfigurations",
+ "traits": {
+ "smithy.api#documentation": "The details of the volume that was configuredAtLaunch. You can configure\n\t\t\tthe size, volumeType, IOPS, throughput, snapshot and encryption in TaskManagedEBSVolumeConfiguration. The name of the volume must\n\t\t\tmatch the name from the task definition.
"
+ }
}
},
"traits": {
@@ -10768,7 +10950,7 @@
"value": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The namespaced kernel parameter to set a\n\t\t\tvalue for.
\n Valid IPC namespace values: \"kernel.msgmax\" | \"kernel.msgmnb\" | \"kernel.msgmni\"\n\t\t\t| \"kernel.sem\" | \"kernel.shmall\" | \"kernel.shmmax\" |\n\t\t\t\"kernel.shmmni\" | \"kernel.shm_rmid_forced\", and\n\t\t\tSysctls that start with\n\t\t\t\"fs.mqueue.*\"\n
\n Valid network namespace values: Sysctls that start with\n\t\t\t\"net.*\"\n
\n All of these values are supported by Fargate.
"
+ "smithy.api#documentation": "The namespaced kernel parameter to set a value for.
\n Valid IPC namespace values: \"kernel.msgmax\" | \"kernel.msgmnb\" | \"kernel.msgmni\"\n\t\t\t\t| \"kernel.sem\" | \"kernel.shmall\" | \"kernel.shmmax\" | \"kernel.shmmni\" |\n\t\t\t\t\"kernel.shm_rmid_forced\", and Sysctls that start with\n\t\t\t\t\"fs.mqueue.*\"\n
\n Valid network namespace values: Sysctls that start with\n\t\t\t\t\"net.*\"\n
\n All of these values are supported by Fargate.
"
}
}
},
@@ -10925,7 +11107,7 @@
}
},
"traits": {
- "smithy.api#documentation": "The execute command cannot run. This error can be caused by any of the following\n\t\t\tconfiguration issues:
\n \n - \n
Incorrect IAM permissions
\n \n - \n
The SSM agent is not installed or is not running
\n \n - \n
There is an interface Amazon VPC endpoint for Amazon ECS, but there is not one for Systems\n\t\t\t\t\tManager Session Manager
\n \n
\n For information about how to troubleshoot the issues, see Troubleshooting issues with ECS\n\t\t\t\tExec in the Amazon Elastic Container Service Developer Guide.
",
+ "smithy.api#documentation": "The execute command cannot run. This error can be caused by any of the following\n\t\t\tconfiguration issues:
\n \n - \n
Incorrect IAM permissions
\n \n - \n
The SSM agent is not installed or is not running
\n \n - \n
There is an interface Amazon VPC endpoint for Amazon ECS, but there is not one for\n\t\t\t\t\tSystems Manager Session Manager
\n \n
\n For information about how to troubleshoot the issues, see Troubleshooting issues with ECS\n\t\t\t\tExec in the Amazon Elastic Container Service Developer Guide.
",
"smithy.api#error": "client"
}
},
@@ -11124,7 +11306,7 @@
"stopCode": {
"target": "com.amazonaws.ecs#TaskStopCode",
"traits": {
- "smithy.api#documentation": "The stop code indicating why a task was stopped. The stoppedReason might\n\t\t\tcontain additional details.
\n For more information about stop code, see Stopped tasks error codes in the Amazon ECS User Guide.
\n The following are valid values:
\n "
+ "smithy.api#documentation": "The stop code indicating why a task was stopped. The stoppedReason might\n\t\t\tcontain additional details.
\n For more information about stop code, see Stopped tasks error\n\t\t\t\tcodes in the Amazon ECS User Guide.
\n The following are valid values:
\n "
}
},
"stoppedAt": {
@@ -11205,7 +11387,7 @@
"taskRoleArn": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The short name or full Amazon Resource Name (ARN) of the Identity and Access Management role that grants containers in the\n\t\t\ttask permission to call Amazon Web Services APIs on your behalf. For more information, see Amazon ECS\n\t\t\t\tTask Role in the Amazon Elastic Container Service Developer Guide.
\n IAM roles for tasks on Windows require that the -EnableTaskIAMRole option\n\t\t\tis set when you launch the Amazon ECS-optimized Windows AMI. Your containers must also run some\n\t\t\tconfiguration code to use the feature. For more information, see Windows IAM roles\n\t\t\t\tfor tasks in the Amazon Elastic Container Service Developer Guide.
"
+ "smithy.api#documentation": "The short name or full Amazon Resource Name (ARN) of the Identity and Access Management role that grants containers in the\n\t\t\ttask permission to call Amazon Web Services APIs on your behalf. For more information, see Amazon ECS\n\t\t\t\tTask Role in the Amazon Elastic Container Service Developer Guide.
\n IAM roles for tasks on Windows require that the -EnableTaskIAMRole\n\t\t\toption is set when you launch the Amazon ECS-optimized Windows AMI. Your containers must also run some\n\t\t\tconfiguration code to use the feature. For more information, see Windows IAM roles\n\t\t\t\tfor tasks in the Amazon Elastic Container Service Developer Guide.
"
}
},
"executionRoleArn": {
@@ -11397,7 +11579,7 @@
}
},
"traits": {
- "smithy.api#documentation": "The constraint on task placement in the task definition. For more\n\t\t\tinformation, see Task placement constraints in the\n\t\t\tAmazon Elastic Container Service Developer Guide.
\n \n Task placement constraints aren't supported for tasks run on Fargate.
\n "
+ "smithy.api#documentation": "The constraint on task placement in the task definition. For more information, see\n\t\t\t\tTask placement constraints in the\n\t\t\tAmazon Elastic Container Service Developer Guide.
\n \n Task placement constraints aren't supported for tasks run on Fargate.
\n "
}
},
"com.amazonaws.ecs#TaskDefinitionPlacementConstraintType": {
@@ -11457,6 +11639,119 @@
"target": "com.amazonaws.ecs#TaskField"
}
},
+ "com.amazonaws.ecs#TaskFilesystemType": {
+ "type": "enum",
+ "members": {
+ "EXT3": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ext3"
+ }
+ },
+ "EXT4": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ext4"
+ }
+ },
+ "XFS": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "xfs"
+ }
+ }
+ }
+ },
+ "com.amazonaws.ecs#TaskManagedEBSVolumeConfiguration": {
+ "type": "structure",
+ "members": {
+ "encrypted": {
+ "target": "com.amazonaws.ecs#BoxedBoolean",
+ "traits": {
+ "smithy.api#documentation": "Indicates whether the volume should be encrypted. If no value is specified, encryption\n\t\t\tis turned on by default. This parameter maps 1:1 with the Encrypted\n\t\t\tparameter of the CreateVolume API in\n\t\t\tthe Amazon EC2 API Reference.
"
+ }
+ },
+ "kmsKeyId": {
+ "target": "com.amazonaws.ecs#EBSKMSKeyId",
+ "traits": {
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) identifier of the Amazon Web Services Key Management Service key to use for Amazon EBS encryption. When\n\t\t\tencryption is turned on and no Amazon Web Services Key Management Service key is specified, the default Amazon Web Services managed key\n\t\t\tfor Amazon EBS volumes is used. This parameter maps 1:1 with the KmsKeyId\n\t\t\tparameter of the CreateVolume API in\n\t\t\tthe Amazon EC2 API Reference.
\n \n Amazon Web Services authenticates the Amazon Web Services Key Management Service key asynchronously. Therefore, if you specify an\n\t\t\t\tID, alias, or ARN that is invalid, the action can appear to complete, but\n\t\t\t\teventually fails.
\n "
+ }
+ },
+ "volumeType": {
+ "target": "com.amazonaws.ecs#EBSVolumeType",
+ "traits": {
+ "smithy.api#documentation": "The volume type. This parameter maps 1:1 with the VolumeType parameter of\n\t\t\tthe CreateVolume API in the Amazon EC2 API Reference. For more\n\t\t\tinformation, see Amazon EBS volume types in\n\t\t\tthe Amazon EC2 User Guide.
\n The following are the supported volume types.
\n \n - \n
General Purpose SSD: gp2|gp3\n
\n \n - \n
Provisioned IOPS SSD: io1|io2\n
\n \n - \n
Throughput Optimized HDD: st1\n
\n \n - \n
Cold HDD: sc1\n
\n \n - \n
Magnetic: standard\n
\n \n The magnetic volume type is not supported on Fargate.
\n \n \n
"
+ }
+ },
+ "sizeInGiB": {
+ "target": "com.amazonaws.ecs#BoxedInteger",
+ "traits": {
+ "smithy.api#documentation": "The size of the volume in GiB. You must specify either a volume size or a snapshot ID.\n\t\t\tIf you specify a snapshot ID, the snapshot size is used for the volume size by default.\n\t\t\tYou can optionally specify a volume size greater than or equal to the snapshot size.\n\t\t\tThis parameter maps 1:1 with the Size parameter of the CreateVolume API in the Amazon EC2 API Reference.
\n The following are the supported volume size values for each volume type.
\n "
+ }
+ },
+ "snapshotId": {
+ "target": "com.amazonaws.ecs#EBSSnapshotId",
+ "traits": {
+ "smithy.api#documentation": "The snapshot that Amazon ECS uses to create the volume. You must specify either a snapshot\n\t\t\tID or a volume size. This parameter maps 1:1 with the SnapshotId parameter\n\t\t\tof the CreateVolume API in\n\t\t\tthe Amazon EC2 API Reference.
"
+ }
+ },
+ "iops": {
+ "target": "com.amazonaws.ecs#BoxedInteger",
+ "traits": {
+ "smithy.api#documentation": "The number of I/O operations per second (IOPS). For gp3,\n\t\t\tio1, and io2 volumes, this represents the number of IOPS that\n\t\t\tare provisioned for the volume. For gp2 volumes, this represents the\n\t\t\tbaseline performance of the volume and the rate at which the volume accumulates I/O\n\t\t\tcredits for bursting.
\n The following are the supported values for each volume type.
\n \n - \n
\n gp3: 3,000 - 16,000 IOPS
\n \n - \n
\n io1: 100 - 64,000 IOPS
\n \n - \n
\n io2: 100 - 256,000 IOPS
\n \n
\n This parameter is required for io1 and io2 volume types. The\n\t\t\tdefault for gp3 volumes is 3,000 IOPS. This parameter is not\n\t\t\tsupported for st1, sc1, or standard volume\n\t\t\ttypes.
\n This parameter maps 1:1 with the Iops parameter of the CreateVolume API in the Amazon EC2 API Reference.
"
+ }
+ },
+ "throughput": {
+ "target": "com.amazonaws.ecs#BoxedInteger",
+ "traits": {
+ "smithy.api#documentation": "The throughput to provision for a volume, in MiB/s, with a maximum of 1,000 MiB/s.\n\t\t\tThis parameter maps 1:1 with the Throughput parameter of the CreateVolume API in the Amazon EC2 API Reference.
\n \n This parameter is only supported for the gp3 volume type.
\n "
+ }
+ },
+ "tagSpecifications": {
+ "target": "com.amazonaws.ecs#EBSTagSpecifications",
+ "traits": {
+ "smithy.api#documentation": "The tags to apply to the volume. Amazon ECS applies service-managed tags by default. This\n\t\t\tparameter maps 1:1 with the TagSpecifications.N parameter of the CreateVolume API in the Amazon EC2 API Reference.
"
+ }
+ },
+ "roleArn": {
+ "target": "com.amazonaws.ecs#IAMRoleArn",
+ "traits": {
+ "smithy.api#documentation": "The ARN of the IAM role to associate with this volume. This is the Amazon ECS\n\t\t\tinfrastructure IAM role that is used to manage your Amazon Web Services infrastructure. We recommend\n\t\t\tusing the Amazon ECS-managed AmazonECSInfrastructureRolePolicyForVolumes IAM\n\t\t\tpolicy with this role. For more information, see Amazon ECS\n\t\t\t\tinfrastructure IAM role in the Amazon ECS Developer\n\t\t\tGuide.
",
+ "smithy.api#required": {}
+ }
+ },
+ "terminationPolicy": {
+ "target": "com.amazonaws.ecs#TaskManagedEBSVolumeTerminationPolicy",
+ "traits": {
+ "smithy.api#documentation": "The termination policy for the volume when the task exits. This provides a way to\n\t\t\tcontrol whether Amazon ECS terminates the Amazon EBS volume when the task stops.
"
+ }
+ },
+ "filesystemType": {
+ "target": "com.amazonaws.ecs#TaskFilesystemType",
+ "traits": {
+ "smithy.api#documentation": "The Linux filesystem type for the volume. For volumes created from a snapshot, you\n\t\t\tmust specify the same filesystem type that the volume was using when the snapshot was\n\t\t\tcreated. If there is a filesystem type mismatch, the task will fail to start.
\n The available filesystem types are\u2028 ext3, ext4, and\n\t\t\t\txfs. If no value is specified, the xfs filesystem type is\n\t\t\tused by default.
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "The configuration for the Amazon EBS volume that Amazon ECS creates and manages on your behalf.\n\t\t\tThese settings are used to create each Amazon EBS volume, with one volume created for each\n\t\t\ttask.
"
+ }
+ },
+ "com.amazonaws.ecs#TaskManagedEBSVolumeTerminationPolicy": {
+ "type": "structure",
+ "members": {
+ "deleteOnTermination": {
+ "target": "com.amazonaws.ecs#BoxedBoolean",
+ "traits": {
+ "smithy.api#documentation": "Indicates whether the volume should be deleted on when the task stops. If a value of\n\t\t\t\ttrue is specified, \u2028Amazon ECS deletes the Amazon EBS volume on your behalf when\n\t\t\tthe task goes into the STOPPED state. If no value is specified, the\n\t\t\t\u2028default value is true is used. When set to false, Amazon ECS\n\t\t\tleaves the volume in your \u2028account.
",
+ "smithy.api#required": {}
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "The termination policy for the Amazon EBS volume when the task exits. For more information,\n\t\t\tsee Amazon ECS volume termination policy.
"
+ }
+ },
"com.amazonaws.ecs#TaskOverride": {
"type": "structure",
"members": {
@@ -11481,7 +11776,7 @@
"executionRoleArn": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the task execution role override for the task. For more\n\t\t\tinformation, see Amazon ECS task\n\t\t\t\texecution IAM role in the Amazon Elastic Container Service Developer Guide.
"
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the task execution role override for the task. For more information,\n\t\t\tsee Amazon ECS task\n\t\t\t\texecution IAM role in the Amazon Elastic Container Service Developer Guide.
"
}
},
"memory": {
@@ -11493,7 +11788,7 @@
"taskRoleArn": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the role that containers in this task can assume. All containers\n\t\t\tin this task are granted the permissions that are specified in this role. For more\n\t\t\tinformation, see IAM Role for Tasks\n\t\t\tin the Amazon Elastic Container Service Developer Guide.
"
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the role that containers in this task can assume. All containers in\n\t\t\tthis task are granted the permissions that are specified in this role. For more\n\t\t\tinformation, see IAM Role for Tasks\n\t\t\tin the Amazon Elastic Container Service Developer Guide.
"
}
},
"ephemeralStorage": {
@@ -11741,6 +12036,33 @@
}
}
},
+ "com.amazonaws.ecs#TaskVolumeConfiguration": {
+ "type": "structure",
+ "members": {
+ "name": {
+ "target": "com.amazonaws.ecs#ECSVolumeName",
+ "traits": {
+ "smithy.api#documentation": "The name of the volume. This value must match the volume name from the\n\t\t\t\tVolume object in the task definition.
",
+ "smithy.api#required": {}
+ }
+ },
+ "managedEBSVolume": {
+ "target": "com.amazonaws.ecs#TaskManagedEBSVolumeConfiguration",
+ "traits": {
+ "smithy.api#documentation": "The configuration for the Amazon EBS volume that Amazon ECS creates and manages on your behalf.\n\t\t\tThese settings are used to create each Amazon EBS volume, with one volume created for each\n\t\t\ttask. The Amazon EBS volumes are visible in your account in the Amazon EC2 console once they are\n\t\t\tcreated.
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "Configuration settings for the task volume that was configuredAtLaunch\n\t\t\tthat weren't set during RegisterTaskDef.
"
+ }
+ },
+ "com.amazonaws.ecs#TaskVolumeConfigurations": {
+ "type": "list",
+ "member": {
+ "target": "com.amazonaws.ecs#TaskVolumeConfiguration"
+ }
+ },
"com.amazonaws.ecs#Tasks": {
"type": "list",
"member": {
@@ -12414,10 +12736,13 @@
},
{
"target": "com.amazonaws.ecs#ServiceNotFoundException"
+ },
+ {
+ "target": "com.amazonaws.ecs#UnsupportedFeatureException"
}
],
"traits": {
- "smithy.api#documentation": "Modifies the parameters of a service.
\n For services using the rolling update (ECS) you can update the desired\n\t\t\tcount, deployment configuration, network configuration, load balancers, service\n\t\t\tregistries, enable ECS managed tags option, propagate tags option, task placement\n\t\t\tconstraints and strategies, and task definition. When you update any of these\n\t\t\tparameters, Amazon ECS starts new tasks with the new configuration.
\n For services using the blue/green (CODE_DEPLOY) deployment controller,\n\t\t\tonly the desired count, deployment configuration, health check grace period, task\n\t\t\tplacement constraints and strategies, enable ECS managed tags option, and propagate tags\n\t\t\tcan be updated using this API. If the network configuration, platform version, task\n\t\t\tdefinition, or load balancer need to be updated, create a new CodeDeploy deployment. For more\n\t\t\tinformation, see CreateDeployment in the CodeDeploy API Reference.
\n For services using an external deployment controller, you can update only the desired\n\t\t\tcount, task placement constraints and strategies, health check grace period, enable ECS\n\t\t\tmanaged tags option, and propagate tags option, using this API. If the launch type, load\n\t\t\tbalancer, network configuration, platform version, or task definition need to be\n\t\t\tupdated, create a new task set For more information, see CreateTaskSet.
\n You can add to or subtract from the number of instantiations of a task definition in a\n\t\t\tservice by specifying the cluster that the service is running in and a new\n\t\t\t\tdesiredCount parameter.
\n If you have updated the Docker image of your application, you can create a new task\n\t\t\tdefinition with that image and deploy it to your service. The service scheduler uses the\n\t\t\tminimum healthy percent and maximum percent parameters (in the service's deployment\n\t\t\tconfiguration) to determine the deployment strategy.
\n \n If your updated Docker image uses the same tag as what is in the existing task\n\t\t\t\tdefinition for your service (for example, my_image:latest), you don't\n\t\t\t\tneed to create a new revision of your task definition. You can update the service\n\t\t\t\tusing the forceNewDeployment option. The new tasks launched by the\n\t\t\t\tdeployment pull the current image/tag combination from your repository when they\n\t\t\t\tstart.
\n \n You can also update the deployment configuration of a service. When a deployment is\n\t\t\ttriggered by updating the task definition of a service, the service scheduler uses the\n\t\t\tdeployment configuration parameters, minimumHealthyPercent and\n\t\t\t\tmaximumPercent, to determine the deployment strategy.
\n \n - \n
If minimumHealthyPercent is below 100%, the scheduler can ignore\n\t\t\t\t\t\tdesiredCount temporarily during a deployment. For example, if\n\t\t\t\t\t\tdesiredCount is four tasks, a minimum of 50% allows the\n\t\t\t\t\tscheduler to stop two existing tasks before starting two new tasks. Tasks for\n\t\t\t\t\tservices that don't use a load balancer are considered healthy if they're in the\n\t\t\t\t\t\tRUNNING state. Tasks for services that use a load balancer are\n\t\t\t\t\tconsidered healthy if they're in the RUNNING state and are reported\n\t\t\t\t\tas healthy by the load balancer.
\n \n - \n
The maximumPercent parameter represents an upper limit on the\n\t\t\t\t\tnumber of running tasks during a deployment. You can use it to define the\n\t\t\t\t\tdeployment batch size. For example, if desiredCount is four tasks,\n\t\t\t\t\ta maximum of 200% starts four new tasks before stopping the four older tasks\n\t\t\t\t\t(provided that the cluster resources required to do this are available).
\n \n
\n When UpdateService stops a task during a deployment, the equivalent\n\t\t\tof docker stop is issued to the containers running in the task. This\n\t\t\tresults in a SIGTERM and a 30-second timeout. After this,\n\t\t\t\tSIGKILL is sent and the containers are forcibly stopped. If the\n\t\t\tcontainer handles the SIGTERM gracefully and exits within 30 seconds from\n\t\t\treceiving it, no SIGKILL is sent.
\n When the service scheduler launches new tasks, it determines task placement in your\n\t\t\tcluster with the following logic.
\n \n - \n
Determine which of the container instances in your cluster can support your\n\t\t\t\t\tservice's task definition. For example, they have the required CPU, memory,\n\t\t\t\t\tports, and container instance attributes.
\n \n - \n
By default, the service scheduler attempts to balance tasks across\n\t\t\t\t\tAvailability Zones in this manner even though you can choose a different\n\t\t\t\t\tplacement strategy.
\n \n - \n
Sort the valid container instances by the fewest number of running\n\t\t\t\t\t\t\ttasks for this service in the same Availability Zone as the instance.\n\t\t\t\t\t\t\tFor example, if zone A has one running service task and zones B and C\n\t\t\t\t\t\t\teach have zero, valid container instances in either zone B or C are\n\t\t\t\t\t\t\tconsidered optimal for placement.
\n \n - \n
Place the new service task on a valid container instance in an optimal\n\t\t\t\t\t\t\tAvailability Zone (based on the previous steps), favoring container\n\t\t\t\t\t\t\tinstances with the fewest number of running tasks for this\n\t\t\t\t\t\t\tservice.
\n \n
\n \n
\n When the service scheduler stops running tasks, it attempts to maintain balance across\n\t\t\tthe Availability Zones in your cluster using the following logic:
\n \n - \n
Sort the container instances by the largest number of running tasks for this\n\t\t\t\t\tservice in the same Availability Zone as the instance. For example, if zone A\n\t\t\t\t\thas one running service task and zones B and C each have two, container\n\t\t\t\t\tinstances in either zone B or C are considered optimal for termination.
\n \n - \n
Stop the task on a container instance in an optimal Availability Zone (based\n\t\t\t\t\ton the previous steps), favoring container instances with the largest number of\n\t\t\t\t\trunning tasks for this service.
\n \n
\n \n You must have a service-linked role when you update any of the following service\n\t\t\t\tproperties:
\n \n - \n
\n loadBalancers,
\n \n - \n
\n serviceRegistries\n
\n \n
\n For more information about the role see the CreateService request parameter\n\t\t\t\t\n role\n .
\n ",
+ "smithy.api#documentation": "Modifies the parameters of a service.
\n For services using the rolling update (ECS) you can update the desired\n\t\t\tcount, deployment configuration, network configuration, load balancers, service\n\t\t\tregistries, enable ECS managed tags option, propagate tags option, task placement\n\t\t\tconstraints and strategies, and task definition. When you update any of these\n\t\t\tparameters, Amazon ECS starts new tasks with the new configuration.
\n You can attach Amazon EBS volumes to Amazon ECS tasks by configuring the volume when starting or\n\t\t\trunning a task, or when creating or updating a service. For more infomation, see Amazon EBS volumes in the Amazon Elastic Container Service Developer Guide. You can update\n\t\t\tyour volume configurations and trigger a new deployment.\n\t\t\t\tvolumeConfigurations is only supported for REPLICA service and not\n\t\t\tDAEMON service. If you leave volumeConfigurations\n null, it doesn't trigger a new deployment. For more infomation on volumes,\n\t\t\tsee Amazon EBS volumes in the Amazon Elastic Container Service Developer Guide.
\n For services using the blue/green (CODE_DEPLOY) deployment controller,\n\t\t\tonly the desired count, deployment configuration, health check grace period, task\n\t\t\tplacement constraints and strategies, enable ECS managed tags option, and propagate tags\n\t\t\tcan be updated using this API. If the network configuration, platform version, task\n\t\t\tdefinition, or load balancer need to be updated, create a new CodeDeploy deployment. For more\n\t\t\tinformation, see CreateDeployment in the CodeDeploy API Reference.
\n For services using an external deployment controller, you can update only the desired\n\t\t\tcount, task placement constraints and strategies, health check grace period, enable ECS\n\t\t\tmanaged tags option, and propagate tags option, using this API. If the launch type, load\n\t\t\tbalancer, network configuration, platform version, or task definition need to be\n\t\t\tupdated, create a new task set For more information, see CreateTaskSet.
\n You can add to or subtract from the number of instantiations of a task definition in a\n\t\t\tservice by specifying the cluster that the service is running in and a new\n\t\t\t\tdesiredCount parameter.
\n You can attach Amazon EBS volumes to Amazon ECS tasks by configuring the volume when starting or\n\t\t\trunning a task, or when creating or updating a service. For more infomation, see Amazon EBS volumes in the Amazon Elastic Container Service Developer Guide.
\n If you have updated the container image of your application, you can create a new task\n\t\t\tdefinition with that image and deploy it to your service. The service scheduler uses the\n\t\t\tminimum healthy percent and maximum percent parameters (in the service's deployment\n\t\t\tconfiguration) to determine the deployment strategy.
\n \n If your updated Docker image uses the same tag as what is in the existing task\n\t\t\t\tdefinition for your service (for example, my_image:latest), you don't\n\t\t\t\tneed to create a new revision of your task definition. You can update the service\n\t\t\t\tusing the forceNewDeployment option. The new tasks launched by the\n\t\t\t\tdeployment pull the current image/tag combination from your repository when they\n\t\t\t\tstart.
\n \n You can also update the deployment configuration of a service. When a deployment is\n\t\t\ttriggered by updating the task definition of a service, the service scheduler uses the\n\t\t\tdeployment configuration parameters, minimumHealthyPercent and\n\t\t\t\tmaximumPercent, to determine the deployment strategy.
\n \n - \n
If minimumHealthyPercent is below 100%, the scheduler can ignore\n\t\t\t\t\t\tdesiredCount temporarily during a deployment. For example, if\n\t\t\t\t\t\tdesiredCount is four tasks, a minimum of 50% allows the\n\t\t\t\t\tscheduler to stop two existing tasks before starting two new tasks. Tasks for\n\t\t\t\t\tservices that don't use a load balancer are considered healthy if they're in the\n\t\t\t\t\t\tRUNNING state. Tasks for services that use a load balancer are\n\t\t\t\t\tconsidered healthy if they're in the RUNNING state and are reported\n\t\t\t\t\tas healthy by the load balancer.
\n \n - \n
The maximumPercent parameter represents an upper limit on the\n\t\t\t\t\tnumber of running tasks during a deployment. You can use it to define the\n\t\t\t\t\tdeployment batch size. For example, if desiredCount is four tasks,\n\t\t\t\t\ta maximum of 200% starts four new tasks before stopping the four older tasks\n\t\t\t\t\t(provided that the cluster resources required to do this are available).
\n \n
\n When UpdateService stops a task during a deployment, the equivalent\n\t\t\tof docker stop is issued to the containers running in the task. This\n\t\t\tresults in a SIGTERM and a 30-second timeout. After this,\n\t\t\t\tSIGKILL is sent and the containers are forcibly stopped. If the\n\t\t\tcontainer handles the SIGTERM gracefully and exits within 30 seconds from\n\t\t\treceiving it, no SIGKILL is sent.
\n When the service scheduler launches new tasks, it determines task placement in your\n\t\t\tcluster with the following logic.
\n \n - \n
Determine which of the container instances in your cluster can support your\n\t\t\t\t\tservice's task definition. For example, they have the required CPU, memory,\n\t\t\t\t\tports, and container instance attributes.
\n \n - \n
By default, the service scheduler attempts to balance tasks across\n\t\t\t\t\tAvailability Zones in this manner even though you can choose a different\n\t\t\t\t\tplacement strategy.
\n \n - \n
Sort the valid container instances by the fewest number of running\n\t\t\t\t\t\t\ttasks for this service in the same Availability Zone as the instance.\n\t\t\t\t\t\t\tFor example, if zone A has one running service task and zones B and C\n\t\t\t\t\t\t\teach have zero, valid container instances in either zone B or C are\n\t\t\t\t\t\t\tconsidered optimal for placement.
\n \n - \n
Place the new service task on a valid container instance in an optimal\n\t\t\t\t\t\t\tAvailability Zone (based on the previous steps), favoring container\n\t\t\t\t\t\t\tinstances with the fewest number of running tasks for this\n\t\t\t\t\t\t\tservice.
\n \n
\n \n
\n When the service scheduler stops running tasks, it attempts to maintain balance across\n\t\t\tthe Availability Zones in your cluster using the following logic:
\n \n - \n
Sort the container instances by the largest number of running tasks for this\n\t\t\t\t\tservice in the same Availability Zone as the instance. For example, if zone A\n\t\t\t\t\thas one running service task and zones B and C each have two, container\n\t\t\t\t\tinstances in either zone B or C are considered optimal for termination.
\n \n - \n
Stop the task on a container instance in an optimal Availability Zone (based\n\t\t\t\t\ton the previous steps), favoring container instances with the largest number of\n\t\t\t\t\trunning tasks for this service.
\n \n
\n \n You must have a service-linked role when you update any of the following service\n\t\t\t\tproperties:
\n \n - \n
\n loadBalancers,
\n \n - \n
\n serviceRegistries\n
\n \n
\n For more information about the role see the CreateService request\n\t\t\t\tparameter \n role\n .
\n ",
"smithy.api#examples": [
{
"title": "To change the task definition used in a service",
@@ -12636,6 +12961,12 @@
"traits": {
"smithy.api#documentation": "The configuration for this service to discover and connect to\n\tservices, and be discovered by, and connected from, other services within a namespace.
\n Tasks that run in a namespace can use short names to connect\n\tto services in the namespace. Tasks can connect to services across all of the clusters in the namespace.\n\tTasks connect through a managed proxy container\n\tthat collects logs and metrics for increased visibility.\n\tOnly the tasks that Amazon ECS services create are supported with Service Connect.\n\tFor more information, see Service Connect in the Amazon Elastic Container Service Developer Guide.
"
}
+ },
+ "volumeConfigurations": {
+ "target": "com.amazonaws.ecs#ServiceVolumeConfigurations",
+ "traits": {
+ "smithy.api#documentation": "The details of the volume that was configuredAtLaunch. You can configure\n\t\t\tthe size, volumeType, IOPS, throughput, snapshot and encryption in ServiceManagedEBSVolumeConfiguration. The name of the volume\n\t\t\tmust match the name from the task definition. If set to null, no new\n\t\t\tdeployment is triggered. Otherwise, if this configuration differs from the existing one,\n\t\t\tit triggers a new deployment.
"
+ }
}
},
"traits": {
@@ -12798,7 +13129,7 @@
"protectedTasks": {
"target": "com.amazonaws.ecs#ProtectedTasks",
"traits": {
- "smithy.api#documentation": "A list of tasks with the following information.
\n \n - \n
\n taskArn: The task ARN.
\n \n - \n
\n protectionEnabled: The protection status of the task. If scale-in\n\t\t\t\t\tprotection is turned on for a task, the value is true. Otherwise, it\n\t\t\t\t\tis false.
\n \n - \n
\n expirationDate: The epoch time when protection for the task will\n\t\t\t\t\texpire.
\n \n
"
+ "smithy.api#documentation": "A list of tasks with the following information.
\n \n - \n
\n taskArn: The task ARN.
\n \n - \n
\n protectionEnabled: The protection status of the task. If scale-in\n\t\t\t\t\tprotection is turned on for a task, the value is true. Otherwise,\n\t\t\t\t\tit is false.
\n \n - \n
\n expirationDate: The epoch time when protection for the task will\n\t\t\t\t\texpire.
\n \n
"
}
},
"failures": {
@@ -12935,7 +13266,7 @@
"name": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. This name is referenced in the\n\t\t\t\tsourceVolume parameter of container definition\n\t\t\tmountPoints.
\n This is required wwhen you use an Amazon EFS volume.
"
+ "smithy.api#documentation": "The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.
\n When using a volume configured at launch, the name is required and must\n\t\t\talso be specified as the volume name in the ServiceVolumeConfiguration or\n\t\t\t\tTaskVolumeConfiguration parameter when creating your service or\n\t\t\tstandalone task.
\n For all other types of volumes, this name is referenced in the\n\t\t\t\tsourceVolume parameter of the mountPoints object in the\n\t\t\tcontainer definition.
\n When a volume is using the efsVolumeConfiguration, the name is\n\t\t\trequired.
"
}
},
"host": {
@@ -12961,10 +13292,16 @@
"traits": {
"smithy.api#documentation": "This parameter is specified when you use Amazon FSx for Windows File Server file system for task\n\t\t\tstorage.
"
}
+ },
+ "configuredAtLaunch": {
+ "target": "com.amazonaws.ecs#BoxedBoolean",
+ "traits": {
+ "smithy.api#documentation": "Indicates whether the volume should be configured at launch time. This is used to\n\t\t\tcreate Amazon EBS volumes for standalone tasks or tasks created as part of a service. Each\n\t\t\ttask definition revision may only have one volume configured at launch in the volume\n\t\t\tconfiguration.
\n To configure a volume at launch time, use this task definition revision and specify a\n\t\t\t\tvolumeConfigurations object when calling the\n\t\t\tCreateService, UpdateService, RunTask or\n\t\t\t\tStartTask APIs.
"
+ }
}
},
"traits": {
- "smithy.api#documentation": "A data volume that's used in a task definition. For tasks that use the Amazon Elastic File System\n\t\t\t(Amazon EFS), specify an efsVolumeConfiguration. For Windows tasks that use\n\t\t\tAmazon FSx for Windows File Server file system, specify a\n\t\t\tfsxWindowsFileServerVolumeConfiguration. For tasks that use a Docker\n\t\t\tvolume, specify a DockerVolumeConfiguration. For tasks that use a bind\n\t\t\tmount host volume, specify a host and optional sourcePath. For\n\t\t\tmore information, see Using Data Volumes in\n\t\t\t\tTasks.
"
+ "smithy.api#documentation": "The data volume configuration for tasks launched using this task definition.\n\t\t\tSpecifying a volume configuration in a task definition is optional. The volume\n\t\t\tconfiguration may contain multiple volumes but only one volume configured at launch is\n\t\t\tsupported. Each volume defined in the volume configuration may only specify a\n\t\t\t\tname and one of either configuredAtLaunch,\n\t\t\t\tdockerVolumeConfiguration, efsVolumeConfiguration,\n\t\t\t\tfsxWindowsFileServerVolumeConfiguration, or host. If an\n\t\t\tempty volume configuration is specified, by default Amazon ECS uses a host volume. For more\n\t\t\tinformation, see Using data volumes in\n\t\t\t\ttasks.
"
}
},
"com.amazonaws.ecs#VolumeFrom": {
diff --git a/codegen/sdk-codegen/aws-models/eventbridge.json b/codegen/sdk-codegen/aws-models/eventbridge.json
index 15d4bd01632..a351bb84754 100644
--- a/codegen/sdk-codegen/aws-models/eventbridge.json
+++ b/codegen/sdk-codegen/aws-models/eventbridge.json
@@ -1829,6 +1829,20 @@
}
}
},
+ "com.amazonaws.eventbridge#AppSyncParameters": {
+ "type": "structure",
+ "members": {
+ "GraphQLOperation": {
+ "target": "com.amazonaws.eventbridge#GraphQLOperation",
+ "traits": {
+ "smithy.api#documentation": "The GraphQL operation; that is, the query, mutation, or subscription to be parsed and executed by the GraphQL service.
\n For more information, see Operations in the AppSync User Guide.
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "Contains the GraphQL operation to be parsed and executed, if the event target is an AppSync API.
"
+ }
+ },
"com.amazonaws.eventbridge#Archive": {
"type": "structure",
"members": {
@@ -5443,6 +5457,16 @@
"smithy.api#documentation": "The failover configuration for an endpoint. This includes what triggers failover and what happens when it's triggered.
"
}
},
+ "com.amazonaws.eventbridge#GraphQLOperation": {
+ "type": "string",
+ "traits": {
+ "smithy.api#length": {
+ "min": 1,
+ "max": 1048576
+ },
+ "smithy.api#sensitive": {}
+ }
+ },
"com.amazonaws.eventbridge#HeaderKey": {
"type": "string",
"traits": {
@@ -7393,7 +7417,7 @@
"State": {
"target": "com.amazonaws.eventbridge#RuleState",
"traits": {
- "smithy.api#documentation": "The state of the rule.
\n Valid values include:
\n \n - \n
\n DISABLED: The rule is disabled. EventBridge does not match any events against the rule.
\n \n - \n
\n ENABLED: The rule is enabled. \n EventBridge matches events against the rule, except for Amazon Web Services management events delivered through CloudTrail.
\n \n - \n
\n ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS: The rule is enabled for all\n events, including Amazon Web Services management events delivered through CloudTrail.
\n Management events provide visibility into management operations that are performed on\n resources in your Amazon Web Services account. These are also known as control plane\n operations. For more information, see Logging management events in the CloudTrail User\n Guide, and Filtering management events from Amazon Web Services services in the\n Amazon EventBridge User Guide.
\n This value is only valid for rules on the default event bus \n or custom event buses. \n It does not apply to partner event buses.
\n \n
"
+ "smithy.api#documentation": "Indicates whether the rule is enabled or disabled.
"
}
},
"Description": {
@@ -8154,7 +8178,7 @@
"State": {
"target": "com.amazonaws.eventbridge#RuleState",
"traits": {
- "smithy.api#documentation": "The state of the rule.
\n Valid values include:
\n \n - \n
\n DISABLED: The rule is disabled. EventBridge does not match any events against the rule.
\n \n - \n
\n ENABLED: The rule is enabled. \n EventBridge matches events against the rule, except for Amazon Web Services management events delivered through CloudTrail.
\n \n - \n
\n ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS: The rule is enabled for all\n events, including Amazon Web Services management events delivered through CloudTrail.
\n Management events provide visibility into management operations that are performed on\n resources in your Amazon Web Services account. These are also known as control plane\n operations. For more information, see Logging management events in the CloudTrail User\n Guide, and Filtering management events from Amazon Web Services services in the\n Amazon EventBridge User Guide.
\n This value is only valid for rules on the default event bus \n or custom event buses. \n It does not apply to partner event buses.
\n \n
"
+ "smithy.api#documentation": "The state of the rule.
"
}
},
"Description": {
@@ -8827,6 +8851,12 @@
"traits": {
"smithy.api#documentation": "The RetryPolicy object that contains the retry policy configuration to use\n for the dead-letter queue.
"
}
+ },
+ "AppSyncParameters": {
+ "target": "com.amazonaws.eventbridge#AppSyncParameters",
+ "traits": {
+ "smithy.api#documentation": "Contains the GraphQL operation to be parsed and executed, if the event target is an AppSync API.
"
+ }
}
},
"traits": {
diff --git a/codegen/sdk-codegen/aws-models/iot.json b/codegen/sdk-codegen/aws-models/iot.json
index 5be6ba4f5eb..bf0574a0b02 100644
--- a/codegen/sdk-codegen/aws-models/iot.json
+++ b/codegen/sdk-codegen/aws-models/iot.json
@@ -4643,6 +4643,9 @@
}
},
"com.amazonaws.iot#Boolean": {
+ "type": "boolean"
+ },
+ "com.amazonaws.iot#Boolean2": {
"type": "boolean",
"traits": {
"smithy.api#default": false
@@ -7445,7 +7448,7 @@
"destinationPackageVersions": {
"target": "com.amazonaws.iot#DestinationPackageVersions",
"traits": {
- "smithy.api#documentation": "The package version Amazon Resource Names (ARNs) that are installed on the device when the \n job successfully completes.
\n \n Note:The following Length Constraints relates to a single ARN. \n Up to 25 package version ARNs are allowed.
"
+ "smithy.api#documentation": "The package version Amazon Resource Names (ARNs) that are installed on the device when the \n job successfully completes. The package version must be in either the Published or Deprecated state when the job deploys. For more information, see Package version lifecycle.
\n \n Note:The following Length Constraints relates to a single ARN. \n Up to 25 package version ARNs are allowed.
"
}
}
},
@@ -7585,7 +7588,7 @@
"destinationPackageVersions": {
"target": "com.amazonaws.iot#DestinationPackageVersions",
"traits": {
- "smithy.api#documentation": "The package version Amazon Resource Names (ARNs) that are installed on the device when the \n job successfully completes.
\n \n Note:The following Length Constraints relates to a single ARN. \n Up to 25 package version ARNs are allowed.
"
+ "smithy.api#documentation": "The package version Amazon Resource Names (ARNs) that are installed on the device when the \n job successfully completes. The package version must be in either the Published or Deprecated state when the job deploys. For more information, see Package version lifecycle.
\n \n Note:The following Length Constraints relates to a single ARN. \n Up to 25 package version ARNs are allowed.
"
}
}
},
@@ -8549,9 +8552,8 @@
}
},
"enabled": {
- "target": "com.amazonaws.iot#Enabled",
+ "target": "com.amazonaws.iot#Enabled2",
"traits": {
- "smithy.api#default": false,
"smithy.api#documentation": "True to enable the provisioning template, otherwise false.
"
}
},
@@ -13743,7 +13745,7 @@
"destinationPackageVersions": {
"target": "com.amazonaws.iot#DestinationPackageVersions",
"traits": {
- "smithy.api#documentation": "The package version Amazon Resource Names (ARNs) that are installed on the device when the \n job successfully completes.
\n \n Note:The following Length Constraints relates to a single ARN. \n Up to 25 package version ARNs are allowed.
"
+ "smithy.api#documentation": "The package version Amazon Resource Names (ARNs) that are installed on the device when the \n job successfully completes. The package version must be in either the Published or Deprecated state when the job deploys. For more information, see Package version lifecycle.
\n \n Note:The following Length Constraints relates to a single ARN. \n Up to 25 package version ARNs are allowed.
"
}
}
},
@@ -14054,9 +14056,8 @@
}
},
"enabled": {
- "target": "com.amazonaws.iot#Enabled",
+ "target": "com.amazonaws.iot#Enabled2",
"traits": {
- "smithy.api#default": false,
"smithy.api#documentation": "True if the provisioning template is enabled, otherwise false.
"
}
},
@@ -16179,6 +16180,9 @@
"smithy.api#default": false
}
},
+ "com.amazonaws.iot#Enabled2": {
+ "type": "boolean"
+ },
"com.amazonaws.iot#EnabledBoolean": {
"type": "boolean"
},
@@ -19164,7 +19168,7 @@
"destinationPackageVersions": {
"target": "com.amazonaws.iot#DestinationPackageVersions",
"traits": {
- "smithy.api#documentation": "The package version Amazon Resource Names (ARNs) that are installed on the device when the \n job successfully completes.
\n \n Note:The following Length Constraints relates to a single ARN. \n Up to 25 package version ARNs are allowed.
"
+ "smithy.api#documentation": "The package version Amazon Resource Names (ARNs) that are installed on the device when the \n job successfully completes. The package version must be in either the Published or Deprecated state when the job deploys. For more information, see Package version lifecycle.The package version must be in either the Published or Deprecated state when the job deploys. For more information, see Package version lifecycle.
\n \n Note:The following Length Constraints relates to a single ARN. \n Up to 25 package version ARNs are allowed.
"
}
}
},
@@ -25782,18 +25786,6 @@
"traits": {
"smithy.api#enumValue": "PRINCIPAL_ID"
}
- },
- "EVENT_TYPE": {
- "target": "smithy.api#Unit",
- "traits": {
- "smithy.api#enumValue": "EVENT_TYPE"
- }
- },
- "DEVICE_DEFENDER": {
- "target": "smithy.api#Unit",
- "traits": {
- "smithy.api#enumValue": "DEVICE_DEFENDER"
- }
}
}
},
@@ -27629,9 +27621,8 @@
}
},
"enabled": {
- "target": "com.amazonaws.iot#Enabled",
+ "target": "com.amazonaws.iot#Enabled2",
"traits": {
- "smithy.api#default": false,
"smithy.api#documentation": "True if the fleet provision template is enabled, otherwise false.
"
}
},
@@ -31850,7 +31841,6 @@
"connected": {
"target": "com.amazonaws.iot#Boolean",
"traits": {
- "smithy.api#default": false,
"smithy.api#documentation": "True if the thing is connected to the Amazon Web Services IoT Core service; false if it is not\n connected.
"
}
},
@@ -32298,7 +32288,7 @@
"type": "structure",
"members": {
"deprecated": {
- "target": "com.amazonaws.iot#Boolean",
+ "target": "com.amazonaws.iot#Boolean2",
"traits": {
"smithy.api#default": false,
"smithy.api#documentation": "Whether the thing type is deprecated. If true, no new things could be\n\t\t\tassociated with this type.
"
@@ -34548,6 +34538,9 @@
"target": "com.amazonaws.iot#UpdatePackageResponse"
},
"errors": [
+ {
+ "target": "com.amazonaws.iot#ConflictException"
+ },
{
"target": "com.amazonaws.iot#InternalServerException"
},
@@ -34580,6 +34573,9 @@
"target": "com.amazonaws.iot#UpdatePackageConfigurationResponse"
},
"errors": [
+ {
+ "target": "com.amazonaws.iot#ConflictException"
+ },
{
"target": "com.amazonaws.iot#InternalServerException"
},
@@ -34687,6 +34683,9 @@
"target": "com.amazonaws.iot#UpdatePackageVersionResponse"
},
"errors": [
+ {
+ "target": "com.amazonaws.iot#ConflictException"
+ },
{
"target": "com.amazonaws.iot#InternalServerException"
},
@@ -34819,9 +34818,8 @@
}
},
"enabled": {
- "target": "com.amazonaws.iot#Enabled",
+ "target": "com.amazonaws.iot#Enabled2",
"traits": {
- "smithy.api#default": false,
"smithy.api#documentation": "True to enable the provisioning template, otherwise false.
"
}
},
diff --git a/codegen/sdk-codegen/aws-models/iotfleetwise.json b/codegen/sdk-codegen/aws-models/iotfleetwise.json
index db0d86ed7f7..d45c4923c0f 100644
--- a/codegen/sdk-codegen/aws-models/iotfleetwise.json
+++ b/codegen/sdk-codegen/aws-models/iotfleetwise.json
@@ -431,26 +431,32 @@
}
},
"com.amazonaws.iotfleetwise#CampaignStatus": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "CREATING",
- "name": "CREATING"
- },
- {
- "value": "WAITING_FOR_APPROVAL",
- "name": "WAITING_FOR_APPROVAL"
- },
- {
- "value": "RUNNING",
- "name": "RUNNING"
- },
- {
- "value": "SUSPENDED",
- "name": "SUSPENDED"
+ "type": "enum",
+ "members": {
+ "CREATING": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "CREATING"
+ }
+ },
+ "WAITING_FOR_APPROVAL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "WAITING_FOR_APPROVAL"
+ }
+ },
+ "RUNNING": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "RUNNING"
+ }
+ },
+ "SUSPENDED": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "SUSPENDED"
}
- ]
+ }
}
},
"com.amazonaws.iotfleetwise#CampaignSummary": {
@@ -704,18 +710,20 @@
}
},
"com.amazonaws.iotfleetwise#Compression": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "OFF",
- "name": "OFF"
- },
- {
- "value": "SNAPPY",
- "name": "SNAPPY"
+ "type": "enum",
+ "members": {
+ "OFF": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "OFF"
+ }
+ },
+ "SNAPPY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "SNAPPY"
}
- ]
+ }
}
},
"com.amazonaws.iotfleetwise#ConditionBasedCollectionScheme": {
@@ -724,7 +732,7 @@
"expression": {
"target": "com.amazonaws.iotfleetwise#eventExpression",
"traits": {
- "smithy.api#documentation": "The logical expression used to recognize what data to collect. For example,\n $variable.Vehicle.OutsideAirTemperature >= 105.0.
",
+ "smithy.api#documentation": "The logical expression used to recognize what data to collect. For example,\n $variable.`Vehicle.OutsideAirTemperature` >= 105.0.
",
"smithy.api#required": {}
}
},
@@ -1666,18 +1674,20 @@
}
},
"com.amazonaws.iotfleetwise#DataFormat": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "JSON",
- "name": "JSON"
- },
- {
- "value": "PARQUET",
- "name": "PARQUET"
+ "type": "enum",
+ "members": {
+ "JSON": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "JSON"
+ }
+ },
+ "PARQUET": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "PARQUET"
}
- ]
+ }
}
},
"com.amazonaws.iotfleetwise#DecoderManifestResource": {
@@ -2193,18 +2203,20 @@
}
},
"com.amazonaws.iotfleetwise#DiagnosticsMode": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "OFF",
- "name": "OFF"
- },
- {
- "value": "SEND_ACTIVE_DTCS",
- "name": "SEND_ACTIVE_DTCS"
+ "type": "enum",
+ "members": {
+ "OFF": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "OFF"
}
- ]
+ },
+ "SEND_ACTIVE_DTCS": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "SEND_ACTIVE_DTCS"
+ }
+ }
}
},
"com.amazonaws.iotfleetwise#DisassociateVehicleFleet": {
@@ -2266,37 +2278,43 @@
"members": {}
},
"com.amazonaws.iotfleetwise#EncryptionStatus": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "PENDING",
- "name": "PENDING"
- },
- {
- "value": "SUCCESS",
- "name": "SUCCESS"
- },
- {
- "value": "FAILURE",
- "name": "FAILURE"
+ "type": "enum",
+ "members": {
+ "PENDING": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "PENDING"
+ }
+ },
+ "SUCCESS": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "SUCCESS"
+ }
+ },
+ "FAILURE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "FAILURE"
}
- ]
+ }
}
},
"com.amazonaws.iotfleetwise#EncryptionType": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "KMS_BASED_ENCRYPTION",
- "name": "KMS_BASED_ENCRYPTION"
- },
- {
- "value": "FLEETWISE_DEFAULT_ENCRYPTION",
- "name": "FLEETWISE_DEFAULT_ENCRYPTION"
+ "type": "enum",
+ "members": {
+ "KMS_BASED_ENCRYPTION": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "KMS_BASED_ENCRYPTION"
+ }
+ },
+ "FLEETWISE_DEFAULT_ENCRYPTION": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "FLEETWISE_DEFAULT_ENCRYPTION"
}
- ]
+ }
}
},
"com.amazonaws.iotfleetwise#FleetAssociationResource": {
@@ -5249,6 +5267,13 @@
"smithy.api#documentation": " The maximum number of items to return, between 1 and 100, inclusive.
",
"smithy.api#httpQuery": "maxResults"
}
+ },
+ "signalNodeType": {
+ "target": "com.amazonaws.iotfleetwise#SignalNodeType",
+ "traits": {
+ "smithy.api#documentation": "The type of node in the signal catalog.
",
+ "smithy.api#httpQuery": "signalNodeType"
+ }
}
}
},
@@ -5569,41 +5594,49 @@
}
},
"com.amazonaws.iotfleetwise#LogType": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "OFF",
- "name": "OFF"
- },
- {
- "value": "ERROR",
- "name": "ERROR"
+ "type": "enum",
+ "members": {
+ "OFF": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "OFF"
+ }
+ },
+ "ERROR": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ERROR"
}
- ]
+ }
}
},
"com.amazonaws.iotfleetwise#ManifestStatus": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "ACTIVE",
- "name": "ACTIVE"
- },
- {
- "value": "DRAFT",
- "name": "DRAFT"
- },
- {
- "value": "INVALID",
- "name": "INVALID"
- },
- {
- "value": "VALIDATING",
- "name": "VALIDATING"
+ "type": "enum",
+ "members": {
+ "ACTIVE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ACTIVE"
+ }
+ },
+ "DRAFT": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "DRAFT"
}
- ]
+ },
+ "INVALID": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "INVALID"
+ }
+ },
+ "VALIDATING": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "VALIDATING"
+ }
+ }
}
},
"com.amazonaws.iotfleetwise#MessageSignal": {
@@ -5804,65 +5837,73 @@
}
},
"com.amazonaws.iotfleetwise#NetworkInterfaceFailureReason": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "DUPLICATE_NETWORK_INTERFACE",
- "name": "DUPLICATE_INTERFACE"
- },
- {
- "value": "CONFLICTING_NETWORK_INTERFACE",
- "name": "CONFLICTING_NETWORK_INTERFACE"
- },
- {
- "value": "NETWORK_INTERFACE_TO_ADD_ALREADY_EXISTS",
- "name": "NETWORK_INTERFACE_TO_ADD_ALREADY_EXISTS"
- },
- {
- "value": "CAN_NETWORK_INTERFACE_INFO_IS_NULL",
- "name": "CAN_NETWORK_INTERFACE_INFO_IS_NULL"
- },
- {
- "value": "OBD_NETWORK_INTERFACE_INFO_IS_NULL",
- "name": "OBD_NETWORK_INTERFACE_INFO_IS_NULL"
- },
- {
- "value": "NETWORK_INTERFACE_TO_REMOVE_ASSOCIATED_WITH_SIGNALS",
- "name": "NETWORK_INTERFACE_TO_REMOVE_ASSOCIATED_WITH_SIGNALS"
- },
- {
- "value": "VEHICLE_MIDDLEWARE_NETWORK_INTERFACE_INFO_IS_NULL",
- "name": "VEHICLE_MIDDLEWARE_NETWORK_INTERFACE_INFO_IS_NULL"
- },
- {
- "value": "CUSTOMER_DECODED_SIGNAL_NETWORK_INTERFACE_INFO_IS_NULL",
- "name": "CUSTOMER_DECODED_SIGNAL_NETWORK_INTERFACE_INFO_IS_NULL"
+ "type": "enum",
+ "members": {
+ "DUPLICATE_INTERFACE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "DUPLICATE_NETWORK_INTERFACE"
+ }
+ },
+ "CONFLICTING_NETWORK_INTERFACE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "CONFLICTING_NETWORK_INTERFACE"
+ }
+ },
+ "NETWORK_INTERFACE_TO_ADD_ALREADY_EXISTS": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "NETWORK_INTERFACE_TO_ADD_ALREADY_EXISTS"
}
- ]
+ },
+ "CAN_NETWORK_INTERFACE_INFO_IS_NULL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "CAN_NETWORK_INTERFACE_INFO_IS_NULL"
+ }
+ },
+ "OBD_NETWORK_INTERFACE_INFO_IS_NULL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "OBD_NETWORK_INTERFACE_INFO_IS_NULL"
+ }
+ },
+ "NETWORK_INTERFACE_TO_REMOVE_ASSOCIATED_WITH_SIGNALS": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "NETWORK_INTERFACE_TO_REMOVE_ASSOCIATED_WITH_SIGNALS"
+ }
+ },
+ "VEHICLE_MIDDLEWARE_NETWORK_INTERFACE_INFO_IS_NULL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "VEHICLE_MIDDLEWARE_NETWORK_INTERFACE_INFO_IS_NULL"
+ }
+ }
}
},
"com.amazonaws.iotfleetwise#NetworkInterfaceType": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "CAN_INTERFACE",
- "name": "CAN_INTERFACE"
- },
- {
- "value": "OBD_INTERFACE",
- "name": "OBD_INTERFACE"
- },
- {
- "value": "VEHICLE_MIDDLEWARE",
- "name": "VEHICLE_MIDDLEWARE"
- },
- {
- "value": "CUSTOMER_DECODED_INTERFACE",
- "name": "CUSTOMER_DECODED_INTERFACE"
+ "type": "enum",
+ "members": {
+ "CAN_INTERFACE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "CAN_INTERFACE"
+ }
+ },
+ "OBD_INTERFACE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "OBD_INTERFACE"
+ }
+ },
+ "VEHICLE_MIDDLEWARE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "VEHICLE_MIDDLEWARE"
}
- ]
+ }
}
},
"com.amazonaws.iotfleetwise#NetworkInterfaces": {
@@ -5976,237 +6017,295 @@
}
},
"com.amazonaws.iotfleetwise#NodeDataEncoding": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "BINARY",
- "name": "BINARY"
- },
- {
- "value": "TYPED",
- "name": "TYPED"
- }
- ]
- }
- },
- "com.amazonaws.iotfleetwise#NodeDataType": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "INT8",
- "name": "INT8"
- },
- {
- "value": "UINT8",
- "name": "UINT8"
- },
- {
- "value": "INT16",
- "name": "INT16"
- },
- {
- "value": "UINT16",
- "name": "UINT16"
- },
- {
- "value": "INT32",
- "name": "INT32"
- },
- {
- "value": "UINT32",
- "name": "UINT32"
- },
- {
- "value": "INT64",
- "name": "INT64"
- },
- {
- "value": "UINT64",
- "name": "UINT64"
- },
- {
- "value": "BOOLEAN",
- "name": "BOOLEAN"
- },
- {
- "value": "FLOAT",
- "name": "FLOAT"
- },
- {
- "value": "DOUBLE",
- "name": "DOUBLE"
- },
- {
- "value": "STRING",
- "name": "STRING"
- },
- {
- "value": "UNIX_TIMESTAMP",
- "name": "UNIX_TIMESTAMP"
- },
- {
- "value": "INT8_ARRAY",
- "name": "INT8_ARRAY"
- },
- {
- "value": "UINT8_ARRAY",
- "name": "UINT8_ARRAY"
- },
- {
- "value": "INT16_ARRAY",
- "name": "INT16_ARRAY"
- },
- {
- "value": "UINT16_ARRAY",
- "name": "UINT16_ARRAY"
- },
- {
- "value": "INT32_ARRAY",
- "name": "INT32_ARRAY"
- },
- {
- "value": "UINT32_ARRAY",
- "name": "UINT32_ARRAY"
- },
- {
- "value": "INT64_ARRAY",
- "name": "INT64_ARRAY"
- },
- {
- "value": "UINT64_ARRAY",
- "name": "UINT64_ARRAY"
- },
- {
- "value": "BOOLEAN_ARRAY",
- "name": "BOOLEAN_ARRAY"
- },
- {
- "value": "FLOAT_ARRAY",
- "name": "FLOAT_ARRAY"
- },
- {
- "value": "DOUBLE_ARRAY",
- "name": "DOUBLE_ARRAY"
- },
- {
- "value": "STRING_ARRAY",
- "name": "STRING_ARRAY"
- },
- {
- "value": "UNIX_TIMESTAMP_ARRAY",
- "name": "UNIX_TIMESTAMP_ARRAY"
- },
- {
- "value": "UNKNOWN",
- "name": "UNKNOWN"
- },
- {
- "value": "STRUCT",
- "name": "STRUCT"
- },
- {
- "value": "STRUCT_ARRAY",
- "name": "STRUCT_ARRAY"
+ "type": "enum",
+ "members": {
+ "BINARY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "BINARY"
}
- ]
- }
- },
- "com.amazonaws.iotfleetwise#NodePath": {
- "type": "string",
- "traits": {
- "smithy.api#length": {
- "min": 1,
- "max": 150
},
- "smithy.api#pattern": "^[a-zA-Z0-9_.]+$"
- }
- },
- "com.amazonaws.iotfleetwise#NodePaths": {
- "type": "list",
- "member": {
- "target": "com.amazonaws.iotfleetwise#NodePath"
- },
- "traits": {
- "smithy.api#length": {
- "min": 1,
- "max": 500
- }
- }
- },
- "com.amazonaws.iotfleetwise#Nodes": {
- "type": "list",
- "member": {
- "target": "com.amazonaws.iotfleetwise#Node"
- },
- "traits": {
- "smithy.api#length": {
- "min": 0,
- "max": 500
- }
- }
- },
- "com.amazonaws.iotfleetwise#ObdBitmaskLength": {
- "type": "integer",
- "traits": {
- "smithy.api#range": {
- "min": 1,
- "max": 8
- }
- }
- },
- "com.amazonaws.iotfleetwise#ObdByteLength": {
- "type": "integer",
- "traits": {
- "smithy.api#range": {
- "min": 1,
- "max": 8
+ "TYPED": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "TYPED"
+ }
}
}
},
- "com.amazonaws.iotfleetwise#ObdInterface": {
- "type": "structure",
+ "com.amazonaws.iotfleetwise#NodeDataType": {
+ "type": "enum",
"members": {
- "name": {
- "target": "com.amazonaws.iotfleetwise#ObdInterfaceName",
+ "INT8": {
+ "target": "smithy.api#Unit",
"traits": {
- "smithy.api#documentation": "The name of the interface.
",
- "smithy.api#required": {}
+ "smithy.api#enumValue": "INT8"
}
},
- "requestMessageId": {
- "target": "com.amazonaws.iotfleetwise#nonNegativeInteger",
+ "UINT8": {
+ "target": "smithy.api#Unit",
"traits": {
- "smithy.api#default": 0,
- "smithy.api#documentation": "The ID of the message requesting vehicle data.
",
- "smithy.api#required": {}
+ "smithy.api#enumValue": "UINT8"
}
},
- "obdStandard": {
- "target": "com.amazonaws.iotfleetwise#ObdStandard",
+ "INT16": {
+ "target": "smithy.api#Unit",
"traits": {
- "smithy.api#documentation": "The standard OBD II PID.
"
+ "smithy.api#enumValue": "INT16"
}
},
- "pidRequestIntervalSeconds": {
- "target": "com.amazonaws.iotfleetwise#nonNegativeInteger",
+ "UINT16": {
+ "target": "smithy.api#Unit",
"traits": {
- "smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number message requests per second.
"
+ "smithy.api#enumValue": "UINT16"
}
},
- "dtcRequestIntervalSeconds": {
- "target": "com.amazonaws.iotfleetwise#nonNegativeInteger",
+ "INT32": {
+ "target": "smithy.api#Unit",
"traits": {
- "smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number message requests per diagnostic trouble code per second.
"
+ "smithy.api#enumValue": "INT32"
}
},
- "useExtendedIds": {
- "target": "smithy.api#PrimitiveBoolean",
+ "UINT32": {
+ "target": "smithy.api#Unit",
"traits": {
- "smithy.api#default": false,
+ "smithy.api#enumValue": "UINT32"
+ }
+ },
+ "INT64": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "INT64"
+ }
+ },
+ "UINT64": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "UINT64"
+ }
+ },
+ "BOOLEAN": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "BOOLEAN"
+ }
+ },
+ "FLOAT": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "FLOAT"
+ }
+ },
+ "DOUBLE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "DOUBLE"
+ }
+ },
+ "STRING": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "STRING"
+ }
+ },
+ "UNIX_TIMESTAMP": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "UNIX_TIMESTAMP"
+ }
+ },
+ "INT8_ARRAY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "INT8_ARRAY"
+ }
+ },
+ "UINT8_ARRAY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "UINT8_ARRAY"
+ }
+ },
+ "INT16_ARRAY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "INT16_ARRAY"
+ }
+ },
+ "UINT16_ARRAY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "UINT16_ARRAY"
+ }
+ },
+ "INT32_ARRAY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "INT32_ARRAY"
+ }
+ },
+ "UINT32_ARRAY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "UINT32_ARRAY"
+ }
+ },
+ "INT64_ARRAY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "INT64_ARRAY"
+ }
+ },
+ "UINT64_ARRAY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "UINT64_ARRAY"
+ }
+ },
+ "BOOLEAN_ARRAY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "BOOLEAN_ARRAY"
+ }
+ },
+ "FLOAT_ARRAY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "FLOAT_ARRAY"
+ }
+ },
+ "DOUBLE_ARRAY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "DOUBLE_ARRAY"
+ }
+ },
+ "STRING_ARRAY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "STRING_ARRAY"
+ }
+ },
+ "UNIX_TIMESTAMP_ARRAY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "UNIX_TIMESTAMP_ARRAY"
+ }
+ },
+ "UNKNOWN": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "UNKNOWN"
+ }
+ },
+ "STRUCT": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "STRUCT"
+ }
+ },
+ "STRUCT_ARRAY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "STRUCT_ARRAY"
+ }
+ }
+ }
+ },
+ "com.amazonaws.iotfleetwise#NodePath": {
+ "type": "string",
+ "traits": {
+ "smithy.api#length": {
+ "min": 1,
+ "max": 150
+ },
+ "smithy.api#pattern": "^[a-zA-Z0-9_.]+$"
+ }
+ },
+ "com.amazonaws.iotfleetwise#NodePaths": {
+ "type": "list",
+ "member": {
+ "target": "com.amazonaws.iotfleetwise#NodePath"
+ },
+ "traits": {
+ "smithy.api#length": {
+ "min": 1,
+ "max": 500
+ }
+ }
+ },
+ "com.amazonaws.iotfleetwise#Nodes": {
+ "type": "list",
+ "member": {
+ "target": "com.amazonaws.iotfleetwise#Node"
+ },
+ "traits": {
+ "smithy.api#length": {
+ "min": 0,
+ "max": 500
+ }
+ }
+ },
+ "com.amazonaws.iotfleetwise#ObdBitmaskLength": {
+ "type": "integer",
+ "traits": {
+ "smithy.api#range": {
+ "min": 1,
+ "max": 8
+ }
+ }
+ },
+ "com.amazonaws.iotfleetwise#ObdByteLength": {
+ "type": "integer",
+ "traits": {
+ "smithy.api#range": {
+ "min": 1,
+ "max": 8
+ }
+ }
+ },
+ "com.amazonaws.iotfleetwise#ObdInterface": {
+ "type": "structure",
+ "members": {
+ "name": {
+ "target": "com.amazonaws.iotfleetwise#ObdInterfaceName",
+ "traits": {
+ "smithy.api#documentation": "The name of the interface.
",
+ "smithy.api#required": {}
+ }
+ },
+ "requestMessageId": {
+ "target": "com.amazonaws.iotfleetwise#nonNegativeInteger",
+ "traits": {
+ "smithy.api#default": 0,
+ "smithy.api#documentation": "The ID of the message requesting vehicle data.
",
+ "smithy.api#required": {}
+ }
+ },
+ "obdStandard": {
+ "target": "com.amazonaws.iotfleetwise#ObdStandard",
+ "traits": {
+ "smithy.api#documentation": "The standard OBD II PID.
"
+ }
+ },
+ "pidRequestIntervalSeconds": {
+ "target": "com.amazonaws.iotfleetwise#nonNegativeInteger",
+ "traits": {
+ "smithy.api#default": 0,
+ "smithy.api#documentation": "The maximum number message requests per second.
"
+ }
+ },
+ "dtcRequestIntervalSeconds": {
+ "target": "com.amazonaws.iotfleetwise#nonNegativeInteger",
+ "traits": {
+ "smithy.api#default": 0,
+ "smithy.api#documentation": "The maximum number message requests per diagnostic trouble code per second.
"
+ }
+ },
+ "useExtendedIds": {
+ "target": "smithy.api#PrimitiveBoolean",
+ "traits": {
+ "smithy.api#default": false,
"smithy.api#documentation": "Whether to use extended IDs in the message.
"
}
},
@@ -6534,70 +6633,98 @@
}
},
"com.amazonaws.iotfleetwise#ROS2PrimitiveType": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "BOOL",
- "name": "BOOL"
- },
- {
- "value": "BYTE",
- "name": "BYTE"
- },
- {
- "value": "CHAR",
- "name": "CHAR"
- },
- {
- "value": "FLOAT32",
- "name": "FLOAT32"
- },
- {
- "value": "FLOAT64",
- "name": "FLOAT64"
- },
- {
- "value": "INT8",
- "name": "INT8"
- },
- {
- "value": "UINT8",
- "name": "UINT8"
- },
- {
- "value": "INT16",
- "name": "INT16"
- },
- {
- "value": "UINT16",
- "name": "UINT16"
- },
- {
- "value": "INT32",
- "name": "INT32"
- },
- {
- "value": "UINT32",
- "name": "UINT32"
- },
- {
- "value": "INT64",
- "name": "INT64"
- },
- {
- "value": "UINT64",
- "name": "UINT64"
- },
- {
- "value": "STRING",
- "name": "STRING"
- },
- {
- "value": "WSTRING",
- "name": "WSTRING"
+ "type": "enum",
+ "members": {
+ "BOOL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "BOOL"
+ }
+ },
+ "BYTE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "BYTE"
+ }
+ },
+ "CHAR": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "CHAR"
+ }
+ },
+ "FLOAT32": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "FLOAT32"
+ }
+ },
+ "FLOAT64": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "FLOAT64"
+ }
+ },
+ "INT8": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "INT8"
+ }
+ },
+ "UINT8": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "UINT8"
}
- ]
+ },
+ "INT16": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "INT16"
+ }
+ },
+ "UINT16": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "UINT16"
+ }
+ },
+ "INT32": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "INT32"
+ }
+ },
+ "UINT32": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "UINT32"
+ }
+ },
+ "INT64": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "INT64"
+ }
+ },
+ "UINT64": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "UINT64"
+ }
+ },
+ "STRING": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "STRING"
+ }
+ },
+ "WSTRING": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "WSTRING"
+ }
+ }
}
},
"com.amazonaws.iotfleetwise#RegisterAccount": {
@@ -6696,22 +6823,26 @@
}
},
"com.amazonaws.iotfleetwise#RegistrationStatus": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "REGISTRATION_PENDING",
- "name": "REGISTRATION_PENDING"
- },
- {
- "value": "REGISTRATION_SUCCESS",
- "name": "REGISTRATION_SUCCESS"
- },
- {
- "value": "REGISTRATION_FAILURE",
- "name": "REGISTRATION_FAILURE"
+ "type": "enum",
+ "members": {
+ "REGISTRATION_PENDING": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "REGISTRATION_PENDING"
+ }
+ },
+ "REGISTRATION_SUCCESS": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "REGISTRATION_SUCCESS"
}
- ]
+ },
+ "REGISTRATION_FAILURE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "REGISTRATION_FAILURE"
+ }
+ }
}
},
"com.amazonaws.iotfleetwise#ResourceNotFoundException": {
@@ -6983,97 +7114,121 @@
}
},
"com.amazonaws.iotfleetwise#SignalDecoderFailureReason": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "DUPLICATE_SIGNAL",
- "name": "DUPLICATE_SIGNAL"
- },
- {
- "value": "CONFLICTING_SIGNAL",
- "name": "CONFLICTING_SIGNAL"
- },
- {
- "value": "SIGNAL_TO_ADD_ALREADY_EXISTS",
- "name": "SIGNAL_TO_ADD_ALREADY_EXISTS"
- },
- {
- "value": "SIGNAL_NOT_ASSOCIATED_WITH_NETWORK_INTERFACE",
- "name": "SIGNAL_NOT_ASSOCIATED_WITH_NETWORK_INTERFACE"
- },
- {
- "value": "NETWORK_INTERFACE_TYPE_INCOMPATIBLE_WITH_SIGNAL_DECODER_TYPE",
- "name": "NETWORK_INTERFACE_TYPE_INCOMPATIBLE_WITH_SIGNAL_DECODER_TYPE"
- },
- {
- "value": "SIGNAL_NOT_IN_MODEL",
- "name": "SIGNAL_NOT_IN_MODEL"
- },
- {
- "value": "CAN_SIGNAL_INFO_IS_NULL",
- "name": "CAN_SIGNAL_INFO_IS_NULL"
- },
- {
- "value": "OBD_SIGNAL_INFO_IS_NULL",
- "name": "OBD_SIGNAL_INFO_IS_NULL"
- },
- {
- "value": "NO_DECODER_INFO_FOR_SIGNAL_IN_MODEL",
- "name": "NO_DECODER_INFO_FOR_SIGNAL_IN_MODEL"
- },
- {
- "value": "MESSAGE_SIGNAL_INFO_IS_NULL",
- "name": "MESSAGE_SIGNAL_INFO_IS_NULL"
- },
- {
- "value": "SIGNAL_DECODER_TYPE_INCOMPATIBLE_WITH_MESSAGE_SIGNAL_TYPE",
- "name": "SIGNAL_DECODER_TYPE_INCOMPATIBLE_WITH_MESSAGE_SIGNAL_TYPE"
- },
- {
- "value": "STRUCT_SIZE_MISMATCH",
- "name": "STRUCT_SIZE_MISMATCH"
- },
- {
- "value": "NO_SIGNAL_IN_CATALOG_FOR_DECODER_SIGNAL",
- "name": "NO_SIGNAL_IN_CATALOG_FOR_DECODER_SIGNAL"
- },
- {
- "value": "SIGNAL_DECODER_INCOMPATIBLE_WITH_SIGNAL_CATALOG",
- "name": "SIGNAL_DECODER_INCOMPATIBLE_WITH_SIGNAL_CATALOG"
- },
- {
- "value": "EMPTY_MESSAGE_SIGNAL",
- "name": "EMPTY_MESSAGE_SIGNAL"
- },
- {
- "value": "CUSTOMER_DECODED_SIGNAL_INFO_IS_NULL",
- "name": "CUSTOMER_DECODED_SIGNAL_INFO_IS_NULL"
+ "type": "enum",
+ "members": {
+ "DUPLICATE_SIGNAL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "DUPLICATE_SIGNAL"
+ }
+ },
+ "CONFLICTING_SIGNAL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "CONFLICTING_SIGNAL"
+ }
+ },
+ "SIGNAL_TO_ADD_ALREADY_EXISTS": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "SIGNAL_TO_ADD_ALREADY_EXISTS"
+ }
+ },
+ "SIGNAL_NOT_ASSOCIATED_WITH_NETWORK_INTERFACE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "SIGNAL_NOT_ASSOCIATED_WITH_NETWORK_INTERFACE"
+ }
+ },
+ "NETWORK_INTERFACE_TYPE_INCOMPATIBLE_WITH_SIGNAL_DECODER_TYPE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "NETWORK_INTERFACE_TYPE_INCOMPATIBLE_WITH_SIGNAL_DECODER_TYPE"
+ }
+ },
+ "SIGNAL_NOT_IN_MODEL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "SIGNAL_NOT_IN_MODEL"
+ }
+ },
+ "CAN_SIGNAL_INFO_IS_NULL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "CAN_SIGNAL_INFO_IS_NULL"
+ }
+ },
+ "OBD_SIGNAL_INFO_IS_NULL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "OBD_SIGNAL_INFO_IS_NULL"
+ }
+ },
+ "NO_DECODER_INFO_FOR_SIGNAL_IN_MODEL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "NO_DECODER_INFO_FOR_SIGNAL_IN_MODEL"
+ }
+ },
+ "MESSAGE_SIGNAL_INFO_IS_NULL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "MESSAGE_SIGNAL_INFO_IS_NULL"
+ }
+ },
+ "SIGNAL_DECODER_TYPE_INCOMPATIBLE_WITH_MESSAGE_SIGNAL_TYPE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "SIGNAL_DECODER_TYPE_INCOMPATIBLE_WITH_MESSAGE_SIGNAL_TYPE"
+ }
+ },
+ "STRUCT_SIZE_MISMATCH": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "STRUCT_SIZE_MISMATCH"
}
- ]
+ },
+ "NO_SIGNAL_IN_CATALOG_FOR_DECODER_SIGNAL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "NO_SIGNAL_IN_CATALOG_FOR_DECODER_SIGNAL"
+ }
+ },
+ "SIGNAL_DECODER_INCOMPATIBLE_WITH_SIGNAL_CATALOG": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "SIGNAL_DECODER_INCOMPATIBLE_WITH_SIGNAL_CATALOG"
+ }
+ },
+ "EMPTY_MESSAGE_SIGNAL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "EMPTY_MESSAGE_SIGNAL"
+ }
+ }
}
},
"com.amazonaws.iotfleetwise#SignalDecoderType": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "CAN_SIGNAL",
- "name": "CAN_SIGNAL"
- },
- {
- "value": "OBD_SIGNAL",
- "name": "OBD_SIGNAL"
- },
- {
- "value": "MESSAGE_SIGNAL",
- "name": "MESSAGE_SIGNAL"
- },
- {
- "value": "CUSTOMER_DECODED_SIGNAL",
- "name": "CUSTOMER_DECODED_SIGNAL"
+ "type": "enum",
+ "members": {
+ "CAN_SIGNAL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "CAN_SIGNAL"
+ }
+ },
+ "OBD_SIGNAL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "OBD_SIGNAL"
}
- ]
+ },
+ "MESSAGE_SIGNAL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "MESSAGE_SIGNAL"
+ }
+ }
}
},
"com.amazonaws.iotfleetwise#SignalDecoders": {
@@ -7127,34 +7282,79 @@
}
}
},
+ "com.amazonaws.iotfleetwise#SignalNodeType": {
+ "type": "enum",
+ "members": {
+ "SENSOR": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "SENSOR"
+ }
+ },
+ "ACTUATOR": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ACTUATOR"
+ }
+ },
+ "ATTRIBUTE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ATTRIBUTE"
+ }
+ },
+ "BRANCH": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "BRANCH"
+ }
+ },
+ "CUSTOM_STRUCT": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "CUSTOM_STRUCT"
+ }
+ },
+ "CUSTOM_PROPERTY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "CUSTOM_PROPERTY"
+ }
+ }
+ }
+ },
"com.amazonaws.iotfleetwise#SpoolingMode": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "OFF",
- "name": "OFF"
- },
- {
- "value": "TO_DISK",
- "name": "TO_DISK"
+ "type": "enum",
+ "members": {
+ "OFF": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "OFF"
}
- ]
+ },
+ "TO_DISK": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "TO_DISK"
+ }
+ }
}
},
"com.amazonaws.iotfleetwise#StorageCompressionFormat": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "NONE",
- "name": "NONE"
- },
- {
- "value": "GZIP",
- "name": "GZIP"
+ "type": "enum",
+ "members": {
+ "NONE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "NONE"
+ }
+ },
+ "GZIP": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "GZIP"
}
- ]
+ }
}
},
"com.amazonaws.iotfleetwise#StructureMessageName": {
@@ -7263,22 +7463,26 @@
}
},
"com.amazonaws.iotfleetwise#StructuredMessageListType": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "FIXED_CAPACITY",
- "name": "FIXED_CAPACITY"
- },
- {
- "value": "DYNAMIC_UNBOUNDED_CAPACITY",
- "name": "DYNAMIC_UNBOUNDED_CAPACITY"
- },
- {
- "value": "DYNAMIC_BOUNDED_CAPACITY",
- "name": "DYNAMIC_BOUNDED_CAPACITY"
+ "type": "enum",
+ "members": {
+ "FIXED_CAPACITY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "FIXED_CAPACITY"
}
- ]
+ },
+ "DYNAMIC_UNBOUNDED_CAPACITY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "DYNAMIC_UNBOUNDED_CAPACITY"
+ }
+ },
+ "DYNAMIC_BOUNDED_CAPACITY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "DYNAMIC_BOUNDED_CAPACITY"
+ }
+ }
}
},
"com.amazonaws.iotfleetwise#Tag": {
@@ -7590,18 +7794,20 @@
}
},
"com.amazonaws.iotfleetwise#TriggerMode": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "ALWAYS",
- "name": "ALWAYS"
- },
- {
- "value": "RISING_EDGE",
- "name": "RISING_EDGE"
+ "type": "enum",
+ "members": {
+ "ALWAYS": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ALWAYS"
+ }
+ },
+ "RISING_EDGE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "RISING_EDGE"
}
- ]
+ }
}
},
"com.amazonaws.iotfleetwise#UntagResource": {
@@ -7699,26 +7905,32 @@
}
},
"com.amazonaws.iotfleetwise#UpdateCampaignAction": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "APPROVE",
- "name": "APPROVE"
- },
- {
- "value": "SUSPEND",
- "name": "SUSPEND"
- },
- {
- "value": "RESUME",
- "name": "RESUME"
- },
- {
- "value": "UPDATE",
- "name": "UPDATE"
+ "type": "enum",
+ "members": {
+ "APPROVE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "APPROVE"
+ }
+ },
+ "SUSPEND": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "SUSPEND"
+ }
+ },
+ "RESUME": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "RESUME"
}
- ]
+ },
+ "UPDATE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "UPDATE"
+ }
+ }
}
},
"com.amazonaws.iotfleetwise#UpdateCampaignRequest": {
@@ -7971,18 +8183,20 @@
}
},
"com.amazonaws.iotfleetwise#UpdateMode": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "Overwrite",
- "name": "OVERWRITE"
- },
- {
- "value": "Merge",
- "name": "MERGE"
+ "type": "enum",
+ "members": {
+ "OVERWRITE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Overwrite"
}
- ]
+ },
+ "MERGE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Merge"
+ }
+ }
}
},
"com.amazonaws.iotfleetwise#UpdateModelManifest": {
@@ -8419,41 +8633,49 @@
}
},
"com.amazonaws.iotfleetwise#ValidationExceptionReason": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "unknownOperation",
- "name": "UNKNOWN_OPERATION"
- },
- {
- "value": "cannotParse",
- "name": "CANNOT_PARSE"
- },
- {
- "value": "fieldValidationFailed",
- "name": "FIELD_VALIDATION_FAILED"
- },
- {
- "value": "other",
- "name": "OTHER"
+ "type": "enum",
+ "members": {
+ "UNKNOWN_OPERATION": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "unknownOperation"
+ }
+ },
+ "CANNOT_PARSE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "cannotParse"
+ }
+ },
+ "FIELD_VALIDATION_FAILED": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "fieldValidationFailed"
+ }
+ },
+ "OTHER": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "other"
}
- ]
+ }
}
},
"com.amazonaws.iotfleetwise#VehicleAssociationBehavior": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "CreateIotThing",
- "name": "CREATE_IOT_THING"
- },
- {
- "value": "ValidateIotThingExists",
- "name": "VALIDATE_IOT_THING_EXISTS"
+ "type": "enum",
+ "members": {
+ "CREATE_IOT_THING": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "CreateIotThing"
+ }
+ },
+ "VALIDATE_IOT_THING_EXISTS": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ValidateIotThingExists"
}
- ]
+ }
}
},
"com.amazonaws.iotfleetwise#VehicleAssociationResource": {
@@ -8502,14 +8724,14 @@
}
},
"com.amazonaws.iotfleetwise#VehicleMiddlewareProtocol": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "ROS_2",
- "name": "ROS_2"
+ "type": "enum",
+ "members": {
+ "ROS_2": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ROS_2"
}
- ]
+ }
}
},
"com.amazonaws.iotfleetwise#VehicleResource": {
@@ -8555,30 +8777,38 @@
}
},
"com.amazonaws.iotfleetwise#VehicleState": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "CREATED",
- "name": "CREATED"
- },
- {
- "value": "READY",
- "name": "READY"
- },
- {
- "value": "HEALTHY",
- "name": "HEALTHY"
- },
- {
- "value": "SUSPENDED",
- "name": "SUSPENDED"
- },
- {
- "value": "DELETING",
- "name": "DELETING"
+ "type": "enum",
+ "members": {
+ "CREATED": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "CREATED"
+ }
+ },
+ "READY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "READY"
+ }
+ },
+ "HEALTHY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "HEALTHY"
+ }
+ },
+ "SUSPENDED": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "SUSPENDED"
+ }
+ },
+ "DELETING": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "DELETING"
}
- ]
+ }
}
},
"com.amazonaws.iotfleetwise#VehicleStatus": {
@@ -8657,6 +8887,12 @@
"smithy.api#documentation": "The time the vehicle was last updated in seconds since epoch (January 1, 1970 at midnight UTC time).
",
"smithy.api#required": {}
}
+ },
+ "attributes": {
+ "target": "com.amazonaws.iotfleetwise#attributesMap",
+ "traits": {
+ "smithy.api#documentation": "Static information about a vehicle in a key-value pair. For example:
\n \n \"engineType\" : \"1.3 L R2\"\n
"
+ }
}
},
"traits": {
diff --git a/codegen/sdk-codegen/aws-models/kms.json b/codegen/sdk-codegen/aws-models/kms.json
index cfed385c98c..82fb7e252d9 100644
--- a/codegen/sdk-codegen/aws-models/kms.json
+++ b/codegen/sdk-codegen/aws-models/kms.json
@@ -729,7 +729,7 @@
"XksProxyUriEndpoint": {
"target": "com.amazonaws.kms#XksProxyUriEndpointType",
"traits": {
- "smithy.api#documentation": "Specifies the endpoint that KMS uses to send requests to the external key store proxy\n (XKS proxy). This parameter is required for custom key stores with a\n CustomKeyStoreType of EXTERNAL_KEY_STORE.
\n The protocol must be HTTPS. KMS communicates on port 443. Do not specify the port in the\n XksProxyUriEndpoint value.
\n For external key stores with XksProxyConnectivity value of\n VPC_ENDPOINT_SERVICE, specify https:// followed by the private DNS\n name of the VPC endpoint service.
\n For external key stores with PUBLIC_ENDPOINT connectivity, this endpoint must\n be reachable before you create the custom key store. KMS connects to the external key store\n proxy while creating the custom key store. For external key stores with\n VPC_ENDPOINT_SERVICE connectivity, KMS connects when you call the ConnectCustomKeyStore operation.
\n The value of this parameter must begin with https://. The remainder can\n contain upper and lower case letters (A-Z and a-z), numbers (0-9), dots (.), and\n hyphens (-). Additional slashes (/ and \\) are not\n permitted.
\n \n Uniqueness requirements: \n
\n \n - \n
The combined XksProxyUriEndpoint and XksProxyUriPath values\n must be unique in the Amazon Web Services account and Region.
\n \n - \n
An external key store with PUBLIC_ENDPOINT connectivity cannot use the\n same XksProxyUriEndpoint value as an external key store with\n VPC_ENDPOINT_SERVICE connectivity in the same Amazon Web Services Region.
\n \n - \n
Each external key store with VPC_ENDPOINT_SERVICE connectivity must have\n its own private DNS name. The XksProxyUriEndpoint value for external key\n stores with VPC_ENDPOINT_SERVICE connectivity (private DNS name) must be\n unique in the Amazon Web Services account and Region.
\n \n
"
+ "smithy.api#documentation": "Specifies the endpoint that KMS uses to send requests to the external key store proxy\n (XKS proxy). This parameter is required for custom key stores with a\n CustomKeyStoreType of EXTERNAL_KEY_STORE.
\n The protocol must be HTTPS. KMS communicates on port 443. Do not specify the port in the\n XksProxyUriEndpoint value.
\n For external key stores with XksProxyConnectivity value of\n VPC_ENDPOINT_SERVICE, specify https:// followed by the private DNS\n name of the VPC endpoint service.
\n For external key stores with PUBLIC_ENDPOINT connectivity, this endpoint must\n be reachable before you create the custom key store. KMS connects to the external key store\n proxy while creating the custom key store. For external key stores with\n VPC_ENDPOINT_SERVICE connectivity, KMS connects when you call the ConnectCustomKeyStore operation.
\n The value of this parameter must begin with https://. The remainder can\n contain upper and lower case letters (A-Z and a-z), numbers (0-9), dots (.), and\n hyphens (-). Additional slashes (/ and \\) are not\n permitted.
\n \n Uniqueness requirements: \n
\n \n - \n
The combined XksProxyUriEndpoint and XksProxyUriPath values\n must be unique in the Amazon Web Services account and Region.
\n \n - \n
An external key store with PUBLIC_ENDPOINT connectivity cannot use the\n same XksProxyUriEndpoint value as an external key store with\n VPC_ENDPOINT_SERVICE connectivity in this Amazon Web Services Region.
\n \n - \n
Each external key store with VPC_ENDPOINT_SERVICE connectivity must have\n its own private DNS name. The XksProxyUriEndpoint value for external key\n stores with VPC_ENDPOINT_SERVICE connectivity (private DNS name) must be\n unique in the Amazon Web Services account and Region.
\n \n
"
}
},
"XksProxyUriPath": {
@@ -1448,6 +1448,20 @@
"Plaintext": "",
"EncryptionAlgorithm": "SYMMETRIC_DEFAULT"
}
+ },
+ {
+ "title": "To decrypt data with an asymmetric encryption KMS key",
+ "documentation": "The following example decrypts data that was encrypted with an asymmetric encryption KMS key. When the KMS encryption key is asymmetric, you must specify the KMS key ID and the encryption algorithm that was used to encrypt the data.",
+ "input": {
+ "CiphertextBlob": "",
+ "KeyId": "0987dcba-09fe-87dc-65ba-ab0987654321",
+ "EncryptionAlgorithm": "RSAES_OAEP_SHA_256"
+ },
+ "output": {
+ "KeyId": "arn:aws:kms:us-west-2:111122223333:key/0987dcba-09fe-87dc-65ba-ab0987654321",
+ "Plaintext": "",
+ "EncryptionAlgorithm": "RSAES_OAEP_SHA_256"
+ }
}
]
}
@@ -1836,7 +1850,174 @@
}
],
"traits": {
- "smithy.api#documentation": "Provides detailed information about a KMS key. You can run DescribeKey on a\n customer managed\n key or an Amazon Web Services managed key.
\n This detailed information includes the key ARN, creation date (and deletion date, if\n applicable), the key state, and the origin and expiration date (if any) of the key material.\n It includes fields, like KeySpec, that help you distinguish different types of\n KMS keys. It also displays the key usage (encryption, signing, or generating and verifying\n MACs) and the algorithms that the KMS key supports.
\n For multi-Region keys, DescribeKey displays the primary key and all\n related replica keys. For KMS keys in CloudHSM key stores, it includes information\n about the key store, such as the key store ID and the CloudHSM cluster ID. For KMS keys in external key stores,\n it includes the custom key store ID and the ID of the external key.
\n \n DescribeKey does not return the following information:
\n \n - \n
Aliases associated with the KMS key. To get this information, use ListAliases.
\n \n - \n
Whether automatic key rotation is enabled on the KMS key. To get this information, use\n GetKeyRotationStatus. Also, some key states prevent a KMS key from\n being automatically rotated. For details, see How Automatic Key Rotation\n Works in the Key Management Service Developer Guide.
\n \n - \n
Tags on the KMS key. To get this information, use ListResourceTags.
\n \n - \n
Key policies and grants on the KMS key. To get this information, use GetKeyPolicy and ListGrants.
\n \n
\n In general, DescribeKey is a non-mutating operation. It returns data about\n KMS keys, but doesn't change them. However, Amazon Web Services services use DescribeKey to\n create Amazon Web Services\n managed keys from a predefined Amazon Web Services alias with no key\n ID.
\n \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n \n Required permissions: kms:DescribeKey (key policy)
\n \n Related operations:\n
\n \n \n Eventual consistency: The KMS API follows an eventual consistency model. \n For more information, see KMS eventual consistency.
"
+ "smithy.api#documentation": "Provides detailed information about a KMS key. You can run DescribeKey on a\n customer managed\n key or an Amazon Web Services managed key.
\n This detailed information includes the key ARN, creation date (and deletion date, if\n applicable), the key state, and the origin and expiration date (if any) of the key material.\n It includes fields, like KeySpec, that help you distinguish different types of\n KMS keys. It also displays the key usage (encryption, signing, or generating and verifying\n MACs) and the algorithms that the KMS key supports.
\n For multi-Region keys, DescribeKey displays the primary key and all\n related replica keys. For KMS keys in CloudHSM key stores, it includes information\n about the key store, such as the key store ID and the CloudHSM cluster ID. For KMS keys in external key stores,\n it includes the custom key store ID and the ID of the external key.
\n \n DescribeKey does not return the following information:
\n \n - \n
Aliases associated with the KMS key. To get this information, use ListAliases.
\n \n - \n
Whether automatic key rotation is enabled on the KMS key. To get this information, use\n GetKeyRotationStatus. Also, some key states prevent a KMS key from\n being automatically rotated. For details, see How Automatic Key Rotation\n Works in the Key Management Service Developer Guide.
\n \n - \n
Tags on the KMS key. To get this information, use ListResourceTags.
\n \n - \n
Key policies and grants on the KMS key. To get this information, use GetKeyPolicy and ListGrants.
\n \n
\n In general, DescribeKey is a non-mutating operation. It returns data about\n KMS keys, but doesn't change them. However, Amazon Web Services services use DescribeKey to\n create Amazon Web Services\n managed keys from a predefined Amazon Web Services alias with no key\n ID.
\n \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n \n Required permissions: kms:DescribeKey (key policy)
\n \n Related operations:\n
\n \n \n Eventual consistency: The KMS API follows an eventual consistency model. \n For more information, see KMS eventual consistency.
",
+ "smithy.api#examples": [
+ {
+ "title": "To get details about an RSA asymmetric KMS key",
+ "documentation": "The following example gets metadata for an asymmetric RSA KMS key used for signing and verification.",
+ "input": {
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
+ },
+ "output": {
+ "KeyMetadata": {
+ "AWSAccountId": "111122223333",
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab",
+ "Arn": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
+ "CreationDate": 1.571767572317E9,
+ "CustomerMasterKeySpec": "RSA_2048",
+ "Enabled": false,
+ "Description": "",
+ "KeyState": "Disabled",
+ "Origin": "AWS_KMS",
+ "MultiRegion": false,
+ "KeyManager": "CUSTOMER",
+ "KeySpec": "RSA_2048",
+ "KeyUsage": "SIGN_VERIFY",
+ "SigningAlgorithms": [
+ "RSASSA_PKCS1_V1_5_SHA_256",
+ "RSASSA_PKCS1_V1_5_SHA_384",
+ "RSASSA_PKCS1_V1_5_SHA_512",
+ "RSASSA_PSS_SHA_256",
+ "RSASSA_PSS_SHA_384",
+ "RSASSA_PSS_SHA_512"
+ ]
+ }
+ }
+ },
+ {
+ "title": "To get details about a multi-Region key",
+ "documentation": "The following example gets metadata for a multi-Region replica key. This multi-Region key is a symmetric encryption key. DescribeKey returns information about the primary key and all of its replicas.",
+ "input": {
+ "KeyId": "arn:aws:kms:ap-northeast-1:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab"
+ },
+ "output": {
+ "KeyMetadata": {
+ "MultiRegion": true,
+ "AWSAccountId": "111122223333",
+ "Arn": "arn:aws:kms:ap-northeast-1:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab",
+ "CreationDate": 1.586329200918E9,
+ "Description": "",
+ "Enabled": true,
+ "KeyId": "mrk-1234abcd12ab34cd56ef1234567890ab",
+ "KeyManager": "CUSTOMER",
+ "KeyState": "Enabled",
+ "KeyUsage": "ENCRYPT_DECRYPT",
+ "Origin": "AWS_KMS",
+ "CustomerMasterKeySpec": "SYMMETRIC_DEFAULT",
+ "EncryptionAlgorithms": [
+ "SYMMETRIC_DEFAULT"
+ ],
+ "MultiRegionConfiguration": {
+ "MultiRegionKeyType": "PRIMARY",
+ "PrimaryKey": {
+ "Arn": "arn:aws:kms:us-west-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab",
+ "Region": "us-west-2"
+ },
+ "ReplicaKeys": [
+ {
+ "Arn": "arn:aws:kms:eu-west-1:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab",
+ "Region": "eu-west-1"
+ },
+ {
+ "Arn": "arn:aws:kms:ap-northeast-1:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab",
+ "Region": "ap-northeast-1"
+ },
+ {
+ "Arn": "arn:aws:kms:sa-east-1:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab",
+ "Region": "sa-east-1"
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "title": "To get details about an HMAC KMS key",
+ "documentation": "The following example gets the metadata of an HMAC KMS key.",
+ "input": {
+ "KeyId": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
+ },
+ "output": {
+ "KeyMetadata": {
+ "AWSAccountId": "123456789012",
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab",
+ "Arn": "arn:aws:kms:us-west-2:123456789012:key/1234abcd-12ab-34cd-56ef-1234567890ab",
+ "CreationDate": 1.566160362664E9,
+ "Enabled": true,
+ "Description": "Development test key",
+ "KeyUsage": "GENERATE_VERIFY_MAC",
+ "KeyState": "Enabled",
+ "Origin": "AWS_KMS",
+ "KeyManager": "CUSTOMER",
+ "CustomerMasterKeySpec": "HMAC_256",
+ "MacAlgorithms": [
+ "HMAC_SHA_256"
+ ],
+ "MultiRegion": false
+ }
+ }
+ },
+ {
+ "title": "To get details about a KMS key in an AWS CloudHSM key store",
+ "documentation": "The following example gets the metadata of a KMS key in an AWS CloudHSM key store.",
+ "input": {
+ "KeyId": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
+ },
+ "output": {
+ "KeyMetadata": {
+ "AWSAccountId": "123456789012",
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab",
+ "Arn": "arn:aws:kms:us-west-2:123456789012:key/1234abcd-12ab-34cd-56ef-1234567890ab",
+ "CreationDate": 1.646160362664E9,
+ "Description": "CloudHSM key store test key",
+ "Enabled": true,
+ "MultiRegion": false,
+ "KeyManager": "CUSTOMER",
+ "KeyState": "Enabled",
+ "KeyUsage": "ENCRYPT_DECRYPT",
+ "Origin": "AWS_CLOUDHSM",
+ "CloudHsmClusterId": "cluster-234abcdefABC",
+ "CustomKeyStoreId": "cks-1234567890abcdef0",
+ "KeySpec": "SYMMETRIC_DEFAULT",
+ "CustomerMasterKeySpec": "SYMMETRIC_DEFAULT",
+ "EncryptionAlgorithms": [
+ "SYMMETRIC_DEFAULT"
+ ]
+ }
+ }
+ },
+ {
+ "title": "To get details about a KMS key in an external key store",
+ "documentation": "The following example gets the metadata of a KMS key in an external key store.",
+ "input": {
+ "KeyId": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
+ },
+ "output": {
+ "KeyMetadata": {
+ "Arn": "arn:aws:kms:us-west-2:123456789012:key/1234abcd-12ab-34cd-56ef-1234567890ab",
+ "AWSAccountId": "123456789012",
+ "CreationDate": 1.646160362664E9,
+ "CustomerMasterKeySpec": "SYMMETRIC_DEFAULT",
+ "CustomKeyStoreId": "cks-1234567890abcdef0",
+ "Description": "External key store test key",
+ "Enabled": true,
+ "EncryptionAlgorithms": [
+ "SYMMETRIC_DEFAULT"
+ ],
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab",
+ "KeyManager": "CUSTOMER",
+ "KeySpec": "SYMMETRIC_DEFAULT",
+ "KeyState": "Enabled",
+ "KeyUsage": "ENCRYPT_DECRYPT",
+ "MultiRegion": false,
+ "Origin": "EXTERNAL_KEY_STORE",
+ "XksKeyConfiguration": {
+ "Id": "bb8562717f809024"
+ }
+ }
+ }
+ }
+ ]
}
},
"com.amazonaws.kms#DescribeKeyRequest": {
@@ -2251,6 +2432,20 @@
"KeyId": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
"EncryptionAlgorithm": "SYMMETRIC_DEFAULT"
}
+ },
+ {
+ "title": "To encrypt data with an asymmetric encryption KMS key",
+ "documentation": "The following example encrypts data with the specified RSA asymmetric KMS key. When you encrypt with an asymmetric key, you must specify the encryption algorithm.",
+ "input": {
+ "KeyId": "0987dcba-09fe-87dc-65ba-ab0987654321",
+ "Plaintext": "",
+ "EncryptionAlgorithm": "RSAES_OAEP_SHA_256"
+ },
+ "output": {
+ "CiphertextBlob": "",
+ "KeyId": "arn:aws:kms:us-west-2:111122223333:key/0987dcba-09fe-87dc-65ba-ab0987654321",
+ "EncryptionAlgorithm": "RSAES_OAEP_SHA_256"
+ }
}
]
}
@@ -3345,7 +3540,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Returns the public key and an import token you need to import or reimport key material for\n a KMS key.
\n By default, KMS keys are created with key material that KMS generates. This operation\n supports Importing key\n material, an advanced feature that lets you generate and import the cryptographic\n key material for a KMS key. For more information about importing key material into KMS, see\n Importing key\n material in the Key Management Service Developer Guide.
\n Before calling GetParametersForImport, use the CreateKey\n operation with an Origin value of EXTERNAL to create a KMS key with\n no key material. You can import key material for a symmetric encryption KMS key, HMAC KMS key,\n asymmetric encryption KMS key, or asymmetric signing KMS key. You can also import key material\n into a multi-Region key of\n any supported type. However, you can't import key material into a KMS key in a custom key\n store. You can also use GetParametersForImport to get a public key and\n import token to reimport\n the original key material into a KMS key whose key material expired or was\n deleted.
\n \n GetParametersForImport returns the items that you need to import your key\n material.
\n \n - \n
The public key (or \"wrapping key\") of an RSA key pair that KMS generates.
\n You will use this public key to encrypt (\"wrap\") your key material while it's in\n transit to KMS.
\n \n - \n
A import token that ensures that KMS can decrypt your key material and associate it\n with the correct KMS key.
\n \n
\n The public key and its import token are permanently linked and must be used together. Each\n public key and import token set is valid for 24 hours. The expiration date and time appear in\n the ParametersValidTo field in the GetParametersForImport response.\n You cannot use an expired public key or import token in an ImportKeyMaterial\n request. If your key and token expire, send another GetParametersForImport\n request.
\n \n GetParametersForImport requires the following information:
\n \n - \n
The key ID of the KMS key for which you are importing the key material.
\n \n - \n
The key spec of the public key (\"wrapping key\") that you will use to encrypt your key\n material during import.
\n \n - \n
The wrapping algorithm that you will use with the public key to encrypt your key\n material.
\n \n
\n You can use the same or a different public key spec and wrapping algorithm each time you\n import or reimport the same key material.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n \n Required permissions: kms:GetParametersForImport (key policy)
\n \n Related operations:\n
\n \n \n Eventual consistency: The KMS API follows an eventual consistency model. \n For more information, see KMS eventual consistency.
"
+ "smithy.api#documentation": "Returns the public key and an import token you need to import or reimport key material for\n a KMS key.
\n By default, KMS keys are created with key material that KMS generates. This operation\n supports Importing key\n material, an advanced feature that lets you generate and import the cryptographic\n key material for a KMS key. For more information about importing key material into KMS, see\n Importing key\n material in the Key Management Service Developer Guide.
\n Before calling GetParametersForImport, use the CreateKey\n operation with an Origin value of EXTERNAL to create a KMS key with\n no key material. You can import key material for a symmetric encryption KMS key, HMAC KMS key,\n asymmetric encryption KMS key, or asymmetric signing KMS key. You can also import key material\n into a multi-Region key of any supported type. However, you can't import key material into\n a KMS key in a custom key store. You can also use GetParametersForImport to get a\n public key and import token to reimport the original key\n material into a KMS key whose key material expired or was deleted.
\n \n GetParametersForImport returns the items that you need to import your key\n material.
\n \n - \n
The public key (or \"wrapping key\") of an RSA key pair that KMS generates.
\n You will use this public key to encrypt (\"wrap\") your key material while it's in\n transit to KMS.
\n \n - \n
A import token that ensures that KMS can decrypt your key material and associate it\n with the correct KMS key.
\n \n
\n The public key and its import token are permanently linked and must be used together. Each\n public key and import token set is valid for 24 hours. The expiration date and time appear in\n the ParametersValidTo field in the GetParametersForImport response.\n You cannot use an expired public key or import token in an ImportKeyMaterial\n request. If your key and token expire, send another GetParametersForImport\n request.
\n \n GetParametersForImport requires the following information:
\n \n - \n
The key ID of the KMS key for which you are importing the key material.
\n \n - \n
The key spec of the public key (\"wrapping key\") that you will use to encrypt your key\n material during import.
\n \n - \n
The wrapping algorithm that you will use with the public key to encrypt your key\n material.
\n \n
\n You can use the same or a different public key spec and wrapping algorithm each time you\n import or reimport the same key material.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n \n Required permissions: kms:GetParametersForImport (key policy)
\n \n Related operations:\n
\n \n \n Eventual consistency: The KMS API follows an eventual consistency model. \n For more information, see KMS eventual consistency.
"
}
},
"com.amazonaws.kms#GetParametersForImportRequest": {
@@ -5798,7 +5993,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Replicates a multi-Region key into the specified Region. This operation creates a\n multi-Region replica key based on a multi-Region primary key in a different Region of the same\n Amazon Web Services partition. You can create multiple replicas of a primary key, but each must be in a\n different Region. To create a multi-Region primary key, use the CreateKey\n operation.
\n This operation supports multi-Region keys, an KMS feature that lets you create multiple\n interoperable KMS keys in different Amazon Web Services Regions. Because these KMS keys have the same key ID, key\n material, and other metadata, you can use them interchangeably to encrypt data in one Amazon Web Services Region and decrypt\n it in a different Amazon Web Services Region without re-encrypting the data or making a cross-Region call. For more information about multi-Region keys, see Multi-Region keys in KMS in the Key Management Service Developer Guide.
\n A replica key is a fully-functional KMS key that can be used\n independently of its primary and peer replica keys. A primary key and its replica keys share\n properties that make them interoperable. They have the same key ID and key material. They also\n have the same key\n spec, key\n usage, key\n material origin, and automatic key rotation status. KMS automatically synchronizes these shared\n properties among related multi-Region keys. All other properties of a replica key can differ,\n including its key\n policy, tags, aliases, and Key states of KMS keys. KMS pricing and quotas for KMS keys apply to each\n primary key and replica key.
\n When this operation completes, the new replica key has a transient key state of\n Creating. This key state changes to Enabled (or\n PendingImport) after a few seconds when the process of creating the new replica\n key is complete. While the key state is Creating, you can manage key, but you\n cannot yet use it in cryptographic operations. If you are creating and using the replica key\n programmatically, retry on KMSInvalidStateException or call\n DescribeKey to check its KeyState value before using it. For\n details about the Creating key state, see Key states of KMS keys in the\n Key Management Service Developer Guide.
\n You cannot create more than one replica of a primary key in any Region. If the Region\n already includes a replica of the key you're trying to replicate, ReplicateKey\n returns an AlreadyExistsException error. If the key state of the existing replica\n is PendingDeletion, you can cancel the scheduled key deletion (CancelKeyDeletion) or wait for the key to be deleted. The new replica key you\n create will have the same shared\n properties as the original replica key.
\n The CloudTrail log of a ReplicateKey operation records a\n ReplicateKey operation in the primary key's Region and a CreateKey operation in the replica key's Region.
\n If you replicate a multi-Region primary key with imported key material, the replica key is\n created with no key material. You must import the same key material that you imported into the\n primary key. For details, see Importing key material into multi-Region keys in the Key Management Service Developer Guide.
\n To convert a replica key to a primary key, use the UpdatePrimaryRegion\n operation.
\n \n \n ReplicateKey uses different default values for the KeyPolicy\n and Tags parameters than those used in the KMS console. For details, see the\n parameter descriptions.
\n \n \n Cross-account use: No. You cannot use this operation to\n create a replica key in a different Amazon Web Services account.
\n \n Required permissions:
\n \n - \n
\n kms:ReplicateKey on the primary key (in the primary key's Region).\n Include this permission in the primary key's key policy.
\n \n - \n
\n kms:CreateKey in an IAM policy in the replica Region.
\n \n - \n
To use the Tags parameter, kms:TagResource in an IAM policy\n in the replica Region.
\n \n
\n \n Related operations\n
\n \n \n Eventual consistency: The KMS API follows an eventual consistency model. \n For more information, see KMS eventual consistency.
",
+ "smithy.api#documentation": "Replicates a multi-Region key into the specified Region. This operation creates a\n multi-Region replica key based on a multi-Region primary key in a different Region of the same\n Amazon Web Services partition. You can create multiple replicas of a primary key, but each must be in a\n different Region. To create a multi-Region primary key, use the CreateKey\n operation.
\n This operation supports multi-Region keys, an KMS feature that lets you create multiple\n interoperable KMS keys in different Amazon Web Services Regions. Because these KMS keys have the same key ID, key\n material, and other metadata, you can use them interchangeably to encrypt data in one Amazon Web Services Region and decrypt\n it in a different Amazon Web Services Region without re-encrypting the data or making a cross-Region call. For more information about multi-Region keys, see Multi-Region keys in KMS in the Key Management Service Developer Guide.
\n A replica key is a fully-functional KMS key that can be used\n independently of its primary and peer replica keys. A primary key and its replica keys share\n properties that make them interoperable. They have the same key ID and key material. They also\n have the same key\n spec, key\n usage, key\n material origin, and automatic key rotation status. KMS automatically synchronizes these shared\n properties among related multi-Region keys. All other properties of a replica key can differ,\n including its key\n policy, tags, aliases, and Key states of KMS keys. KMS pricing and quotas for KMS keys apply to each\n primary key and replica key.
\n When this operation completes, the new replica key has a transient key state of\n Creating. This key state changes to Enabled (or\n PendingImport) after a few seconds when the process of creating the new replica\n key is complete. While the key state is Creating, you can manage key, but you\n cannot yet use it in cryptographic operations. If you are creating and using the replica key\n programmatically, retry on KMSInvalidStateException or call\n DescribeKey to check its KeyState value before using it. For\n details about the Creating key state, see Key states of KMS keys in the\n Key Management Service Developer Guide.
\n You cannot create more than one replica of a primary key in any Region. If the Region\n already includes a replica of the key you're trying to replicate, ReplicateKey\n returns an AlreadyExistsException error. If the key state of the existing replica\n is PendingDeletion, you can cancel the scheduled key deletion (CancelKeyDeletion) or wait for the key to be deleted. The new replica key you\n create will have the same shared\n properties as the original replica key.
\n The CloudTrail log of a ReplicateKey operation records a\n ReplicateKey operation in the primary key's Region and a CreateKey operation in the replica key's Region.
\n If you replicate a multi-Region primary key with imported key material, the replica key is\n created with no key material. You must import the same key material that you imported into the\n primary key. For details, see Importing key material into multi-Region\n keys in the Key Management Service Developer Guide.
\n To convert a replica key to a primary key, use the UpdatePrimaryRegion\n operation.
\n \n \n ReplicateKey uses different default values for the KeyPolicy\n and Tags parameters than those used in the KMS console. For details, see the\n parameter descriptions.
\n \n \n Cross-account use: No. You cannot use this operation to\n create a replica key in a different Amazon Web Services account.
\n \n Required permissions:
\n \n - \n
\n kms:ReplicateKey on the primary key (in the primary key's Region).\n Include this permission in the primary key's key policy.
\n \n - \n
\n kms:CreateKey in an IAM policy in the replica Region.
\n \n - \n
To use the Tags parameter, kms:TagResource in an IAM policy\n in the replica Region.
\n \n
\n \n Related operations\n
\n \n \n Eventual consistency: The KMS API follows an eventual consistency model. \n For more information, see KMS eventual consistency.
",
"smithy.api#examples": [
{
"title": "To replicate a multi-Region key in a different AWS Region",
@@ -6207,6 +6402,21 @@
"Signature": "",
"SigningAlgorithm": "ECDSA_SHA_384"
}
+ },
+ {
+ "title": "To digitally sign a message digest with an asymmetric KMS key.",
+ "documentation": "This operation uses the private key in an asymmetric RSA signing KMS key to generate a digital signature for a message digest. In this example, a large message was hashed and the resulting digest is provided in the Message parameter. To tell KMS not to hash the message again, the MessageType field is set to DIGEST",
+ "input": {
+ "KeyId": "alias/RSA_signing_key",
+ "Message": "",
+ "MessageType": "DIGEST",
+ "SigningAlgorithm": "RSASSA_PKCS1_V1_5_SHA_256"
+ },
+ "output": {
+ "KeyId": "arn:aws:kms:us-east-2:111122223333:key/0987dcba-09fe-87dc-65ba-ab0987654321",
+ "Signature": "",
+ "SigningAlgorithm": "RSASSA_PKCS1_V1_5_SHA_256"
+ }
}
]
}
@@ -8129,6 +8339,44 @@
"NewCustomKeyStoreName": "DevelopmentKeys"
},
"output": {}
+ },
+ {
+ "title": "To edit the password of an AWS CloudHSM key store",
+ "documentation": "This example tells AWS KMS the password for the kmsuser crypto user in the AWS CloudHSM cluster that is associated with the AWS KMS custom key store. (It does not change the password in the CloudHSM cluster.) This operation does not return any data.",
+ "input": {
+ "CustomKeyStoreId": "cks-1234567890abcdef0",
+ "KeyStorePassword": "ExamplePassword"
+ },
+ "output": {}
+ },
+ {
+ "title": "To associate the custom key store with a different, but related, AWS CloudHSM cluster.",
+ "documentation": "This example changes the AWS CloudHSM cluster that is associated with an AWS CloudHSM key store to a related cluster, such as a different backup of the same cluster. This operation does not return any data. To verify that the operation worked, use the DescribeCustomKeyStores operation.",
+ "input": {
+ "CustomKeyStoreId": "cks-1234567890abcdef0",
+ "CloudHsmClusterId": "cluster-234abcdefABC"
+ },
+ "output": {}
+ },
+ {
+ "title": "To edit the proxy URI path of an external key store.",
+ "documentation": "This example updates the proxy URI path for an external key store",
+ "input": {
+ "CustomKeyStoreId": "cks-1234567890abcdef0",
+ "XksProxyUriPath": "/new-path/kms/xks/v1"
+ },
+ "output": {}
+ },
+ {
+ "title": "To update the proxy connectivity of an external key store to VPC_ENDPOINT_SERVICE",
+ "documentation": "To change the external key store proxy connectivity option from public endpoint connectivity to VPC endpoint service connectivity, in addition to changing the XksProxyConnectivity value, you must change the XksProxyUriEndpoint value to reflect the private DNS name associated with the VPC endpoint service. You must also add an XksProxyVpcEndpointServiceName value.",
+ "input": {
+ "CustomKeyStoreId": "cks-1234567890abcdef0",
+ "XksProxyConnectivity": "VPC_ENDPOINT_SERVICE",
+ "XksProxyUriEndpoint": "https://myproxy-private.xks.example.com",
+ "XksProxyVpcEndpointServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-example"
+ },
+ "output": {}
}
]
}
@@ -8386,6 +8634,22 @@
"SignatureValid": true,
"SigningAlgorithm": "ECDSA_SHA_384"
}
+ },
+ {
+ "title": "To use an asymmetric KMS key to verify a digital signature on a message digest",
+ "documentation": "This operation uses the public key in an RSA asymmetric signing key pair to verify the digital signature of a message digest. Hashing a message into a digest before sending it to KMS lets you verify messages that exceed the 4096-byte message size limit. To indicate that the value of Message is a digest, use the MessageType parameter ",
+ "input": {
+ "KeyId": "arn:aws:kms:us-east-2:111122223333:key/0987dcba-09fe-87dc-65ba-ab0987654321",
+ "Message": "",
+ "MessageType": "DIGEST",
+ "Signature": "",
+ "SigningAlgorithm": "RSASSA_PSS_SHA_512"
+ },
+ "output": {
+ "KeyId": "arn:aws:kms:us-east-2:111122223333:key/0987dcba-09fe-87dc-65ba-ab0987654321",
+ "SignatureValid": true,
+ "SigningAlgorithm": "RSASSA_PSS_SHA_512"
+ }
}
]
}
@@ -8639,7 +8903,7 @@
"code": "XksKeyAlreadyInUse",
"httpResponseCode": 400
},
- "smithy.api#documentation": "The request was rejected because the (XksKeyId) is already associated with a\n KMS key in this external key store. Each KMS key in an external key store must be associated\n with a different external key.
",
+ "smithy.api#documentation": "The request was rejected because the (XksKeyId) is already associated with\n another KMS key in this external key store. Each KMS key in an external key store must be\n associated with a different external key.
",
"smithy.api#error": "client",
"smithy.api#httpError": 400
}
@@ -8830,7 +9094,7 @@
"code": "XksProxyInvalidConfigurationException",
"httpResponseCode": 400
},
- "smithy.api#documentation": "The request was rejected because the Amazon VPC endpoint service configuration does not fulfill\n the requirements for an external key store proxy. For details, see the exception\n message.
",
+ "smithy.api#documentation": "The request was rejected because the external key store proxy is not configured correctly.\n To identify the cause, see the error message that accompanies the exception.
",
"smithy.api#error": "client",
"smithy.api#httpError": 400
}
@@ -8864,7 +9128,7 @@
"code": "XksProxyUriEndpointInUseException",
"httpResponseCode": 400
},
- "smithy.api#documentation": "The request was rejected because the concatenation of the XksProxyUriEndpoint\n is already associated with an external key store in the Amazon Web Services account and Region. Each\n external key store in an account and Region must use a unique external key store proxy\n address.
",
+ "smithy.api#documentation": "The request was rejected because the XksProxyUriEndpoint is already\n associated with another external key store in this Amazon Web Services Region. To identify the cause,\n see the error message that accompanies the exception.
",
"smithy.api#error": "client",
"smithy.api#httpError": 400
}
@@ -8891,7 +9155,7 @@
"code": "XksProxyUriInUseException",
"httpResponseCode": 400
},
- "smithy.api#documentation": "The request was rejected because the concatenation of the XksProxyUriEndpoint\n and XksProxyUriPath is already associated with an external key store in the\n Amazon Web Services account and Region. Each external key store in an account and Region must use a unique\n external key store proxy API address.
",
+ "smithy.api#documentation": "The request was rejected because the concatenation of the XksProxyUriEndpoint\n and XksProxyUriPath is already associated with another external key store in this\n Amazon Web Services Region. Each external key store in a Region must use a unique external key store proxy\n API address.
",
"smithy.api#error": "client",
"smithy.api#httpError": 400
}
@@ -8935,7 +9199,7 @@
"code": "XksProxyVpcEndpointServiceInUseException",
"httpResponseCode": 400
},
- "smithy.api#documentation": "The request was rejected because the specified Amazon VPC endpoint service is already\n associated with an external key store in the Amazon Web Services account and Region. Each external key store\n in an Amazon Web Services account and Region must use a different Amazon VPC endpoint service.
",
+ "smithy.api#documentation": "The request was rejected because the specified Amazon VPC endpoint service is already\n associated with another external key store in this Amazon Web Services Region. Each external key store in a\n Region must use a different Amazon VPC endpoint service.
",
"smithy.api#error": "client",
"smithy.api#httpError": 400
}
@@ -8952,7 +9216,7 @@
"code": "XksProxyVpcEndpointServiceInvalidConfigurationException",
"httpResponseCode": 400
},
- "smithy.api#documentation": "The request was rejected because the Amazon VPC endpoint service configuration does not fulfill\n the requirements for an external key store proxy. For details, see the exception message and\n review the requirements for Amazon VPC endpoint service connectivity for an external key\n store.
",
+ "smithy.api#documentation": "The request was rejected because the Amazon VPC endpoint service configuration does not fulfill\n the requirements for an external key store. To identify the cause, see the error message that\n accompanies the exception and review the\n requirements for Amazon VPC endpoint service connectivity for an external key\n store.
",
"smithy.api#error": "client",
"smithy.api#httpError": 400
}
diff --git a/codegen/sdk-codegen/aws-models/location.json b/codegen/sdk-codegen/aws-models/location.json
index 2cfec4656cf..29c384c36f9 100644
--- a/codegen/sdk-codegen/aws-models/location.json
+++ b/codegen/sdk-codegen/aws-models/location.json
@@ -2216,6 +2216,27 @@
}
}
},
+ "com.amazonaws.location#CustomLayer": {
+ "type": "string",
+ "traits": {
+ "smithy.api#length": {
+ "min": 1,
+ "max": 100
+ },
+ "smithy.api#pattern": "^[-._\\w]+$"
+ }
+ },
+ "com.amazonaws.location#CustomLayerList": {
+ "type": "list",
+ "member": {
+ "target": "com.amazonaws.location#CustomLayer"
+ },
+ "traits": {
+ "smithy.api#length": {
+ "max": 10
+ }
+ }
+ },
"com.amazonaws.location#DataSourceConfiguration": {
"type": "structure",
"members": {
@@ -3991,7 +4012,7 @@
"FontStack": {
"target": "smithy.api#String",
"traits": {
- "smithy.api#documentation": "A comma-separated list of fonts to load glyphs from in order of preference. For\n example, Noto Sans Regular, Arial Unicode.
\n Valid font stacks for Esri styles:
\n \n - \n
VectorEsriDarkGrayCanvas – Ubuntu Medium Italic | Ubuntu\n Medium | Ubuntu Italic | Ubuntu Regular |\n Ubuntu Bold\n
\n \n - \n
VectorEsriLightGrayCanvas – Ubuntu Italic | Ubuntu\n Regular | Ubuntu Light | Ubuntu Bold\n
\n \n - \n
VectorEsriTopographic – Noto Sans Italic | Noto Sans\n Regular | Noto Sans Bold | Noto Serif\n Regular | Roboto Condensed Light Italic\n
\n \n - \n
VectorEsriStreets – Arial Regular | Arial Italic |\n Arial Bold\n
\n \n - \n
VectorEsriNavigation – Arial Regular | Arial Italic\n | Arial Bold\n
\n \n
\n Valid font stacks for HERE Technologies styles:
\n \n - \n
VectorHereContrast – Fira \n GO Regular | Fira GO Bold\n
\n \n - \n
VectorHereExplore, VectorHereExploreTruck, HybridHereExploreSatellite – \n Fira GO Italic | Fira GO Map | \n Fira GO Map Bold | Noto Sans CJK JP Bold | \n Noto Sans CJK JP Light | \n Noto Sans CJK JP Regular\n
\n \n
\n Valid font stacks for GrabMaps styles:
\n \n Valid font stacks for Open Data styles:
\n \n - \n
VectorOpenDataStandardLight, VectorOpenDataStandardDark,\n VectorOpenDataVisualizationLight, VectorOpenDataVisualizationDark – \n Amazon Ember Regular,Noto Sans Regular |\n Amazon Ember Bold,Noto Sans Bold | \n Amazon Ember Medium,Noto Sans Medium |\n Amazon Ember Regular Italic,Noto Sans Italic | \n Amazon Ember Condensed RC Regular,Noto Sans Regular | \n Amazon Ember Condensed RC Bold,Noto Sans Bold |\n Amazon Ember Regular,Noto Sans Regular,Noto Sans Arabic Regular |\n Amazon Ember Condensed RC Bold,Noto Sans Bold,Noto Sans Arabic \n Condensed Bold |\n Amazon Ember Bold,Noto Sans Bold,Noto Sans Arabic Bold |\n Amazon Ember Regular Italic,Noto Sans Italic,Noto Sans Arabic \n Regular |\n Amazon Ember Condensed RC Regular,Noto Sans Regular,Noto Sans Arabic \n Condensed Regular |\n Amazon Ember Medium,Noto Sans Medium,Noto Sans Arabic Medium\n
\n \n
\n \n The fonts used by the Open Data map styles are combined fonts\n that use Amazon Ember for most glyphs but Noto Sans \n for glyphs unsupported by Amazon Ember.
\n ",
+ "smithy.api#documentation": "A comma-separated list of fonts to load glyphs from in order of preference. For\n example, Noto Sans Regular, Arial Unicode.
\n Valid font stacks for Esri styles:
\n \n - \n
VectorEsriDarkGrayCanvas – Ubuntu Medium Italic | Ubuntu\n Medium | Ubuntu Italic | Ubuntu Regular |\n Ubuntu Bold\n
\n \n - \n
VectorEsriLightGrayCanvas – Ubuntu Italic | Ubuntu\n Regular | Ubuntu Light | Ubuntu Bold\n
\n \n - \n
VectorEsriTopographic – Noto Sans Italic | Noto Sans\n Regular | Noto Sans Bold | Noto Serif\n Regular | Roboto Condensed Light Italic\n
\n \n - \n
VectorEsriStreets – Arial Regular | Arial Italic |\n Arial Bold\n
\n \n - \n
VectorEsriNavigation – Arial Regular | Arial Italic\n | Arial Bold | Arial Unicode MS Bold | Arial Unicode MS Regular\n
\n \n
\n Valid font stacks for HERE Technologies styles:
\n \n - \n
VectorHereContrast – Fira \n GO Regular | Fira GO Bold\n
\n \n - \n
VectorHereExplore, VectorHereExploreTruck, HybridHereExploreSatellite – \n Fira GO Italic | Fira GO Map | \n Fira GO Map Bold | Noto Sans CJK JP Bold | \n Noto Sans CJK JP Light | \n Noto Sans CJK JP Regular\n
\n \n
\n Valid font stacks for GrabMaps styles:
\n \n Valid font stacks for Open Data styles:
\n \n - \n
VectorOpenDataStandardLight, VectorOpenDataStandardDark,\n VectorOpenDataVisualizationLight, VectorOpenDataVisualizationDark – \n Amazon Ember Regular,Noto Sans Regular |\n Amazon Ember Bold,Noto Sans Bold | \n Amazon Ember Medium,Noto Sans Medium |\n Amazon Ember Regular Italic,Noto Sans Italic | \n Amazon Ember Condensed RC Regular,Noto Sans Regular | \n Amazon Ember Condensed RC Bold,Noto Sans Bold |\n Amazon Ember Regular,Noto Sans Regular,Noto Sans Arabic Regular |\n Amazon Ember Condensed RC Bold,Noto Sans Bold,Noto Sans Arabic \n Condensed Bold |\n Amazon Ember Bold,Noto Sans Bold,Noto Sans Arabic Bold |\n Amazon Ember Regular Italic,Noto Sans Italic,Noto Sans Arabic \n Regular |\n Amazon Ember Condensed RC Regular,Noto Sans Regular,Noto Sans Arabic \n Condensed Regular |\n Amazon Ember Medium,Noto Sans Medium,Noto Sans Arabic Medium\n
\n \n
\n \n The fonts used by the Open Data map styles are combined fonts\n that use Amazon Ember for most glyphs but Noto Sans \n for glyphs unsupported by Amazon Ember.
\n ",
"smithy.api#httpLabel": {},
"smithy.api#required": {}
}
@@ -4384,7 +4405,7 @@
"PlaceId": {
"target": "com.amazonaws.location#PlaceId",
"traits": {
- "smithy.api#documentation": "The identifier of the place to find.
",
+ "smithy.api#documentation": "The identifier of the place to find.
\n While you can use PlaceID in subsequent requests, \n PlaceID is not intended to be a permanent \n identifier and the ID can change between consecutive API calls. \n Please see the following PlaceID behaviour for each data provider:
\n \n - \n
Esri: Place IDs will change every quarter at a minimum. The typical time period for these changes would be March, June, September, and December. Place IDs might also change between the typical quarterly change but that will be much less frequent.
\n \n - \n
HERE: We recommend \n that you cache data for no longer than a week \n to keep your data data fresh. You can \n assume that less than 1% ID shifts will\n release over release which is approximately 1 - 2 times per week.
\n \n - \n
Grab: Place IDs can expire or become invalid in the following situations.
\n \n - \n
Data operations: The POI may be removed from Grab POI database by Grab Map Ops based on the ground-truth,\n such as being closed in the real world, being detected as a duplicate POI, or having incorrect information. Grab will synchronize data to the Waypoint environment on weekly basis.
\n \n - \n
Interpolated POI: Interpolated POI is a temporary POI generated in real time when serving a request, \n and it will be marked as derived in the place.result_type field in the response. \n The information of interpolated POIs will be retained for at least 30 days, which means that within 30 days, you are able to obtain POI details by \n Place ID from Place Details API. After 30 days, the interpolated POIs(both Place ID and details) may expire and inaccessible from the Places Details API.
\n \n
\n \n
",
"smithy.api#httpLabel": {},
"smithy.api#required": {}
}
@@ -6551,7 +6572,7 @@
"Style": {
"target": "com.amazonaws.location#MapStyle",
"traits": {
- "smithy.api#documentation": "Specifies the map style selected from an available data provider.
\n Valid Esri map styles:
\n \n - \n
\n VectorEsriDarkGrayCanvas – The Esri Dark Gray Canvas map style. A\n vector basemap with a dark gray, neutral background with minimal colors, labels,\n and features that's designed to draw attention to your thematic content.
\n \n - \n
\n RasterEsriImagery – The Esri Imagery map style. A raster basemap\n that provides one meter or better satellite and aerial imagery in many parts of\n the world and lower resolution satellite imagery worldwide.
\n \n - \n
\n VectorEsriLightGrayCanvas – The Esri Light Gray Canvas map style,\n which provides a detailed vector basemap with a light gray, neutral background\n style with minimal colors, labels, and features that's designed to draw\n attention to your thematic content.
\n \n - \n
\n VectorEsriTopographic – The Esri Light map style, which provides\n a detailed vector basemap with a classic Esri map style.
\n \n - \n
\n VectorEsriStreets – The Esri Street Map style, which\n provides a detailed vector basemap for the world symbolized with a classic Esri\n street map style. The vector tile layer is similar in content and style to the\n World Street Map raster map.
\n \n - \n
\n VectorEsriNavigation – The Esri Navigation map style, which\n provides a detailed basemap for the world symbolized with a custom navigation\n map style that's designed for use during the day in mobile devices.
\n \n
\n Valid HERE\n Technologies map styles:
\n \n - \n
\n VectorHereContrast – The HERE Contrast (Berlin) map style is a \n high contrast\n detailed base map of the world that blends 3D and 2D rendering.
\n \n The VectorHereContrast style has been renamed from \n VectorHereBerlin. \n VectorHereBerlin has been deprecated, but will continue to work in \n applications that use it.
\n \n \n - \n
\n VectorHereExplore – A default HERE map style containing a \n neutral, global map and its features including roads, buildings, landmarks, \n and water features. It also now includes a fully designed map of Japan.
\n \n - \n
\n VectorHereExploreTruck – A global map containing truck \n restrictions and attributes (e.g. width / height / HAZMAT) symbolized with \n highlighted segments and icons on top of HERE Explore to support use cases \n within transport and logistics.
\n \n - \n
\n RasterHereExploreSatellite – A global map containing high\n resolution satellite imagery.
\n \n - \n
\n HybridHereExploreSatellite – A global map displaying the road \n network, street names, and city labels over satellite imagery. This style \n will automatically retrieve both raster and vector tiles, and your charges \n will be based on total tiles retrieved.
\n \n Hybrid styles use both vector and raster tiles when rendering the \n map that you see. This means that more tiles are retrieved than when using \n either vector or raster tiles alone. Your charges will include all tiles \n retrieved.
\n \n \n
\n Valid GrabMaps map styles:
\n \n - \n
\n VectorGrabStandardLight – The Grab Standard Light \n map style provides a basemap with detailed land use coloring, \n area names, roads, landmarks, and points of interest covering \n Southeast Asia.
\n \n - \n
\n VectorGrabStandardDark – The Grab Standard Dark \n map style provides a dark variation of the standard basemap \n covering Southeast Asia.
\n \n
\n \n Grab provides maps only for countries in Southeast Asia, and is only available \n in the Asia Pacific (Singapore) Region (ap-southeast-1).\n For more information, see GrabMaps countries and area covered.
\n \n Valid Open Data map styles:
\n \n - \n
\n VectorOpenDataStandardLight – The Open Data Standard Light \n map style provides a detailed basemap for the world suitable for\n website and mobile application use. The map includes highways major roads, \n minor roads, railways, water features, cities, parks, landmarks, building\n footprints, and administrative boundaries.
\n \n - \n
\n VectorOpenDataStandardDark – Open Data Standard Dark is a\n dark-themed map style that provides a detailed basemap for the world \n suitable for website and mobile application use. The map includes highways \n major roads, minor roads, railways, water features, cities, parks, \n landmarks, building footprints, and administrative boundaries.
\n \n - \n
\n VectorOpenDataVisualizationLight – The Open Data \n Visualization Light map style is a light-themed style with muted colors and\n fewer features that aids in understanding overlaid data.
\n \n - \n
\n VectorOpenDataVisualizationDark – The Open Data \n Visualization Dark map style is a dark-themed style with muted colors and\n fewer features that aids in understanding overlaid data.
\n \n
",
+ "smithy.api#documentation": "Specifies the map style selected from an available data provider.
\n Valid Esri map styles:
\n \n - \n
\n VectorEsriNavigation – The Esri Navigation map style, which provides a detailed basemap for the world symbolized with a \n custom navigation map style that's designed for use during the day in mobile devices. It also includes a richer set of places, \n such as shops, services, restaurants, attractions, and other points of interest. \n Enable the POI layer by setting it in CustomLayers to leverage the additional places data.
\n \n \n - \n
\n RasterEsriImagery – The Esri Imagery map style. A raster basemap\n that provides one meter or better satellite and aerial imagery in many parts of\n the world and lower resolution satellite imagery worldwide.
\n \n - \n
\n VectorEsriLightGrayCanvas – The Esri Light Gray Canvas map style,\n which provides a detailed vector basemap with a light gray, neutral background\n style with minimal colors, labels, and features that's designed to draw\n attention to your thematic content.
\n \n - \n
\n VectorEsriTopographic – The Esri Light map style, which provides\n a detailed vector basemap with a classic Esri map style.
\n \n - \n
\n VectorEsriStreets – The Esri Street Map style, which\n provides a detailed vector basemap for the world symbolized with a classic Esri\n street map style. The vector tile layer is similar in content and style to the\n World Street Map raster map.
\n \n - \n
\n VectorEsriDarkGrayCanvas – The Esri Dark Gray Canvas map style. A\n vector basemap with a dark gray, neutral background with minimal colors, labels,\n and features that's designed to draw attention to your thematic content.
\n \n
\n Valid HERE\n Technologies map styles:
\n \n - \n
\n VectorHereExplore – A default HERE map style containing a \n neutral, global map and its features including roads, buildings, landmarks, \n and water features. It also now includes a fully designed map of Japan.
\n \n - \n
\n RasterHereExploreSatellite – A global map containing high\n resolution satellite imagery.
\n \n - \n
\n HybridHereExploreSatellite – A global map displaying the road \n network, street names, and city labels over satellite imagery. This style \n will automatically retrieve both raster and vector tiles, and your charges \n will be based on total tiles retrieved.
\n \n Hybrid styles use both vector and raster tiles when rendering the \n map that you see. This means that more tiles are retrieved than when using \n either vector or raster tiles alone. Your charges will include all tiles \n retrieved.
\n \n \n - \n
\n VectorHereContrast – The HERE Contrast (Berlin) map style is a \n high contrast\n detailed base map of the world that blends 3D and 2D rendering.
\n \n The VectorHereContrast style has been renamed from \n VectorHereBerlin. \n VectorHereBerlin has been deprecated, but will continue to work in \n applications that use it.
\n \n \n - \n
\n VectorHereExploreTruck – A global map containing truck \n restrictions and attributes (e.g. width / height / HAZMAT) symbolized with \n highlighted segments and icons on top of HERE Explore to support use cases \n within transport and logistics.
\n \n
\n Valid GrabMaps map styles:
\n \n - \n
\n VectorGrabStandardLight – The Grab Standard Light \n map style provides a basemap with detailed land use coloring, \n area names, roads, landmarks, and points of interest covering \n Southeast Asia.
\n \n - \n
\n VectorGrabStandardDark – The Grab Standard Dark \n map style provides a dark variation of the standard basemap \n covering Southeast Asia.
\n \n
\n \n Grab provides maps only for countries in Southeast Asia, and is only available \n in the Asia Pacific (Singapore) Region (ap-southeast-1).\n For more information, see GrabMaps countries and area covered.
\n \n Valid Open Data map styles:
\n \n - \n
\n VectorOpenDataStandardLight – The Open Data Standard Light \n map style provides a detailed basemap for the world suitable for\n website and mobile application use. The map includes highways major roads, \n minor roads, railways, water features, cities, parks, landmarks, building\n footprints, and administrative boundaries.
\n \n - \n
\n VectorOpenDataStandardDark – Open Data Standard Dark is a\n dark-themed map style that provides a detailed basemap for the world \n suitable for website and mobile application use. The map includes highways \n major roads, minor roads, railways, water features, cities, parks, \n landmarks, building footprints, and administrative boundaries.
\n \n - \n
\n VectorOpenDataVisualizationLight – The Open Data \n Visualization Light map style is a light-themed style with muted colors and\n fewer features that aids in understanding overlaid data.
\n \n - \n
\n VectorOpenDataVisualizationDark – The Open Data \n Visualization Dark map style is a dark-themed style with muted colors and\n fewer features that aids in understanding overlaid data.
\n \n
",
"smithy.api#required": {}
}
},
@@ -6560,6 +6581,13 @@
"traits": {
"smithy.api#documentation": "Specifies the political view for the style. Leave unset to not use a political \n view, or, for styles that support specific political views, you can choose a view, \n such as IND for the Indian view.
\n Default is unset.
\n \n Not all map resources or styles support political view styles. See \n Political \n views \n for more information.
\n "
}
+ },
+ "CustomLayers": {
+ "target": "com.amazonaws.location#CustomLayerList",
+ "traits": {
+ "aws.cloudformation#cfnExcludeProperty": {},
+ "smithy.api#documentation": "Specifies the custom layers for the style. Leave unset to not enable any custom layer, or, for styles that support custom layers, you can enable layer(s), such as POI layer for the VectorEsriNavigation style.\nDefault is unset.
\n \n Currenlty only VectorEsriNavigation supports CustomLayers. \nFor more information, see Custom Layers.
\n "
+ }
}
},
"traits": {
@@ -6574,6 +6602,13 @@
"traits": {
"smithy.api#documentation": "Specifies the political view for the style. Set to an empty string to not use a\n political view, or, for styles that support specific political views, you can choose a \n view, such as IND for the Indian view.
\n \n Not all map resources or styles support political view styles. See \n Political \n views \n for more information.
\n "
}
+ },
+ "CustomLayers": {
+ "target": "com.amazonaws.location#CustomLayerList",
+ "traits": {
+ "aws.cloudformation#cfnExcludeProperty": {},
+ "smithy.api#documentation": "Specifies the custom layers for the style. Leave unset to not enable any custom layer, or, for styles that support custom layers, you can enable layer(s), such as POI layer for the VectorEsriNavigation style.\nDefault is unset.
\n \n Currenlty only VectorEsriNavigation supports CustomLayers. \nFor more information, see Custom Layers.
\n "
+ }
}
},
"traits": {
@@ -6727,13 +6762,13 @@
"UnitType": {
"target": "smithy.api#String",
"traits": {
- "smithy.api#documentation": "For addresses with a UnitNumber, the type of unit. For example,\n Apartment.
\n \n Returned only for a place index that uses Esri as a data provider.
\n "
+ "smithy.api#documentation": "For addresses with a UnitNumber, the type of unit. For example,\n Apartment.
\n \n This property is returned only for a place index that uses Esri as a data provider.
\n "
}
},
"UnitNumber": {
"target": "smithy.api#String",
"traits": {
- "smithy.api#documentation": "For addresses with multiple units, the unit identifier. Can include numbers and\n letters, for example 3B or Unit 123.
\n \n Returned only for a place index that uses Esri or Grab as a data provider. Is \n not returned for SearchPlaceIndexForPosition.
\n "
+ "smithy.api#documentation": "For addresses with multiple units, the unit identifier. Can include numbers and\n letters, for example 3B or Unit 123.
\n \n This property is returned only for a place index that uses Esri or Grab as a data provider. It is \n not returned for SearchPlaceIndexForPosition.
\n "
}
},
"Categories": {
@@ -6751,7 +6786,7 @@
"SubMunicipality": {
"target": "smithy.api#String",
"traits": {
- "smithy.api#documentation": "An area that's part of a larger municipality. For example, Blissville \n is a submunicipality in the Queen County in New York.
\n \n This property supported by Esri and OpenData. The Esri property is district, and the OpenData property is borough.
\n "
+ "smithy.api#documentation": "An area that's part of a larger municipality. For example, Blissville \n is a submunicipality in the Queen County in New York.
\n \n This property is only returned for a place index that uses Esri as a data provider. The property is represented as a district.
\n \n For more information about data providers, see Amazon Location Service data providers.
"
}
}
},
@@ -7308,7 +7343,7 @@
"PlaceId": {
"target": "com.amazonaws.location#PlaceId",
"traits": {
- "smithy.api#documentation": "The unique identifier of the Place. You can use this with the GetPlace\n operation to find the place again later, or to get full information for the Place.
\n The GetPlace request must use the same PlaceIndex \n resource as the SearchPlaceIndexForSuggestions that generated the Place \n ID.
\n \n For SearchPlaceIndexForSuggestions operations, the\n PlaceId is returned by place indexes that use Esri, Grab, or HERE\n as data providers.
\n "
+ "smithy.api#documentation": "The unique identifier of the Place. You can use this with the GetPlace\n operation to find the place again later, or to get full information for the Place.
\n The GetPlace request must use the same PlaceIndex \n resource as the SearchPlaceIndexForSuggestions that generated the Place \n ID.
\n \n For SearchPlaceIndexForSuggestions operations, the\n PlaceId is returned by place indexes that use Esri, Grab, or HERE\n as data providers.
\n \n While you can use PlaceID in subsequent requests, \n PlaceID is not intended to be a permanent \n identifier and the ID can change between consecutive API calls. \n Please see the following PlaceID behaviour for each data provider:
\n \n - \n
Esri: Place IDs will change every quarter at a minimum. The typical time period for these changes would be March, June, September, and December. Place IDs might also change between the typical quarterly change but that will be much less frequent.
\n \n - \n
HERE: We recommend \n that you cache data for no longer than a week \n to keep your data data fresh. You can \n assume that less than 1% ID shifts will\n release over release which is approximately 1 - 2 times per week.
\n \n - \n
Grab: Place IDs can expire or become invalid in the following situations.
\n \n - \n
Data operations: The POI may be removed from Grab POI database by Grab Map Ops based on the ground-truth,\n such as being closed in the real world, being detected as a duplicate POI, or having incorrect information. Grab will synchronize data to the Waypoint environment on weekly basis.
\n \n - \n
Interpolated POI: Interpolated POI is a temporary POI generated in real time when serving a request, \n and it will be marked as derived in the place.result_type field in the response. \n The information of interpolated POIs will be retained for at least 30 days, which means that within 30 days, you are able to obtain POI details by \n Place ID from Place Details API. After 30 days, the interpolated POIs(both Place ID and details) may expire and inaccessible from the Places Details API.
\n \n
\n \n
"
}
},
"Categories": {
diff --git a/codegen/sdk-codegen/aws-models/macie2.json b/codegen/sdk-codegen/aws-models/macie2.json
index 608cfe6e5fc..a408d58dce4 100644
--- a/codegen/sdk-codegen/aws-models/macie2.json
+++ b/codegen/sdk-codegen/aws-models/macie2.json
@@ -765,7 +765,7 @@
"kmsManaged": {
"target": "com.amazonaws.macie2#__long",
"traits": {
- "smithy.api#documentation": "The total number of buckets whose default encryption settings are configured to encrypt new objects with an Amazon Web Services managed KMS key or a customer managed KMS key. By default, these buckets encrypt new objects automatically using SSE-KMS encryption.
",
+ "smithy.api#documentation": "The total number of buckets whose default encryption settings are configured to encrypt new objects with an KMS key, either an Amazon Web Services managed key or a customer managed key. By default, these buckets encrypt new objects automatically using DSSE-KMS or SSE-KMS encryption.
",
"smithy.api#jsonName": "kmsManaged"
}
},
@@ -1241,7 +1241,7 @@
"type": {
"target": "com.amazonaws.macie2#Type",
"traits": {
- "smithy.api#documentation": "The server-side encryption algorithm that's used by default to encrypt objects that are added to the bucket. Possible values are:
AES256 - New objects are encrypted with an Amazon S3 managed key. They use SSE-S3 encryption.
aws:kms - New objects are encrypted with an KMS key (kmsMasterKeyId), either an Amazon Web Services managed key or a customer managed key. They use SSE-KMS encryption.
NONE - The bucket's default encryption settings don't specify server-side encryption behavior for new objects.
",
+ "smithy.api#documentation": "The server-side encryption algorithm that's used by default to encrypt objects that are added to the bucket. Possible values are:
AES256 - New objects use SSE-S3 encryption. They're encrypted with an Amazon S3 managed key.
aws:kms - New objects use SSE-KMS encryption. They're encrypted with an KMS key (kmsMasterKeyId), either an Amazon Web Services managed key or a customer managed key.
aws:kms:dsse - New objects use DSSE-KMS encryption. They're encrypted with an KMS key (kmsMasterKeyId), either an Amazon Web Services managed key or a customer managed key.
NONE - The bucket's default encryption settings don't specify server-side encryption behavior for new objects.
",
"smithy.api#jsonName": "type"
}
}
@@ -4047,6 +4047,12 @@
"traits": {
"smithy.api#enumValue": "UNKNOWN"
}
+ },
+ "aws_kms_dsse": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "aws:kms:dsse"
+ }
}
},
"traits": {
@@ -6245,7 +6251,7 @@
"reasons": {
"target": "com.amazonaws.macie2#__listOfUnavailabilityReasonCode",
"traits": {
- "smithy.api#documentation": "Specifies why occurrences of sensitive data can't be retrieved for the finding. Possible values are:
ACCOUNT_NOT_IN_ORGANIZATION - The affected account isn't currently part of your organization. Or the account is part of your organization but Macie isn't currently enabled for the account. You're not allowed to access the affected S3 object by using Macie.
INVALID_CLASSIFICATION_RESULT - There isn't a corresponding sensitive data discovery result for the finding. Or the corresponding sensitive data discovery result isn't available, is malformed or corrupted, or uses an unsupported storage format. Macie can't verify the location of the sensitive data to retrieve.
INVALID_RESULT_SIGNATURE - The corresponding sensitive data discovery result is stored in an S3 object that wasn't signed by Macie. Macie can't verify the integrity and authenticity of the sensitive data discovery result. Therefore, Macie can't verify the location of the sensitive data to retrieve.
MEMBER_ROLE_TOO_PERMISSIVE - The affected member account is configured to retrieve occurrences of sensitive data by using an IAM role whose trust or permissions policy doesn't meet Macie requirements for restricting access to the role. Or the role's trust policy doesn't specify the correct external ID. Macie can't assume the role to retrieve the sensitive data.
MISSING_GET_MEMBER_PERMISSION - You're not allowed to retrieve information about the association between your account and the affected account. Macie can't determine whether you’re allowed to access the affected S3 object as the delegated Macie administrator for the affected account.
OBJECT_EXCEEDS_SIZE_QUOTA - The storage size of the affected S3 object exceeds the size quota for retrieving occurrences of sensitive data from this type of file.
OBJECT_UNAVAILABLE - The affected S3 object isn't available. The object was renamed, moved, or deleted. Or the object was changed after Macie created the finding.
RESULT_NOT_SIGNED - The corresponding sensitive data discovery result is stored in an S3 object that hasn't been signed. Macie can't verify the integrity and authenticity of the sensitive data discovery result. Therefore, Macie can't verify the location of the sensitive data to retrieve.
ROLE_TOO_PERMISSIVE - Your account is configured to retrieve occurrences of sensitive data by using an IAM role whose trust or permissions policy doesn't meet Macie requirements for restricting access to the role. Macie can’t assume the role to retrieve the sensitive data.
UNSUPPORTED_FINDING_TYPE - The specified finding isn't a sensitive data finding.
UNSUPPORTED_OBJECT_TYPE - The affected S3 object uses a file or storage format that Macie doesn't support for retrieving occurrences of sensitive data.
This value is null if sensitive data can be retrieved for the finding.
",
+ "smithy.api#documentation": "Specifies why occurrences of sensitive data can't be retrieved for the finding. Possible values are:
ACCOUNT_NOT_IN_ORGANIZATION - The affected account isn't currently part of your organization. Or the account is part of your organization but Macie isn't currently enabled for the account. You're not allowed to access the affected S3 object by using Macie.
INVALID_CLASSIFICATION_RESULT - There isn't a corresponding sensitive data discovery result for the finding. Or the corresponding sensitive data discovery result isn't available in the current Amazon Web Services Region, is malformed or corrupted, or uses an unsupported storage format. Macie can't verify the location of the sensitive data to retrieve.
INVALID_RESULT_SIGNATURE - The corresponding sensitive data discovery result is stored in an S3 object that wasn't signed by Macie. Macie can't verify the integrity and authenticity of the sensitive data discovery result. Therefore, Macie can't verify the location of the sensitive data to retrieve.
MEMBER_ROLE_TOO_PERMISSIVE - The trust or permissions policy for the IAM role in the affected member account doesn't meet Macie requirements for restricting access to the role. Or the role's trust policy doesn't specify the correct external ID for your organization. Macie can't assume the role to retrieve the sensitive data.
MISSING_GET_MEMBER_PERMISSION - You're not allowed to retrieve information about the association between your account and the affected account. Macie can't determine whether you’re allowed to access the affected S3 object as the delegated Macie administrator for the affected account.
OBJECT_EXCEEDS_SIZE_QUOTA - The storage size of the affected S3 object exceeds the size quota for retrieving occurrences of sensitive data from this type of file.
OBJECT_UNAVAILABLE - The affected S3 object isn't available. The object was renamed, moved, deleted, or changed after Macie created the finding. Or the object is encrypted with an KMS key that's currently disabled.
RESULT_NOT_SIGNED - The corresponding sensitive data discovery result is stored in an S3 object that hasn't been signed. Macie can't verify the integrity and authenticity of the sensitive data discovery result. Therefore, Macie can't verify the location of the sensitive data to retrieve.
ROLE_TOO_PERMISSIVE - Your account is configured to retrieve occurrences of sensitive data by using an IAM role whose trust or permissions policy doesn't meet Macie requirements for restricting access to the role. Macie can’t assume the role to retrieve the sensitive data.
UNSUPPORTED_FINDING_TYPE - The specified finding isn't a sensitive data finding.
UNSUPPORTED_OBJECT_TYPE - The affected S3 object uses a file or storage format that Macie doesn't support for retrieving occurrences of sensitive data.
This value is null if sensitive data can be retrieved for the finding.
",
"smithy.api#jsonName": "reasons"
}
}
@@ -10106,21 +10112,21 @@
"customerManaged": {
"target": "com.amazonaws.macie2#__long",
"traits": {
- "smithy.api#documentation": "The total number of objects that are encrypted with a customer-provided key. The objects use customer-provided server-side encryption (SSE-C).
",
+ "smithy.api#documentation": "The total number of objects that are encrypted with customer-provided keys. The objects use server-side encryption with customer-provided keys (SSE-C).
",
"smithy.api#jsonName": "customerManaged"
}
},
"kmsManaged": {
"target": "com.amazonaws.macie2#__long",
"traits": {
- "smithy.api#documentation": "The total number of objects that are encrypted with an KMS key, either an Amazon Web Services managed key or a customer managed key. The objects use KMS encryption (SSE-KMS).
",
+ "smithy.api#documentation": "The total number of objects that are encrypted with KMS keys, either Amazon Web Services managed keys or customer managed keys. The objects use dual-layer server-side encryption or server-side encryption with KMS keys (DSSE-KMS or SSE-KMS).
",
"smithy.api#jsonName": "kmsManaged"
}
},
"s3Managed": {
"target": "com.amazonaws.macie2#__long",
"traits": {
- "smithy.api#documentation": "The total number of objects that are encrypted with an Amazon S3 managed key. The objects use Amazon S3 managed encryption (SSE-S3).
",
+ "smithy.api#documentation": "The total number of objects that are encrypted with Amazon S3 managed keys. The objects use server-side encryption with Amazon S3 managed keys (SSE-S3).
",
"smithy.api#jsonName": "s3Managed"
}
},
@@ -10769,7 +10775,7 @@
"externalId": {
"target": "com.amazonaws.macie2#__string",
"traits": {
- "smithy.api#documentation": "The external ID to specify in the trust policy for the IAM role to assume when retrieving sensitive data from affected S3 objects (roleName). The trust policy must include an sts:ExternalId condition that requires this ID.
This ID is a unique alphanumeric string that Amazon Macie generates automatically after you configure it to assume a role. This value is null if the value for retrievalMode is CALLER_CREDENTIALS.
",
+ "smithy.api#documentation": "The external ID to specify in the trust policy for the IAM role to assume when retrieving sensitive data from affected S3 objects (roleName). This value is null if the value for retrievalMode is CALLER_CREDENTIALS.
This ID is a unique alphanumeric string that Amazon Macie generates automatically after you configure it to assume an IAM role. For a Macie administrator to retrieve sensitive data from an affected S3 object for a member account, the trust policy for the role in the member account must include an sts:ExternalId condition that requires this ID.
",
"smithy.api#jsonName": "externalId"
}
},
@@ -10777,7 +10783,7 @@
"target": "com.amazonaws.macie2#RetrievalMode",
"traits": {
"smithy.api#clientOptional": {},
- "smithy.api#documentation": "The access method that's used when retrieving sensitive data from affected S3 objects. Valid values are: ASSUME_ROLE, assume an IAM role that is in the affected Amazon Web Services account and delegates access to Amazon Macie (roleName); and, CALLER_CREDENTIALS, use the credentials of the IAM user who requests the sensitive data.
",
+ "smithy.api#documentation": "The access method that's used to retrieve sensitive data from affected S3 objects. Valid values are: ASSUME_ROLE, assume an IAM role that is in the affected Amazon Web Services account and delegates access to Amazon Macie (roleName); and, CALLER_CREDENTIALS, use the credentials of the IAM user who requests the sensitive data.
",
"smithy.api#jsonName": "retrievalMode",
"smithy.api#required": {}
}
@@ -10828,7 +10834,7 @@
"target": "com.amazonaws.macie2#RevealStatus",
"traits": {
"smithy.api#clientOptional": {},
- "smithy.api#documentation": "The status of the configuration for the Amazon Macie account. In a request, valid values are: ENABLED, enable the configuration for the account; and, DISABLED, disable the configuration for the account. In a response, possible values are: ENABLED, the configuration is currently enabled for the account; and, DISABLED, the configuration is currently disabled for the account.
",
+ "smithy.api#documentation": "The status of the configuration for the Amazon Macie account. In a response, possible values are: ENABLED, the configuration is currently enabled for the account; and, DISABLED, the configuration is currently disabled for the account. In a request, valid values are: ENABLED, enable the configuration for the account; and, DISABLED, disable the configuration for the account.
If you disable the configuration, you also permanently delete current settings that specify how to access affected S3 objects. If your current access method is ASSUME_ROLE, Macie also deletes the external ID and role name currently specified for the configuration. These settings can't be recovered after they're deleted.
",
"smithy.api#jsonName": "status",
"smithy.api#required": {}
}
@@ -12722,6 +12728,12 @@
"traits": {
"smithy.api#enumValue": "aws:kms"
}
+ },
+ "aws_kms_dsse": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "aws:kms:dsse"
+ }
}
}
},
@@ -12817,7 +12829,7 @@
"target": "com.amazonaws.macie2#__string",
"traits": {
"smithy.api#clientOptional": {},
- "smithy.api#documentation": "The type of error that occurred and prevented Amazon Macie from retrieving occurrences of sensitive data reported by the finding. Possible values are:
ACCOUNT_NOT_IN_ORGANIZATION - The affected account isn't currently part of your organization. Or the account is part of your organization but Macie isn't currently enabled for the account. You're not allowed to access the affected S3 object by using Macie.
INVALID_CLASSIFICATION_RESULT - There isn't a corresponding sensitive data discovery result for the finding. Or the corresponding sensitive data discovery result isn't available, is malformed or corrupted, or uses an unsupported storage format. Macie can't verify the location of the sensitive data to retrieve.
INVALID_RESULT_SIGNATURE - The corresponding sensitive data discovery result is stored in an S3 object that wasn't signed by Macie. Macie can't verify the integrity and authenticity of the sensitive data discovery result. Therefore, Macie can't verify the location of the sensitive data to retrieve.
MEMBER_ROLE_TOO_PERMISSIVE - The affected member account is configured to retrieve occurrences of sensitive data by using an IAM role whose trust or permissions policy doesn't meet Macie requirements for restricting access to the role. Or the role's trust policy doesn't specify the correct external ID. Macie can't assume the role to retrieve the sensitive data.
MISSING_GET_MEMBER_PERMISSION - You're not allowed to retrieve information about the association between your account and the affected account. Macie can't determine whether you’re allowed to access the affected S3 object as the delegated Macie administrator for the affected account.
OBJECT_EXCEEDS_SIZE_QUOTA - The storage size of the affected S3 object exceeds the size quota for retrieving occurrences of sensitive data from this type of file.
OBJECT_UNAVAILABLE - The affected S3 object isn't available. The object was renamed, moved, or deleted. Or the object was changed after Macie created the finding.
RESULT_NOT_SIGNED - The corresponding sensitive data discovery result is stored in an S3 object that hasn't been signed. Macie can't verify the integrity and authenticity of the sensitive data discovery result. Therefore, Macie can't verify the location of the sensitive data to retrieve.
ROLE_TOO_PERMISSIVE - Your account is configured to retrieve occurrences of sensitive data by using an IAM role whose trust or permissions policy doesn't meet Macie requirements for restricting access to the role. Macie can’t assume the role to retrieve the sensitive data.
UNSUPPORTED_FINDING_TYPE - The specified finding isn't a sensitive data finding.
UNSUPPORTED_OBJECT_TYPE - The affected S3 object uses a file or storage format that Macie doesn't support for retrieving occurrences of sensitive data.
",
+ "smithy.api#documentation": "The type of error that occurred and prevented Amazon Macie from retrieving occurrences of sensitive data reported by the finding. Possible values are:
ACCOUNT_NOT_IN_ORGANIZATION - The affected account isn't currently part of your organization. Or the account is part of your organization but Macie isn't currently enabled for the account. You're not allowed to access the affected S3 object by using Macie.
INVALID_CLASSIFICATION_RESULT - There isn't a corresponding sensitive data discovery result for the finding. Or the corresponding sensitive data discovery result isn't available in the current Amazon Web Services Region, is malformed or corrupted, or uses an unsupported storage format. Macie can't verify the location of the sensitive data to retrieve.
INVALID_RESULT_SIGNATURE - The corresponding sensitive data discovery result is stored in an S3 object that wasn't signed by Macie. Macie can't verify the integrity and authenticity of the sensitive data discovery result. Therefore, Macie can't verify the location of the sensitive data to retrieve.
MEMBER_ROLE_TOO_PERMISSIVE - The trust or permissions policy for the IAM role in the affected member account doesn't meet Macie requirements for restricting access to the role. Or the role's trust policy doesn't specify the correct external ID for your organization. Macie can't assume the role to retrieve the sensitive data.
MISSING_GET_MEMBER_PERMISSION - You're not allowed to retrieve information about the association between your account and the affected account. Macie can't determine whether you’re allowed to access the affected S3 object as the delegated Macie administrator for the affected account.
OBJECT_EXCEEDS_SIZE_QUOTA - The storage size of the affected S3 object exceeds the size quota for retrieving occurrences of sensitive data from this type of file.
OBJECT_UNAVAILABLE - The affected S3 object isn't available. The object was renamed, moved, deleted, or changed after Macie created the finding. Or the object is encrypted with an KMS key that's currently disabled.
RESULT_NOT_SIGNED - The corresponding sensitive data discovery result is stored in an S3 object that hasn't been signed. Macie can't verify the integrity and authenticity of the sensitive data discovery result. Therefore, Macie can't verify the location of the sensitive data to retrieve.
ROLE_TOO_PERMISSIVE - Your account is configured to retrieve occurrences of sensitive data by using an IAM role whose trust or permissions policy doesn't meet Macie requirements for restricting access to the role. Macie can’t assume the role to retrieve the sensitive data.
UNSUPPORTED_FINDING_TYPE - The specified finding isn't a sensitive data finding.
UNSUPPORTED_OBJECT_TYPE - The affected S3 object uses a file or storage format that Macie doesn't support for retrieving occurrences of sensitive data.
",
"smithy.api#jsonName": "message",
"smithy.api#required": {}
}
@@ -13678,7 +13690,7 @@
}
},
"traits": {
- "smithy.api#documentation": "Specifies the access method and settings to use when retrieving occurrences of sensitive data reported by findings. If your request specifies an Identity and Access Management (IAM) role to assume when retrieving the sensitive data, Amazon Macie verifies that the role exists and the attached policies are configured correctly. If there's an issue, Macie returns an error. For information about addressing the issue, see Retrieving sensitive data samples with findings in the Amazon Macie User Guide.
"
+ "smithy.api#documentation": "Specifies the access method and settings to use when retrieving occurrences of sensitive data reported by findings. If your request specifies an Identity and Access Management (IAM) role to assume, Amazon Macie verifies that the role exists and the attached policies are configured correctly. If there's an issue, Macie returns an error. For information about addressing the issue, see Configuration options and requirements for retrieving sensitive data samples in the Amazon Macie User Guide.
"
}
},
"com.amazonaws.macie2#UpdateRevealConfiguration": {
@@ -13727,7 +13739,7 @@
"retrievalConfiguration": {
"target": "com.amazonaws.macie2#UpdateRetrievalConfiguration",
"traits": {
- "smithy.api#documentation": "The access method and settings to use to retrieve the sensitive data.
",
+ "smithy.api#documentation": "The access method and settings to use when retrieving the sensitive data.
",
"smithy.api#jsonName": "retrievalConfiguration"
}
}
@@ -13749,7 +13761,7 @@
"retrievalConfiguration": {
"target": "com.amazonaws.macie2#RetrievalConfiguration",
"traits": {
- "smithy.api#documentation": "The access method and settings to use to retrieve the sensitive data.
",
+ "smithy.api#documentation": "The access method and settings to use when retrieving the sensitive data.
",
"smithy.api#jsonName": "retrievalConfiguration"
}
}
diff --git a/codegen/sdk-codegen/aws-models/mwaa.json b/codegen/sdk-codegen/aws-models/mwaa.json
index e0fddfdfa75..f6051804e59 100644
--- a/codegen/sdk-codegen/aws-models/mwaa.json
+++ b/codegen/sdk-codegen/aws-models/mwaa.json
@@ -26,6 +26,15 @@
"smithy.api#sensitive": {}
}
},
+ "com.amazonaws.mwaa#AirflowIdentity": {
+ "type": "string",
+ "traits": {
+ "smithy.api#length": {
+ "min": 1,
+ "max": 64
+ }
+ }
+ },
"com.amazonaws.mwaa#AirflowVersion": {
"type": "string",
"traits": {
@@ -1247,6 +1256,18 @@
"traits": {
"smithy.api#documentation": "The Airflow web server hostname for the environment.
"
}
+ },
+ "IamIdentity": {
+ "target": "com.amazonaws.mwaa#IamIdentity",
+ "traits": {
+ "smithy.api#documentation": "The name of the IAM identity creating the web login token. This might be an IAM user, or an assumed or federated identity. For example, assumed-role/Admin/your-name.
"
+ }
+ },
+ "AirflowIdentity": {
+ "target": "com.amazonaws.mwaa#AirflowIdentity",
+ "traits": {
+ "smithy.api#documentation": "The user name of the Apache Airflow identity creating the web login token.
"
+ }
}
}
},
@@ -1718,6 +1739,9 @@
"smithy.api#pattern": "^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9])$"
}
},
+ "com.amazonaws.mwaa#IamIdentity": {
+ "type": "string"
+ },
"com.amazonaws.mwaa#IamRoleArn": {
"type": "string",
"traits": {
diff --git a/codegen/sdk-codegen/aws-models/payment-cryptography.json b/codegen/sdk-codegen/aws-models/payment-cryptography.json
index c3ecb7e9f6d..4e9412269fa 100644
--- a/codegen/sdk-codegen/aws-models/payment-cryptography.json
+++ b/codegen/sdk-codegen/aws-models/payment-cryptography.json
@@ -524,7 +524,35 @@
],
"traits": {
"aws.api#controlPlane": {},
- "smithy.api#documentation": "Exports a key from Amazon Web Services Payment Cryptography.
\n Amazon Web Services Payment Cryptography simplifies key exchange by replacing the existing paper-based approach with a modern electronic approach. With ExportKey you can export symmetric keys using either symmetric and asymmetric key exchange mechanisms. Using this operation, you can share your Amazon Web Services Payment Cryptography generated keys with other service partners to perform cryptographic operations outside of Amazon Web Services Payment Cryptography
\n For symmetric key exchange, Amazon Web Services Payment Cryptography uses the ANSI X9 TR-31 norm in accordance with PCI PIN guidelines. And for asymmetric key exchange, Amazon Web Services Payment Cryptography supports ANSI X9 TR-34 norm . Asymmetric key exchange methods are typically used to establish bi-directional trust between the two parties exhanging keys and are used for initial key exchange such as Key Encryption Key (KEK). After which you can export working keys using symmetric method to perform various cryptographic operations within Amazon Web Services Payment Cryptography.
\n The TR-34 norm is intended for exchanging 3DES keys only and keys are imported in a WrappedKeyBlock format. Key attributes (such as KeyUsage, KeyAlgorithm, KeyModesOfUse, Exportability) are contained within the key block.
\n You can also use ExportKey functionality to generate and export an IPEK (Initial Pin Encryption Key) from Amazon Web Services Payment Cryptography using either TR-31 or TR-34 export key exchange. IPEK is generated from BDK (Base Derivation Key) and ExportDukptInitialKey attribute KSN (KeySerialNumber). The generated IPEK does not persist within Amazon Web Services Payment Cryptography and has to be re-generated each time during export.
\n \n To export KEK or IPEK using TR-34\n
\n Using this operation, you can export initial key using TR-34 asymmetric key exchange. You can only export KEK generated within Amazon Web Services Payment Cryptography. In TR-34 terminology, the sending party of the key is called Key Distribution Host (KDH) and the receiving party of the key is called Key Receiving Device (KRD). During key export process, KDH is Amazon Web Services Payment Cryptography which initiates key export and KRD is the user receiving the key.
\n To initiate TR-34 key export, the KRD must obtain an export token by calling GetParametersForExport. This operation also generates a key pair for the purpose of key export, signs the key and returns back the signing public key certificate (also known as KDH signing certificate) and root certificate chain. The KDH uses the private key to sign the the export payload and the signing public key certificate is provided to KRD to verify the signature. The KRD can import the root certificate into its Hardware Security Module (HSM), as required. The export token and the associated KDH signing certificate expires after 7 days.
\n Next the KRD generates a key pair for the the purpose of encrypting the KDH key and provides the public key cerificate (also known as KRD wrapping certificate) back to KDH. The KRD will also import the root cerificate chain into Amazon Web Services Payment Cryptography by calling ImportKey for RootCertificatePublicKey. The KDH, Amazon Web Services Payment Cryptography, will use the KRD wrapping cerificate to encrypt (wrap) the key under export and signs it with signing private key to generate a TR-34 WrappedKeyBlock. For more information on TR-34 key export, see section Exporting symmetric keys in the Amazon Web Services Payment Cryptography User Guide.
\n Set the following parameters:
\n \n - \n
\n ExportAttributes: Specify export attributes in case of IPEK export. This parameter is optional for KEK export.
\n \n - \n
\n ExportKeyIdentifier: The KeyARN of the KEK or BDK (in case of IPEK) under export.
\n \n - \n
\n KeyMaterial: Use Tr34KeyBlock parameters.
\n \n - \n
\n CertificateAuthorityPublicKeyIdentifier: The KeyARN of the certificate chain that signed the KRD wrapping key certificate.
\n \n - \n
\n ExportToken: Obtained from KDH by calling GetParametersForImport.
\n \n - \n
\n WrappingKeyCertificate: The public key certificate in PEM format (base64 encoded) of the KRD wrapping key Amazon Web Services Payment Cryptography uses for encryption of the TR-34 export payload. This certificate must be signed by the root certificate (CertificateAuthorityPublicKeyIdentifier) imported into Amazon Web Services Payment Cryptography.
\n \n
\n When this operation is successful, Amazon Web Services Payment Cryptography returns the KEK or IPEK as a TR-34 WrappedKeyBlock.
\n \n To export WK (Working Key) or IPEK using TR-31\n
\n Using this operation, you can export working keys or IPEK using TR-31 symmetric key exchange. In TR-31, you must use an initial key such as KEK to encrypt or wrap the key under export. To establish a KEK, you can use CreateKey or ImportKey.
\n Set the following parameters:
\n \n - \n
\n ExportAttributes: Specify export attributes in case of IPEK export. This parameter is optional for KEK export.
\n \n - \n
\n ExportKeyIdentifier: The KeyARN of the KEK or BDK (in case of IPEK) under export.
\n \n - \n
\n KeyMaterial: Use Tr31KeyBlock parameters.
\n \n
\n When this operation is successful, Amazon Web Services Payment Cryptography returns the WK or IPEK as a TR-31 WrappedKeyBlock.
\n \n Cross-account use: This operation can't be used across different Amazon Web Services accounts.
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Exports a key from Amazon Web Services Payment Cryptography.
\n Amazon Web Services Payment Cryptography simplifies key exchange by replacing the existing paper-based approach with a modern electronic approach. With ExportKey you can export symmetric keys using either symmetric and asymmetric key exchange mechanisms. Using this operation, you can share your Amazon Web Services Payment Cryptography generated keys with other service partners to perform cryptographic operations outside of Amazon Web Services Payment Cryptography
\n For symmetric key exchange, Amazon Web Services Payment Cryptography uses the ANSI X9 TR-31 norm in accordance with PCI PIN guidelines. And for asymmetric key exchange, Amazon Web Services Payment Cryptography supports ANSI X9 TR-34 norm and RSA wrap and unwrap key exchange mechanism. Asymmetric key exchange methods are typically used to establish bi-directional trust between the two parties exhanging keys and are used for initial key exchange such as Key Encryption Key (KEK). After which you can export working keys using symmetric method to perform various cryptographic operations within Amazon Web Services Payment Cryptography.
\n The TR-34 norm is intended for exchanging 3DES keys only and keys are imported in a WrappedKeyBlock format. Key attributes (such as KeyUsage, KeyAlgorithm, KeyModesOfUse, Exportability) are contained within the key block. With RSA wrap and unwrap, you can exchange both 3DES and AES-128 keys. The keys are imported in a WrappedKeyCryptogram format and you will need to specify the key attributes during import.
\n You can also use ExportKey functionality to generate and export an IPEK (Initial Pin Encryption Key) from Amazon Web Services Payment Cryptography using either TR-31 or TR-34 export key exchange. IPEK is generated from BDK (Base Derivation Key) and ExportDukptInitialKey attribute KSN (KeySerialNumber). The generated IPEK does not persist within Amazon Web Services Payment Cryptography and has to be re-generated each time during export.
\n \n To export initial keys (KEK) or IPEK using TR-34\n
\n Using this operation, you can export initial key using TR-34 asymmetric key exchange. You can only export KEK generated within Amazon Web Services Payment Cryptography. In TR-34 terminology, the sending party of the key is called Key Distribution Host (KDH) and the receiving party of the key is called Key Receiving Device (KRD). During key export process, KDH is Amazon Web Services Payment Cryptography which initiates key export and KRD is the user receiving the key.
\n To initiate TR-34 key export, the KRD must obtain an export token by calling GetParametersForExport. This operation also generates a key pair for the purpose of key export, signs the key and returns back the signing public key certificate (also known as KDH signing certificate) and root certificate chain. The KDH uses the private key to sign the the export payload and the signing public key certificate is provided to KRD to verify the signature. The KRD can import the root certificate into its Hardware Security Module (HSM), as required. The export token and the associated KDH signing certificate expires after 7 days.
\n Next the KRD generates a key pair for the the purpose of encrypting the KDH key and provides the public key cerificate (also known as KRD wrapping certificate) back to KDH. The KRD will also import the root cerificate chain into Amazon Web Services Payment Cryptography by calling ImportKey for RootCertificatePublicKey. The KDH, Amazon Web Services Payment Cryptography, will use the KRD wrapping cerificate to encrypt (wrap) the key under export and signs it with signing private key to generate a TR-34 WrappedKeyBlock. For more information on TR-34 key export, see section Exporting symmetric keys in the Amazon Web Services Payment Cryptography User Guide.
\n Set the following parameters:
\n \n - \n
\n ExportAttributes: Specify export attributes in case of IPEK export. This parameter is optional for KEK export.
\n \n - \n
\n ExportKeyIdentifier: The KeyARN of the KEK or BDK (in case of IPEK) under export.
\n \n - \n
\n KeyMaterial: Use Tr34KeyBlock parameters.
\n \n - \n
\n CertificateAuthorityPublicKeyIdentifier: The KeyARN of the certificate chain that signed the KRD wrapping key certificate.
\n \n - \n
\n ExportToken: Obtained from KDH by calling GetParametersForImport.
\n \n - \n
\n WrappingKeyCertificate: The public key certificate in PEM format (base64 encoded) of the KRD wrapping key Amazon Web Services Payment Cryptography uses for encryption of the TR-34 export payload. This certificate must be signed by the root certificate (CertificateAuthorityPublicKeyIdentifier) imported into Amazon Web Services Payment Cryptography.
\n \n
\n When this operation is successful, Amazon Web Services Payment Cryptography returns the KEK or IPEK as a TR-34 WrappedKeyBlock.
\n \n To export initial keys (KEK) or IPEK using RSA Wrap and Unwrap\n
\n Using this operation, you can export initial key using asymmetric RSA wrap and unwrap key exchange method. To initiate export, generate an asymmetric key pair on the receiving HSM and obtain the public key certificate in PEM format (base64 encoded) for the purpose of wrapping and the root certifiate chain. Import the root certificate into Amazon Web Services Payment Cryptography by calling ImportKey for RootCertificatePublicKey.
\n Next call ExportKey and set the following parameters:
\n \n - \n
\n CertificateAuthorityPublicKeyIdentifier: The KeyARN of the certificate chain that signed wrapping key certificate.
\n \n - \n
\n KeyMaterial: Set to KeyCryptogram.
\n \n - \n
\n WrappingKeyCertificate: The public key certificate in PEM format (base64 encoded) obtained by the receiving HSM and signed by the root certificate (CertificateAuthorityPublicKeyIdentifier) imported into Amazon Web Services Payment Cryptography. The receiving HSM uses its private key component to unwrap the WrappedKeyCryptogram.
\n \n
\n When this operation is successful, Amazon Web Services Payment Cryptography returns the WrappedKeyCryptogram.
\n \n To export working keys or IPEK using TR-31\n
\n Using this operation, you can export working keys or IPEK using TR-31 symmetric key exchange. In TR-31, you must use an initial key such as KEK to encrypt or wrap the key under export. To establish a KEK, you can use CreateKey or ImportKey.
\n Set the following parameters:
\n \n - \n
\n ExportAttributes: Specify export attributes in case of IPEK export. This parameter is optional for KEK export.
\n \n - \n
\n ExportKeyIdentifier: The KeyARN of the KEK or BDK (in case of IPEK) under export.
\n \n - \n
\n KeyMaterial: Use Tr31KeyBlock parameters.
\n \n
\n When this operation is successful, Amazon Web Services Payment Cryptography returns the working key or IPEK as a TR-31 WrappedKeyBlock.
\n \n Cross-account use: This operation can't be used across different Amazon Web Services accounts.
\n \n Related operations:\n
\n "
+ }
+ },
+ "com.amazonaws.paymentcryptography#ExportKeyCryptogram": {
+ "type": "structure",
+ "members": {
+ "CertificateAuthorityPublicKeyIdentifier": {
+ "target": "com.amazonaws.paymentcryptography#KeyArnOrKeyAliasType",
+ "traits": {
+ "smithy.api#documentation": "The KeyARN of the certificate chain that signs the wrapping key certificate during RSA wrap and unwrap key export.
",
+ "smithy.api#required": {}
+ }
+ },
+ "WrappingKeyCertificate": {
+ "target": "com.amazonaws.paymentcryptography#CertificateType",
+ "traits": {
+ "smithy.api#documentation": "The wrapping key certificate in PEM format (base64 encoded). Amazon Web Services Payment Cryptography uses this certificate to wrap the key under export.
",
+ "smithy.api#required": {}
+ }
+ },
+ "WrappingSpec": {
+ "target": "com.amazonaws.paymentcryptography#WrappingKeySpec",
+ "traits": {
+ "smithy.api#documentation": "The wrapping spec for the key under export.
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "Parameter information for key material export using asymmetric RSA wrap and unwrap key exchange method.
"
}
},
"com.amazonaws.paymentcryptography#ExportKeyInput": {
@@ -569,10 +597,16 @@
"traits": {
"smithy.api#documentation": "Parameter information for key material export using the asymmetric TR-34 key exchange method.
"
}
+ },
+ "KeyCryptogram": {
+ "target": "com.amazonaws.paymentcryptography#ExportKeyCryptogram",
+ "traits": {
+ "smithy.api#documentation": "Parameter information for key material export using asymmetric RSA wrap and unwrap key exchange method
"
+ }
}
},
"traits": {
- "smithy.api#documentation": "Parameter information for key material export from Amazon Web Services Payment Cryptography using TR-31 or TR-34 key exchange method.
"
+ "smithy.api#documentation": "Parameter information for key material export from Amazon Web Services Payment Cryptography using TR-31 or TR-34 or RSA wrap and unwrap key exchange method.
"
}
},
"com.amazonaws.paymentcryptography#ExportKeyOutput": {
@@ -581,7 +615,7 @@
"WrappedKey": {
"target": "com.amazonaws.paymentcryptography#WrappedKey",
"traits": {
- "smithy.api#documentation": "The key material under export as a TR-34 WrappedKeyBlock or a TR-31 WrappedKeyBlock.
"
+ "smithy.api#documentation": "The key material under export as a TR-34 WrappedKeyBlock or a TR-31 WrappedKeyBlock. or a RSA WrappedKeyCryptogram.
"
}
}
},
@@ -928,7 +962,7 @@
],
"traits": {
"aws.api#controlPlane": {},
- "smithy.api#documentation": "Gets the import token and the wrapping key certificate in PEM format (base64 encoded) to initiate a TR-34 WrappedKeyBlock.
\n The wrapping key certificate wraps the key under import. The import token and wrapping key certificate must be in place and operational before calling ImportKey. The import token expires in 7 days. You can use the same import token to import multiple keys into your service account.
\n \n Cross-account use: This operation can't be used across different Amazon Web Services accounts.
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Gets the import token and the wrapping key certificate in PEM format (base64 encoded) to initiate a TR-34 WrappedKeyBlock or a RSA WrappedKeyCryptogram import into Amazon Web Services Payment Cryptography.
\n The wrapping key certificate wraps the key under import. The import token and wrapping key certificate must be in place and operational before calling ImportKey. The import token expires in 7 days. You can use the same import token to import multiple keys into your service account.
\n \n Cross-account use: This operation can't be used across different Amazon Web Services accounts.
\n \n Related operations:\n
\n "
}
},
"com.amazonaws.paymentcryptography#GetParametersForImportInput": {
@@ -937,14 +971,14 @@
"KeyMaterialType": {
"target": "com.amazonaws.paymentcryptography#KeyMaterialType",
"traits": {
- "smithy.api#documentation": "The method to use for key material import. Import token is only required for TR-34 WrappedKeyBlock (TR34_KEY_BLOCK).
\n Import token is not required for TR-31, root public key cerificate or trusted public key certificate.
",
+ "smithy.api#documentation": "The method to use for key material import. Import token is only required for TR-34 WrappedKeyBlock (TR34_KEY_BLOCK) and RSA WrappedKeyCryptogram (KEY_CRYPTOGRAM).
\n Import token is not required for TR-31, root public key cerificate or trusted public key certificate.
",
"smithy.api#required": {}
}
},
"WrappingKeyAlgorithm": {
"target": "com.amazonaws.paymentcryptography#KeyAlgorithm",
"traits": {
- "smithy.api#documentation": "The wrapping key algorithm to generate a wrapping key certificate. This certificate wraps the key under import.
\n At this time, RSA_2048, RSA_3072, RSA_4096 are the only allowed algorithms for TR-34 WrappedKeyBlock import.
",
+ "smithy.api#documentation": "The wrapping key algorithm to generate a wrapping key certificate. This certificate wraps the key under import.
\n At this time, RSA_2048 is the allowed algorithm for TR-34 WrappedKeyBlock import. Additionally, RSA_2048, RSA_3072, RSA_4096 are the allowed algorithms for RSA WrappedKeyCryptogram import.
",
"smithy.api#required": {}
}
}
@@ -973,7 +1007,7 @@
"WrappingKeyAlgorithm": {
"target": "com.amazonaws.paymentcryptography#KeyAlgorithm",
"traits": {
- "smithy.api#documentation": "The algorithm of the wrapping key for use within TR-34 WrappedKeyBlock.
",
+ "smithy.api#documentation": "The algorithm of the wrapping key for use within TR-34 WrappedKeyBlock or RSA WrappedKeyCryptogram.
",
"smithy.api#required": {}
}
},
@@ -1123,7 +1157,48 @@
],
"traits": {
"aws.api#controlPlane": {},
- "smithy.api#documentation": "Imports symmetric keys and public key certificates in PEM format (base64 encoded) into Amazon Web Services Payment Cryptography.
\n Amazon Web Services Payment Cryptography simplifies key exchange by replacing the existing paper-based approach with a modern electronic approach. With ImportKey you can import symmetric keys using either symmetric and asymmetric key exchange mechanisms.
\n For symmetric key exchange, Amazon Web Services Payment Cryptography uses the ANSI X9 TR-31 norm in accordance with PCI PIN guidelines. And for asymmetric key exchange, Amazon Web Services Payment Cryptography supports ANSI X9 TR-34 norm . Asymmetric key exchange methods are typically used to establish bi-directional trust between the two parties exhanging keys and are used for initial key exchange such as Key Encryption Key (KEK) or Zone Master Key (ZMK). After which you can import working keys using symmetric method to perform various cryptographic operations within Amazon Web Services Payment Cryptography.
\n The TR-34 norm is intended for exchanging 3DES keys only and keys are imported in a WrappedKeyBlock format. Key attributes (such as KeyUsage, KeyAlgorithm, KeyModesOfUse, Exportability) are contained within the key block.
\n You can also import a root public key certificate, used to sign other public key certificates, or a trusted public key certificate under an already established root public key certificate.
\n \n To import a public root key certificate\n
\n You can also import a root public key certificate, used to sign other public key certificates, or a trusted public key certificate under an already established root public key certificate.
\n \n To import a public root key certificate\n
\n Using this operation, you can import the public component (in PEM cerificate format) of your private root key. You can use the imported public root key certificate for digital signatures, for example signing wrapping key or signing key in TR-34, within your Amazon Web Services Payment Cryptography account.
\n Set the following parameters:
\n \n - \n
\n KeyMaterial: RootCertificatePublicKey\n
\n \n - \n
\n KeyClass: PUBLIC_KEY\n
\n \n - \n
\n KeyModesOfUse: Verify\n
\n \n - \n
\n KeyUsage: TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE\n
\n \n - \n
\n PublicKeyCertificate: The public key certificate in PEM format (base64 encoded) of the private root key under import.
\n \n
\n \n To import a trusted public key certificate\n
\n The root public key certificate must be in place and operational before you import a trusted public key certificate. Set the following parameters:
\n \n - \n
\n KeyMaterial: TrustedCertificatePublicKey\n
\n \n - \n
\n CertificateAuthorityPublicKeyIdentifier: KeyArn of the RootCertificatePublicKey.
\n \n - \n
\n KeyModesOfUse and KeyUsage: Corresponding to the cryptographic operations such as wrap, sign, or encrypt that you will allow the trusted public key certificate to perform.
\n \n - \n
\n PublicKeyCertificate: The trusted public key certificate in PEM format (base64 encoded) under import.
\n \n
\n \n To import KEK or ZMK using TR-34\n
\n Using this operation, you can import initial key using TR-34 asymmetric key exchange. In TR-34 terminology, the sending party of the key is called Key Distribution Host (KDH) and the receiving party of the key is called Key Receiving Device (KRD). During the key import process, KDH is the user who initiates the key import and KRD is Amazon Web Services Payment Cryptography who receives the key.
\n To initiate TR-34 key import, the KDH must obtain an import token by calling GetParametersForImport. This operation generates an encryption keypair for the purpose of key import, signs the key and returns back the wrapping key certificate (also known as KRD wrapping certificate) and the root certificate chain. The KDH must trust and install the KRD wrapping certificate on its HSM and use it to encrypt (wrap) the KDH key during TR-34 WrappedKeyBlock generation. The import token and associated KRD wrapping certificate expires after 7 days.
\n Next the KDH generates a key pair for the purpose of signing the encrypted KDH key and provides the public certificate of the signing key to Amazon Web Services Payment Cryptography. The KDH will also need to import the root certificate chain of the KDH signing certificate by calling ImportKey for RootCertificatePublicKey. For more information on TR-34 key import, see section Importing symmetric keys in the Amazon Web Services Payment Cryptography User Guide.
\n Set the following parameters:
\n \n - \n
\n KeyMaterial: Use Tr34KeyBlock parameters.
\n \n - \n
\n CertificateAuthorityPublicKeyIdentifier: The KeyARN of the certificate chain that signed the KDH signing key certificate.
\n \n - \n
\n ImportToken: Obtained from KRD by calling GetParametersForImport.
\n \n - \n
\n WrappedKeyBlock: The TR-34 wrapped key material from KDH. It contains the KDH key under import, wrapped with KRD wrapping certificate and signed by KDH signing private key. This TR-34 key block is typically generated by the KDH Hardware Security Module (HSM) outside of Amazon Web Services Payment Cryptography.
\n \n - \n
\n SigningKeyCertificate: The public key certificate in PEM format (base64 encoded) of the KDH signing key generated under the root certificate (CertificateAuthorityPublicKeyIdentifier) imported in Amazon Web Services Payment Cryptography.
\n \n
\n \n To import WK (Working Key) using TR-31\n
\n Amazon Web Services Payment Cryptography uses TR-31 symmetric key exchange norm to import working keys. A KEK must be established within Amazon Web Services Payment Cryptography by using TR-34 key import or by using CreateKey. To initiate a TR-31 key import, set the following parameters:
\n \n - \n
\n KeyMaterial: Use Tr31KeyBlock parameters.
\n \n - \n
\n WrappedKeyBlock: The TR-31 wrapped key material. It contains the key under import, encrypted using KEK. The TR-31 key block is typically generated by a HSM outside of Amazon Web Services Payment Cryptography.
\n \n - \n
\n WrappingKeyIdentifier: The KeyArn of the KEK that Amazon Web Services Payment Cryptography uses to decrypt or unwrap the key under import.
\n \n
\n \n Cross-account use: This operation can't be used across different Amazon Web Services accounts.
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Imports symmetric keys and public key certificates in PEM format (base64 encoded) into Amazon Web Services Payment Cryptography.
\n Amazon Web Services Payment Cryptography simplifies key exchange by replacing the existing paper-based approach with a modern electronic approach. With ImportKey you can import symmetric keys using either symmetric and asymmetric key exchange mechanisms.
\n For symmetric key exchange, Amazon Web Services Payment Cryptography uses the ANSI X9 TR-31 norm in accordance with PCI PIN guidelines. And for asymmetric key exchange, Amazon Web Services Payment Cryptography supports ANSI X9 TR-34 norm and RSA wrap and unwrap key exchange mechanisms. Asymmetric key exchange methods are typically used to establish bi-directional trust between the two parties exhanging keys and are used for initial key exchange such as Key Encryption Key (KEK) or Zone Master Key (ZMK). After which you can import working keys using symmetric method to perform various cryptographic operations within Amazon Web Services Payment Cryptography.
\n The TR-34 norm is intended for exchanging 3DES keys only and keys are imported in a WrappedKeyBlock format. Key attributes (such as KeyUsage, KeyAlgorithm, KeyModesOfUse, Exportability) are contained within the key block. With RSA wrap and unwrap, you can exchange both 3DES and AES-128 keys. The keys are imported in a WrappedKeyCryptogram format and you will need to specify the key attributes during import.
\n You can also import a root public key certificate, used to sign other public key certificates, or a trusted public key certificate under an already established root public key certificate.
\n \n To import a public root key certificate\n
\n You can also import a root public key certificate, used to sign other public key certificates, or a trusted public key certificate under an already established root public key certificate.
\n \n To import a public root key certificate\n
\n Using this operation, you can import the public component (in PEM cerificate format) of your private root key. You can use the imported public root key certificate for digital signatures, for example signing wrapping key or signing key in TR-34, within your Amazon Web Services Payment Cryptography account.
\n Set the following parameters:
\n \n - \n
\n KeyMaterial: RootCertificatePublicKey\n
\n \n - \n
\n KeyClass: PUBLIC_KEY\n
\n \n - \n
\n KeyModesOfUse: Verify\n
\n \n - \n
\n KeyUsage: TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE\n
\n \n - \n
\n PublicKeyCertificate: The public key certificate in PEM format (base64 encoded) of the private root key under import.
\n \n
\n \n To import a trusted public key certificate\n
\n The root public key certificate must be in place and operational before you import a trusted public key certificate. Set the following parameters:
\n \n - \n
\n KeyMaterial: TrustedCertificatePublicKey\n
\n \n - \n
\n CertificateAuthorityPublicKeyIdentifier: KeyArn of the RootCertificatePublicKey.
\n \n - \n
\n KeyModesOfUse and KeyUsage: Corresponding to the cryptographic operations such as wrap, sign, or encrypt that you will allow the trusted public key certificate to perform.
\n \n - \n
\n PublicKeyCertificate: The trusted public key certificate in PEM format (base64 encoded) under import.
\n \n
\n \n To import initial keys (KEK or ZMK or similar) using TR-34\n
\n Using this operation, you can import initial key using TR-34 asymmetric key exchange. In TR-34 terminology, the sending party of the key is called Key Distribution Host (KDH) and the receiving party of the key is called Key Receiving Device (KRD). During the key import process, KDH is the user who initiates the key import and KRD is Amazon Web Services Payment Cryptography who receives the key.
\n To initiate TR-34 key import, the KDH must obtain an import token by calling GetParametersForImport. This operation generates an encryption keypair for the purpose of key import, signs the key and returns back the wrapping key certificate (also known as KRD wrapping certificate) and the root certificate chain. The KDH must trust and install the KRD wrapping certificate on its HSM and use it to encrypt (wrap) the KDH key during TR-34 WrappedKeyBlock generation. The import token and associated KRD wrapping certificate expires after 7 days.
\n Next the KDH generates a key pair for the purpose of signing the encrypted KDH key and provides the public certificate of the signing key to Amazon Web Services Payment Cryptography. The KDH will also need to import the root certificate chain of the KDH signing certificate by calling ImportKey for RootCertificatePublicKey. For more information on TR-34 key import, see section Importing symmetric keys in the Amazon Web Services Payment Cryptography User Guide.
\n Set the following parameters:
\n \n - \n
\n KeyMaterial: Use Tr34KeyBlock parameters.
\n \n - \n
\n CertificateAuthorityPublicKeyIdentifier: The KeyARN of the certificate chain that signed the KDH signing key certificate.
\n \n - \n
\n ImportToken: Obtained from KRD by calling GetParametersForImport.
\n \n - \n
\n WrappedKeyBlock: The TR-34 wrapped key material from KDH. It contains the KDH key under import, wrapped with KRD wrapping certificate and signed by KDH signing private key. This TR-34 key block is typically generated by the KDH Hardware Security Module (HSM) outside of Amazon Web Services Payment Cryptography.
\n \n - \n
\n SigningKeyCertificate: The public key certificate in PEM format (base64 encoded) of the KDH signing key generated under the root certificate (CertificateAuthorityPublicKeyIdentifier) imported in Amazon Web Services Payment Cryptography.
\n \n
\n \n To import initial keys (KEK or ZMK or similar) using RSA Wrap and Unwrap\n
\n Using this operation, you can import initial key using asymmetric RSA wrap and unwrap key exchange method. To initiate import, call GetParametersForImport with KeyMaterial set to KEY_CRYPTOGRAM to generate an import token. This operation also generates an encryption keypair for the purpose of key import, signs the key and returns back the wrapping key certificate in PEM format (base64 encoded) and its root certificate chain. The import token and associated KRD wrapping certificate expires after 7 days.
\n You must trust and install the wrapping certificate and its certificate chain on the sending HSM and use it to wrap the key under export for WrappedKeyCryptogram generation. Next call ImportKey with KeyMaterial set to KEY_CRYPTOGRAM and provide the ImportToken and KeyAttributes for the key under import.
\n \n To import working keys using TR-31\n
\n Amazon Web Services Payment Cryptography uses TR-31 symmetric key exchange norm to import working keys. A KEK must be established within Amazon Web Services Payment Cryptography by using TR-34 key import or by using CreateKey. To initiate a TR-31 key import, set the following parameters:
\n \n - \n
\n KeyMaterial: Use Tr31KeyBlock parameters.
\n \n - \n
\n WrappedKeyBlock: The TR-31 wrapped key material. It contains the key under import, encrypted using KEK. The TR-31 key block is typically generated by a HSM outside of Amazon Web Services Payment Cryptography.
\n \n - \n
\n WrappingKeyIdentifier: The KeyArn of the KEK that Amazon Web Services Payment Cryptography uses to decrypt or unwrap the key under import.
\n \n
\n \n Cross-account use: This operation can't be used across different Amazon Web Services accounts.
\n \n Related operations:\n
\n "
+ }
+ },
+ "com.amazonaws.paymentcryptography#ImportKeyCryptogram": {
+ "type": "structure",
+ "members": {
+ "KeyAttributes": {
+ "target": "com.amazonaws.paymentcryptography#KeyAttributes",
+ "traits": {
+ "smithy.api#required": {}
+ }
+ },
+ "Exportable": {
+ "target": "smithy.api#Boolean",
+ "traits": {
+ "smithy.api#documentation": "Specifies whether the key is exportable from the service.
",
+ "smithy.api#required": {}
+ }
+ },
+ "WrappedKeyCryptogram": {
+ "target": "com.amazonaws.paymentcryptography#WrappedKeyCryptogram",
+ "traits": {
+ "smithy.api#documentation": "The RSA wrapped key cryptogram under import.
",
+ "smithy.api#required": {}
+ }
+ },
+ "ImportToken": {
+ "target": "com.amazonaws.paymentcryptography#ImportTokenId",
+ "traits": {
+ "smithy.api#documentation": "The import token that initiates key import using the asymmetric RSA wrap and unwrap key exchange method into AWS Payment Cryptography. It expires after 7 days. You can use the same import token to import multiple keys to the same service account.
",
+ "smithy.api#required": {}
+ }
+ },
+ "WrappingSpec": {
+ "target": "com.amazonaws.paymentcryptography#WrappingKeySpec",
+ "traits": {
+ "smithy.api#documentation": "The wrapping spec for the wrapped key cryptogram.
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "Parameter information for key material import using asymmetric RSA wrap and unwrap key exchange method.
"
}
},
"com.amazonaws.paymentcryptography#ImportKeyInput": {
@@ -1185,10 +1260,16 @@
"traits": {
"smithy.api#documentation": "Parameter information for key material import using the asymmetric TR-34 key exchange method.
"
}
+ },
+ "KeyCryptogram": {
+ "target": "com.amazonaws.paymentcryptography#ImportKeyCryptogram",
+ "traits": {
+ "smithy.api#documentation": "Parameter information for key material import using asymmetric RSA wrap and unwrap key exchange method.
"
+ }
}
},
"traits": {
- "smithy.api#documentation": "Parameter information for key material import into Amazon Web Services Payment Cryptography using TR-31 or TR-34 key exchange method.
"
+ "smithy.api#documentation": "Parameter information for key material import into Amazon Web Services Payment Cryptography using TR-31 or TR-34 or RSA wrap and unwrap key exchange method.
"
}
},
"com.amazonaws.paymentcryptography#ImportKeyOutput": {
@@ -1608,6 +1689,10 @@
{
"value": "TRUSTED_PUBLIC_KEY_CERTIFICATE",
"name": "TRUSTED_PUBLIC_KEY_CERTIFICATE"
+ },
+ {
+ "value": "KEY_CRYPTOGRAM",
+ "name": "KEY_CRYPTOGRAM"
}
]
}
@@ -1881,6 +1966,10 @@
"value": "TR31_M3_ISO_9797_3_MAC_KEY",
"name": "TR31_M3_ISO_9797_3_MAC_KEY"
},
+ {
+ "value": "TR31_M1_ISO_9797_1_MAC_KEY",
+ "name": "TR31_M1_ISO_9797_1_MAC_KEY"
+ },
{
"value": "TR31_M6_ISO_9797_5_CMAC_KEY",
"name": "TR31_M6_ISO_9797_5_CMAC_KEY"
@@ -3610,6 +3699,16 @@
"smithy.api#documentation": "Parameter information for generating a WrappedKeyBlock for key exchange.
"
}
},
+ "com.amazonaws.paymentcryptography#WrappedKeyCryptogram": {
+ "type": "string",
+ "traits": {
+ "smithy.api#length": {
+ "min": 16,
+ "max": 4096
+ },
+ "smithy.api#pattern": "^[0-9A-F]+$"
+ }
+ },
"com.amazonaws.paymentcryptography#WrappedKeyMaterialFormat": {
"type": "string",
"traits": {
@@ -3628,6 +3727,21 @@
}
]
}
+ },
+ "com.amazonaws.paymentcryptography#WrappingKeySpec": {
+ "type": "string",
+ "traits": {
+ "smithy.api#enum": [
+ {
+ "value": "RSA_OAEP_SHA_256",
+ "name": "RSA_OAEP_SHA_256"
+ },
+ {
+ "value": "RSA_OAEP_SHA_512",
+ "name": "RSA_OAEP_SHA_512"
+ }
+ ]
+ }
}
}
}
\ No newline at end of file
diff --git a/codegen/sdk-codegen/aws-models/personalize-runtime.json b/codegen/sdk-codegen/aws-models/personalize-runtime.json
index 889b4919e6f..e3e39c56d69 100644
--- a/codegen/sdk-codegen/aws-models/personalize-runtime.json
+++ b/codegen/sdk-codegen/aws-models/personalize-runtime.json
@@ -980,7 +980,7 @@
"metadataColumns": {
"target": "com.amazonaws.personalizeruntime#MetadataColumns",
"traits": {
- "smithy.api#documentation": "If you enabled metadata in recommendations when you created or updated the campaign, specify metadata columns from your Items dataset to include\n in the personalized ranking.\n The map key is ITEMS and the value is a list of column names from your Items dataset.\n The maximum number of columns you can provide is 10.
\n \n For information about enabling metadata for a campaign, see Enabling metadata in recommendations for a campaign.\n
"
+ "smithy.api#documentation": "If you enabled metadata in recommendations when you created or updated the campaign, specify metadata columns from your Items dataset to include\n in the personalized ranking.\n The map key is ITEMS and the value is a list of column names from your Items dataset.\n The maximum number of columns you can provide is 10.
\n \n For information about enabling metadata for a campaign, see Enabling metadata in recommendations for a campaign.\n
"
}
}
},
@@ -1095,7 +1095,7 @@
"metadataColumns": {
"target": "com.amazonaws.personalizeruntime#MetadataColumns",
"traits": {
- "smithy.api#documentation": "If you enabled metadata in recommendations when you created or updated the campaign or recommender, specify the metadata columns from your Items dataset to include in item recommendations. \n The map key is ITEMS and the value is a list of column names from your Items dataset.\n The maximum number of columns you can provide is 10.
\n \n For information about enabling metadata for a campaign, see Enabling metadata in recommendations for a campaign.\n For information about enabling metadata for a recommender, see Enabling metadata in recommendations for a recommender.\n
"
+ "smithy.api#documentation": "If you enabled metadata in recommendations when you created or updated the campaign or recommender, specify the metadata columns from your Items dataset to include in item recommendations. \n The map key is ITEMS and the value is a list of column names from your Items dataset.\n The maximum number of columns you can provide is 10.
\n \n For information about enabling metadata for a campaign, see Enabling metadata in recommendations for a campaign.\n For information about enabling metadata for a recommender, see Enabling metadata in recommendations for a recommender.\n
"
}
}
},
diff --git a/codegen/sdk-codegen/aws-models/personalize.json b/codegen/sdk-codegen/aws-models/personalize.json
index bbcd1a9841d..fb7d5c65146 100644
--- a/codegen/sdk-codegen/aws-models/personalize.json
+++ b/codegen/sdk-codegen/aws-models/personalize.json
@@ -1649,7 +1649,7 @@
"enableMetadataWithRecommendations": {
"target": "com.amazonaws.personalize#Boolean",
"traits": {
- "smithy.api#documentation": "Whether metadata with recommendations is enabled for the campaign. \n If enabled, you can specify the columns from your Items dataset in your request for recommendations. Amazon Personalize returns this data for each item in the recommendation response.
\n \n If you enable metadata in recommendations, you will incur additional costs. For more information, see Amazon Personalize pricing.\n
"
+ "smithy.api#documentation": "Whether metadata with recommendations is enabled for the campaign. \n If enabled, you can specify the columns from your Items dataset in your request for recommendations. Amazon Personalize returns this data for each item in the recommendation response.\n For information about enabling metadata for a campaign, see Enabling metadata in recommendations for a campaign.
\n \n If you enable metadata in recommendations, you will incur additional costs. For more information, see Amazon Personalize pricing.\n
"
}
}
},
@@ -2153,7 +2153,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Creates a campaign that deploys a solution version. When a client calls the\n GetRecommendations\n and\n GetPersonalizedRanking\n APIs, a campaign is specified in the request.
\n \n Minimum Provisioned TPS and Auto-Scaling\n
\n \n A high minProvisionedTPS will increase your bill. We recommend starting with 1 for minProvisionedTPS (the default). Track\n your usage using Amazon CloudWatch metrics, and increase the minProvisionedTPS\n as necessary.
\n \n A transaction is a single GetRecommendations or\n GetPersonalizedRanking call. Transactions per second (TPS) is the throughput\n and unit of billing for Amazon Personalize. The minimum provisioned TPS\n (minProvisionedTPS) specifies the baseline throughput provisioned by\n Amazon Personalize, and thus, the minimum billing charge. \n
\n \n If your TPS increases beyond\n minProvisionedTPS, Amazon Personalize auto-scales the provisioned capacity up and down,\n but never below minProvisionedTPS.\n There's a short time delay while the capacity is increased that might cause loss of\n transactions.
\n The actual TPS used is calculated as the average requests/second within a 5-minute window.\n You pay for maximum of either the minimum provisioned TPS or the actual TPS.\n We recommend starting with a low minProvisionedTPS, track\n your usage using Amazon CloudWatch metrics, and then increase the minProvisionedTPS\n as necessary.
\n \n Status\n
\n A campaign can be in one of the following states:
\n \n To get the campaign status, call DescribeCampaign.
\n \n Wait until the status of the campaign\n is ACTIVE before asking the campaign for recommendations.
\n \n \n Related APIs\n
\n ",
+ "smithy.api#documentation": "Creates a campaign that deploys a solution version. When a client calls the\n GetRecommendations\n and\n GetPersonalizedRanking\n APIs, a campaign is specified in the request.
\n \n Minimum Provisioned TPS and Auto-Scaling\n
\n \n A high minProvisionedTPS will increase your cost. We recommend starting with 1 for minProvisionedTPS (the default). Track\n your usage using Amazon CloudWatch metrics, and increase the minProvisionedTPS\n as necessary.
\n \n \n When you create an Amazon Personalize campaign, you can specify the minimum provisioned transactions per second\n (minProvisionedTPS) for the campaign. This is the baseline transaction throughput for the campaign provisioned by\n Amazon Personalize. It sets the minimum billing charge for the campaign while it is active. A transaction is a single GetRecommendations or\n GetPersonalizedRanking request. The default minProvisionedTPS is 1.
\n If your TPS increases beyond the minProvisionedTPS, Amazon Personalize auto-scales the provisioned capacity up\n and down, but never below minProvisionedTPS. \n There's a short time delay while the capacity is increased\n that might cause loss of transactions. When your traffic reduces, capacity returns to the minProvisionedTPS.\n
\n You are charged for the\n the minimum provisioned TPS or, if your requests exceed the minProvisionedTPS, the actual TPS. \n The actual TPS is the total number of recommendation requests you make.\n We recommend starting with a low minProvisionedTPS, track\n your usage using Amazon CloudWatch metrics, and then increase the minProvisionedTPS as necessary.
\n For more information about campaign costs, see Amazon Personalize pricing.
\n \n Status\n
\n A campaign can be in one of the following states:
\n \n To get the campaign status, call DescribeCampaign.
\n \n Wait until the status of the campaign\n is ACTIVE before asking the campaign for recommendations.
\n \n \n Related APIs\n
\n ",
"smithy.api#idempotent": {}
}
},
@@ -3024,13 +3024,13 @@
"target": "com.amazonaws.personalize#PerformAutoML",
"traits": {
"smithy.api#default": false,
- "smithy.api#documentation": "\n We don't recommend enabling automated machine learning. Instead, match your use case to the available Amazon Personalize \n recipes. For more information, see Determining your use case.\n
\n \n Whether to perform automated machine learning (AutoML). The default is false.\n For this case, you must specify recipeArn.
\n When set to true, Amazon Personalize analyzes your training data and selects\n the optimal USER_PERSONALIZATION recipe and hyperparameters. In this case, you must omit\n recipeArn. Amazon Personalize determines the optimal recipe by running tests with\n different values for the hyperparameters.\n AutoML lengthens the training process as compared to selecting a specific recipe.
"
+ "smithy.api#documentation": "\n We don't recommend enabling automated machine learning. Instead, match your use case to the available Amazon Personalize \n recipes. For more information, see Choosing a recipe.
\n \n Whether to perform automated machine learning (AutoML). The default is false.\n For this case, you must specify recipeArn.
\n When set to true, Amazon Personalize analyzes your training data and selects\n the optimal USER_PERSONALIZATION recipe and hyperparameters. In this case, you must omit\n recipeArn. Amazon Personalize determines the optimal recipe by running tests with\n different values for the hyperparameters.\n AutoML lengthens the training process as compared to selecting a specific recipe.
"
}
},
"recipeArn": {
"target": "com.amazonaws.personalize#Arn",
"traits": {
- "smithy.api#documentation": "The ARN of the recipe to use for model training. This is required when\n performAutoML is false.
"
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the recipe to use for model training. This is required when\n performAutoML is false. For information about different Amazon Personalize recipes and their ARNs, \n see Choosing a recipe.\n \n
"
}
},
"datasetGroupArn": {
@@ -7706,7 +7706,7 @@
"enableMetadataWithRecommendations": {
"target": "com.amazonaws.personalize#Boolean",
"traits": {
- "smithy.api#documentation": "Whether metadata with recommendations is enabled for the recommender. \n If enabled, you can specify the columns from your Items dataset in your request for recommendations. Amazon Personalize returns this data for each item in the recommendation response.
\n \n If you enable metadata in recommendations, you will incur additional costs. For more information, see Amazon Personalize pricing.\n
"
+ "smithy.api#documentation": "Whether metadata with recommendations is enabled for the recommender. \n If enabled, you can specify the columns from your Items dataset in your request for recommendations. Amazon Personalize returns this data for each item in the recommendation response. \n For information about enabling metadata for a recommender, see Enabling metadata in recommendations for a recommender.
\n \n If you enable metadata in recommendations, you will incur additional costs. For more information, see Amazon Personalize pricing.\n
"
}
}
},
diff --git a/codegen/sdk-codegen/aws-models/qconnect.json b/codegen/sdk-codegen/aws-models/qconnect.json
index 83508b15623..08f8ee49d72 100644
--- a/codegen/sdk-codegen/aws-models/qconnect.json
+++ b/codegen/sdk-codegen/aws-models/qconnect.json
@@ -2642,6 +2642,9 @@
}
],
"traits": {
+ "smithy.api#deprecated": {
+ "message": "GetRecommendations API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications."
+ },
"smithy.api#documentation": "Retrieves recommendations for the specified session. To avoid retrieving the same\n recommendations in subsequent calls, use NotifyRecommendationsReceived. This API supports long-polling behavior with the\n waitTimeSeconds parameter. Short poll is the default behavior and only returns\n recommendations already available. To perform a manual query against an assistant, use QueryAssistant.
",
"smithy.api#http": {
"uri": "/assistants/{assistantId}/sessions/{sessionId}/recommendations",
@@ -4235,6 +4238,9 @@
}
],
"traits": {
+ "smithy.api#deprecated": {
+ "message": "QueryAssistant API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications."
+ },
"smithy.api#documentation": "Performs a manual search against the specified assistant. To retrieve recommendations for\n an assistant, use GetRecommendations.\n
",
"smithy.api#http": {
"uri": "/assistants/{assistantId}/query",
@@ -5728,7 +5734,8 @@
"outputToken": "nextToken",
"pageSize": "maxResults",
"items": "results"
- }
+ },
+ "smithy.api#readonly": {}
}
},
"com.amazonaws.qconnect#SearchQuickResponsesRequest": {
diff --git a/codegen/sdk-codegen/aws-models/redshift-serverless.json b/codegen/sdk-codegen/aws-models/redshift-serverless.json
index b567e038396..825fedc9a6a 100644
--- a/codegen/sdk-codegen/aws-models/redshift-serverless.json
+++ b/codegen/sdk-codegen/aws-models/redshift-serverless.json
@@ -77,7 +77,7 @@
"parameterKey": {
"target": "com.amazonaws.redshiftserverless#ParameterKey",
"traits": {
- "smithy.api#documentation": "The key of the parameter. The\n options are auto_mv, datestyle, enable_case_sensitive_identifier, enable_user_activity_logging,\n query_group, search_path, and query monitoring metrics that let \n you define performance boundaries. For more information about query monitoring rules and available metrics, see \n Query monitoring metrics for Amazon Redshift Serverless.
"
+ "smithy.api#documentation": "The key of the parameter. The\n options are auto_mv, datestyle, enable_case_sensitive_identifier, enable_user_activity_logging,\n query_group, search_path, require_ssl, and query monitoring metrics that let \n you define performance boundaries. For more information about query monitoring rules and available metrics, see \n Query monitoring metrics for Amazon Redshift Serverless.
"
}
},
"parameterValue": {
@@ -951,7 +951,7 @@
"configParameters": {
"target": "com.amazonaws.redshiftserverless#ConfigParameterList",
"traits": {
- "smithy.api#documentation": "An array of parameters to set for advanced control over a database. The\n options are auto_mv, datestyle, enable_case_sensitive_identifier, enable_user_activity_logging,\n query_group, search_path, and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see \n \n Query monitoring metrics for Amazon Redshift Serverless.
"
+ "smithy.api#documentation": "An array of parameters to set for advanced control over a database. The\n options are auto_mv, datestyle, enable_case_sensitive_identifier, enable_user_activity_logging,\n query_group, search_path, require_ssl, and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see \n \n Query monitoring metrics for Amazon Redshift Serverless.
"
}
},
"securityGroupIds": {
@@ -6468,7 +6468,7 @@
"configParameters": {
"target": "com.amazonaws.redshiftserverless#ConfigParameterList",
"traits": {
- "smithy.api#documentation": "An array of parameters to set for advanced control over a database. The\n options are auto_mv, datestyle, enable_case_sensitive_identifier, enable_user_activity_logging,\n query_group, search_path, and query monitoring metrics that let you \n define performance boundaries. For more information about query monitoring rules and available metrics, see \n \n Query monitoring metrics for Amazon Redshift Serverless.
"
+ "smithy.api#documentation": "An array of parameters to set for advanced control over a database. The\n options are auto_mv, datestyle, enable_case_sensitive_identifier, enable_user_activity_logging,\n query_group, search_path, require_ssl, and query monitoring metrics that let you \n define performance boundaries. For more information about query monitoring rules and available metrics, see \n \n Query monitoring metrics for Amazon Redshift Serverless.
"
}
},
"publiclyAccessible": {
@@ -6787,7 +6787,7 @@
"configParameters": {
"target": "com.amazonaws.redshiftserverless#ConfigParameterList",
"traits": {
- "smithy.api#documentation": "An array of parameters to set for advanced control over a database. The\n options are auto_mv, datestyle, enable_case_sensitive_identifier, enable_user_activity_logging,\n query_group, search_path, and query monitoring metrics that let you define performance boundaries. \n For more information about query monitoring rules and available metrics, see Query monitoring metrics for Amazon Redshift Serverless.
"
+ "smithy.api#documentation": "An array of parameters to set for advanced control over a database. The\n options are auto_mv, datestyle, enable_case_sensitive_identifier, enable_user_activity_logging,\n query_group, search_path, require_ssl, and query monitoring metrics that let you define performance boundaries. \n For more information about query monitoring rules and available metrics, see Query monitoring metrics for Amazon Redshift Serverless.
"
}
},
"securityGroupIds": {
diff --git a/codegen/sdk-codegen/aws-models/rekognition.json b/codegen/sdk-codegen/aws-models/rekognition.json
index 2b61d6d097c..de18bed9573 100644
--- a/codegen/sdk-codegen/aws-models/rekognition.json
+++ b/codegen/sdk-codegen/aws-models/rekognition.json
@@ -217,7 +217,7 @@
"AssociatedFaces": {
"target": "com.amazonaws.rekognition#AssociatedFacesList",
"traits": {
- "smithy.api#documentation": "An array of AssociatedFace objects containing FaceIDs that are successfully associated\n with the UserID is returned. Returned if the AssociateFaces action is successful.
"
+ "smithy.api#documentation": "An array of AssociatedFace objects containing FaceIDs that have been successfully associated\n with the UserID. Returned if the AssociateFaces action is successful.
"
}
},
"UnsuccessfulFaceAssociations": {
@@ -1179,6 +1179,38 @@
}
}
},
+ "com.amazonaws.rekognition#ContentType": {
+ "type": "structure",
+ "members": {
+ "Confidence": {
+ "target": "com.amazonaws.rekognition#Percent",
+ "traits": {
+ "smithy.api#documentation": "The confidence level of the label given
"
+ }
+ },
+ "Name": {
+ "target": "com.amazonaws.rekognition#String",
+ "traits": {
+ "smithy.api#documentation": "The name of the label
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "Contains information regarding the confidence and name of a detected content type.
"
+ }
+ },
+ "com.amazonaws.rekognition#ContentTypes": {
+ "type": "list",
+ "member": {
+ "target": "com.amazonaws.rekognition#ContentType"
+ },
+ "traits": {
+ "smithy.api#length": {
+ "min": 0,
+ "max": 50
+ }
+ }
+ },
"com.amazonaws.rekognition#CopyProjectVersion": {
"type": "operation",
"input": {
@@ -3671,7 +3703,7 @@
}
],
"traits": {
- "smithy.api#documentation": "\n This operation applies only to Amazon Rekognition Custom Labels.
\n \n Detects custom labels in a supplied image by using an Amazon Rekognition Custom Labels model.
\n You specify which version of a model version to use by using the ProjectVersionArn input\n parameter.
\n You pass the input image as base64-encoded image bytes or as a reference to an image in\n an Amazon S3 bucket. If you use the AWS CLI to call Amazon Rekognition operations, passing\n image bytes is not supported. The image must be either a PNG or JPEG formatted file.
\n For each object that the model version detects on an image, the API returns a \n (CustomLabel) object in an array (CustomLabels).\n Each CustomLabel object provides the label name (Name), the level\n of confidence that the image contains the object (Confidence), and \n object location information, if it exists, for the label on the image (Geometry).
\n To filter labels that are returned, specify a value for MinConfidence.\n DetectCustomLabelsLabels only returns labels with a confidence that's higher than\n the specified value.\n\n The value of MinConfidence maps to the assumed threshold values\n created during training. For more information, see Assumed threshold\n in the Amazon Rekognition Custom Labels Developer Guide. \n Amazon Rekognition Custom Labels metrics expresses an assumed threshold as a floating point value between 0-1. The range of\n MinConfidence normalizes the threshold value to a percentage value (0-100). Confidence\n responses from DetectCustomLabels are also returned as a percentage. \n You can use MinConfidence to change the precision and recall or your model. \n For more information, see \n Analyzing an image in the Amazon Rekognition Custom Labels Developer Guide.
\n If you don't specify a value for MinConfidence, DetectCustomLabels\n returns labels based on the assumed threshold of each label.
\n This is a stateless API operation. That is, the operation does not persist any\n data.
\n This operation requires permissions to perform the\n rekognition:DetectCustomLabels action.
\n For more information, see \n Analyzing an image in the Amazon Rekognition Custom Labels Developer Guide.
",
+ "smithy.api#documentation": "\n This operation applies only to Amazon Rekognition Custom Labels.
\n \n Detects custom labels in a supplied image by using an Amazon Rekognition Custom Labels model.
\n You specify which version of a model version to use by using the ProjectVersionArn input\n parameter.
\n You pass the input image as base64-encoded image bytes or as a reference to an image in\n an Amazon S3 bucket. If you use the AWS CLI to call Amazon Rekognition operations, passing\n image bytes is not supported. The image must be either a PNG or JPEG formatted file.
\n For each object that the model version detects on an image, the API returns a\n (CustomLabel) object in an array (CustomLabels). Each\n CustomLabel object provides the label name (Name), the level\n of confidence that the image contains the object (Confidence), and object\n location information, if it exists, for the label on the image (Geometry).\n Note that for the DetectCustomLabelsLabels operation, Polygons\n are not returned in the Geometry section of the response.
\n To filter labels that are returned, specify a value for MinConfidence.\n DetectCustomLabelsLabels only returns labels with a confidence that's higher than\n the specified value.\n\n The value of MinConfidence maps to the assumed threshold values\n created during training. For more information, see Assumed threshold\n in the Amazon Rekognition Custom Labels Developer Guide. \n Amazon Rekognition Custom Labels metrics expresses an assumed threshold as a floating point value between 0-1. The range of\n MinConfidence normalizes the threshold value to a percentage value (0-100). Confidence\n responses from DetectCustomLabels are also returned as a percentage. \n You can use MinConfidence to change the precision and recall or your model. \n For more information, see \n Analyzing an image in the Amazon Rekognition Custom Labels Developer Guide.
\n If you don't specify a value for MinConfidence, DetectCustomLabels\n returns labels based on the assumed threshold of each label.
\n This is a stateless API operation. That is, the operation does not persist any\n data.
\n This operation requires permissions to perform the\n rekognition:DetectCustomLabels action.
\n For more information, see \n Analyzing an image in the Amazon Rekognition Custom Labels Developer Guide.
",
"smithy.api#examples": [
{
"title": "To detect custom labels in an image with an Amazon Rekognition Custom Labels model",
@@ -4308,6 +4340,12 @@
"traits": {
"smithy.api#documentation": "Identifier of the custom adapter that was used during inference. If\n during inference the adapter was EXPIRED, then the parameter will not be returned,\n indicating that a base moderation detection project version was used.
"
}
+ },
+ "ContentTypes": {
+ "target": "com.amazonaws.rekognition#ContentTypes",
+ "traits": {
+ "smithy.api#documentation": "A list of predicted results for the type of content an image contains. For example, \n the image content might be from animation, sports, or a video game.
"
+ }
}
},
"traits": {
@@ -9641,6 +9679,20 @@
"smithy.api#documentation": "Summary that provides statistics on input manifest and errors identified in the input manifest.
"
}
},
+ "com.amazonaws.rekognition#MediaAnalysisModelVersions": {
+ "type": "structure",
+ "members": {
+ "Moderation": {
+ "target": "com.amazonaws.rekognition#String",
+ "traits": {
+ "smithy.api#documentation": "The Moderation base model version.
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "Object containing information about the model versions of selected features in a given job.
"
+ }
+ },
"com.amazonaws.rekognition#MediaAnalysisOperationsConfig": {
"type": "structure",
"members": {
@@ -9681,6 +9733,12 @@
"members": {
"S3Object": {
"target": "com.amazonaws.rekognition#S3Object"
+ },
+ "ModelVersions": {
+ "target": "com.amazonaws.rekognition#MediaAnalysisModelVersions",
+ "traits": {
+ "smithy.api#documentation": "Information about the model versions for the features selected in a given job.
"
+ }
}
},
"traits": {
@@ -9726,6 +9784,12 @@
"traits": {
"smithy.api#documentation": "The name for the parent label. Labels at the top level of the hierarchy have the parent\n label \"\".
"
}
+ },
+ "TaxonomyLevel": {
+ "target": "com.amazonaws.rekognition#UInteger",
+ "traits": {
+ "smithy.api#documentation": "The level of the moderation label with regard to its taxonomy, from 1 to 3.
"
+ }
}
},
"traits": {
@@ -11247,7 +11311,7 @@
"name": "rekognition"
},
"aws.protocols#awsJson1_1": {},
- "smithy.api#documentation": "This is the API Reference for Amazon Rekognition Image, Amazon Rekognition Custom Labels,\n Amazon Rekognition Stored\n Video, Amazon Rekognition Streaming Video. It provides descriptions of actions, data types, common\n parameters, and common errors.
\n \n Amazon Rekognition Image\n
\n \n \n Amazon Rekognition Custom Labels\n
\n \n \n Amazon Rekognition Video Stored Video\n
\n \n \n Amazon Rekognition Video Streaming Video\n
\n ",
+ "smithy.api#documentation": "This is the API Reference for Amazon Rekognition Image, Amazon Rekognition Custom Labels,\n Amazon Rekognition Stored\n Video, Amazon Rekognition Streaming Video. It provides descriptions of actions, data types, common\n parameters, and common errors.
\n \n Amazon Rekognition Image\n
\n \n \n Amazon Rekognition Custom Labels\n
\n \n \n Amazon Rekognition Video Stored Video\n
\n \n \n Amazon Rekognition Video Streaming Video\n
\n ",
"smithy.api#title": "Amazon Rekognition",
"smithy.rules#endpointRuleSet": {
"version": "1.0",
diff --git a/codegen/sdk-codegen/aws-models/route-53.json b/codegen/sdk-codegen/aws-models/route-53.json
index abbed34166d..069e70eb121 100644
--- a/codegen/sdk-codegen/aws-models/route-53.json
+++ b/codegen/sdk-codegen/aws-models/route-53.json
@@ -1625,6 +1625,15 @@
}
}
},
+ "com.amazonaws.route53#AWSRegion": {
+ "type": "string",
+ "traits": {
+ "smithy.api#length": {
+ "min": 1,
+ "max": 64
+ }
+ }
+ },
"com.amazonaws.route53#AccountLimit": {
"type": "structure",
"members": {
@@ -1800,7 +1809,7 @@
"HostedZoneId": {
"target": "com.amazonaws.route53#ResourceId",
"traits": {
- "smithy.api#documentation": "\n Alias resource records sets only: The value used depends on where\n\t\t\tyou want to route traffic:
\n \n - Amazon API Gateway custom regional APIs and edge-optimized APIs
\n - \n
Specify the hosted zone ID for your API. You can get the applicable value\n\t\t\t\t\t\tusing the CLI command get-domain-names:
\n \n - \n
For regional APIs, specify the value of\n\t\t\t\t\t\t\t\t\tregionalHostedZoneId.
\n \n - \n
For edge-optimized APIs, specify the value of\n\t\t\t\t\t\t\t\t\tdistributionHostedZoneId.
\n \n
\n \n - Amazon Virtual Private Cloud interface VPC endpoint
\n - \n
Specify the hosted zone ID for your interface endpoint. You can get the\n\t\t\t\t\t\tvalue of HostedZoneId using the CLI command\n\t\t\t\t\t\t\tdescribe-vpc-endpoints.
\n \n - CloudFront distribution
\n - \n
Specify Z2FDTNDATAQYW2.
\n \n Alias resource record sets for CloudFront can't be created in a\n\t\t\t\t\t\t\tprivate zone.
\n \n \n - Elastic Beanstalk environment
\n - \n
Specify the hosted zone ID for the region that you created the environment\n\t\t\t\t\t\tin. The environment must have a regionalized subdomain. For a list of\n\t\t\t\t\t\tregions and the corresponding hosted zone IDs, see Elastic Beanstalk endpoints and quotas in the the\n\t\t\t\t\t\t\tAmazon Web Services General Reference.
\n \n - ELB load balancer
\n - \n
Specify the value of the hosted zone ID for the load balancer. Use the\n\t\t\t\t\t\tfollowing methods to get the hosted zone ID:
\n \n - \n
\n Elastic Load Balancing endpoints and quotas topic in\n\t\t\t\t\t\t\t\tthe Amazon Web Services General Reference: Use\n\t\t\t\t\t\t\t\tthe value that corresponds with the region that you created your\n\t\t\t\t\t\t\t\tload balancer in. Note that there are separate columns for\n\t\t\t\t\t\t\t\tApplication and Classic Load Balancers and for Network Load\n\t\t\t\t\t\t\t\tBalancers.
\n \n - \n
\n Amazon Web Services Management Console: Go to the\n\t\t\t\t\t\t\t\tAmazon EC2 page, choose Load\n\t\t\t\t\t\t\t\t\tBalancers in the navigation pane, select the load\n\t\t\t\t\t\t\t\tbalancer, and get the value of the Hosted\n\t\t\t\t\t\t\t\t\tzone field on the Description tab.
\n \n - \n
\n Elastic Load Balancing API: Use\n\t\t\t\t\t\t\t\t\tDescribeLoadBalancers to get the applicable value.\n\t\t\t\t\t\t\t\tFor more information, see the applicable guide:
\n \n - \n
Classic Load Balancers: Use DescribeLoadBalancers to get the value of\n\t\t\t\t\t\t\t\t\t\t\tCanonicalHostedZoneNameId.
\n \n - \n
Application and Network Load Balancers: Use DescribeLoadBalancers to get the value of\n\t\t\t\t\t\t\t\t\t\t\tCanonicalHostedZoneId.
\n \n
\n \n - \n
\n CLI: Use\n\t\t\t\t\t\t\t\t\tdescribe-load-balancers to get the applicable\n\t\t\t\t\t\t\t\tvalue. For more information, see the applicable guide:
\n \n - \n
Classic Load Balancers: Use describe-load-balancers to get the value of\n\t\t\t\t\t\t\t\t\t\t\tCanonicalHostedZoneNameId.
\n \n - \n
Application and Network Load Balancers: Use describe-load-balancers to get the value of\n\t\t\t\t\t\t\t\t\t\t\tCanonicalHostedZoneId.
\n \n
\n \n
\n \n - Global Accelerator accelerator
\n - \n
Specify Z2BJ6XQ5FK7U4H.
\n \n - An Amazon S3 bucket configured as a static website
\n - \n
Specify the hosted zone ID for the region that you created the bucket in.\n\t\t\t\t\t\tFor more information about valid values, see the table Amazon S3\n\t\t\t\t\t\t\tWebsite Endpoints in the Amazon Web Services General\n\t\t\t\t\t\t\tReference.
\n \n - Another Route 53 resource record set in your hosted zone
\n - \n
Specify the hosted zone ID of your hosted zone. (An alias resource record\n\t\t\t\t\t\tset can't reference a resource record set in a different hosted\n\t\t\t\t\t\tzone.)
\n \n
",
+ "smithy.api#documentation": "\n Alias resource records sets only: The value used depends on where\n\t\t\tyou want to route traffic:
\n \n - Amazon API Gateway custom regional APIs and edge-optimized APIs
\n - \n
Specify the hosted zone ID for your API. You can get the applicable value\n\t\t\t\t\t\tusing the CLI command get-domain-names:
\n \n - \n
For regional APIs, specify the value of\n\t\t\t\t\t\t\t\t\tregionalHostedZoneId.
\n \n - \n
For edge-optimized APIs, specify the value of\n\t\t\t\t\t\t\t\t\tdistributionHostedZoneId.
\n \n
\n \n - Amazon Virtual Private Cloud interface VPC endpoint
\n - \n
Specify the hosted zone ID for your interface endpoint. You can get the\n\t\t\t\t\t\tvalue of HostedZoneId using the CLI command\n\t\t\t\t\t\t\tdescribe-vpc-endpoints.
\n \n - CloudFront distribution
\n - \n
Specify Z2FDTNDATAQYW2.
\n \n Alias resource record sets for CloudFront can't be created in a\n\t\t\t\t\t\t\tprivate zone.
\n \n \n - Elastic Beanstalk environment
\n - \n
Specify the hosted zone ID for the region that you created the environment in. The\n\t\t\t\t\t\tenvironment must have a regionalized subdomain. For a list of regions and\n\t\t\t\t\t\tthe corresponding hosted zone IDs, see Elastic Beanstalk\n\t\t\t\t\t\t\tendpoints and quotas in the Amazon Web Services\n\t\t\t\t\t\t\tGeneral Reference.
\n \n - ELB load balancer
\n - \n
Specify the value of the hosted zone ID for the load balancer. Use the\n\t\t\t\t\t\tfollowing methods to get the hosted zone ID:
\n \n - \n
\n Elastic Load Balancing endpoints and quotas topic in\n\t\t\t\t\t\t\t\tthe Amazon Web Services General Reference: Use\n\t\t\t\t\t\t\t\tthe value that corresponds with the region that you created your\n\t\t\t\t\t\t\t\tload balancer in. Note that there are separate columns for\n\t\t\t\t\t\t\t\tApplication and Classic Load Balancers and for Network Load\n\t\t\t\t\t\t\t\tBalancers.
\n \n - \n
\n Amazon Web Services Management Console: Go to the\n\t\t\t\t\t\t\t\tAmazon EC2 page, choose Load\n\t\t\t\t\t\t\t\t\tBalancers in the navigation pane, select the load\n\t\t\t\t\t\t\t\tbalancer, and get the value of the Hosted\n\t\t\t\t\t\t\t\t\tzone field on the Description tab.
\n \n - \n
\n Elastic Load Balancing API: Use\n\t\t\t\t\t\t\t\t\tDescribeLoadBalancers to get the applicable value.\n\t\t\t\t\t\t\t\tFor more information, see the applicable guide:
\n \n - \n
Classic Load Balancers: Use DescribeLoadBalancers to get the value of\n\t\t\t\t\t\t\t\t\t\t\tCanonicalHostedZoneNameId.
\n \n - \n
Application and Network Load Balancers: Use DescribeLoadBalancers to get the value of\n\t\t\t\t\t\t\t\t\t\t\tCanonicalHostedZoneId.
\n \n
\n \n - \n
\n CLI: Use\n\t\t\t\t\t\t\t\t\tdescribe-load-balancers to get the applicable\n\t\t\t\t\t\t\t\tvalue. For more information, see the applicable guide:
\n \n - \n
Classic Load Balancers: Use describe-load-balancers to get the value of\n\t\t\t\t\t\t\t\t\t\t\tCanonicalHostedZoneNameId.
\n \n - \n
Application and Network Load Balancers: Use describe-load-balancers to get the value of\n\t\t\t\t\t\t\t\t\t\t\tCanonicalHostedZoneId.
\n \n
\n \n
\n \n - Global Accelerator accelerator
\n - \n
Specify Z2BJ6XQ5FK7U4H.
\n \n - An Amazon S3 bucket configured as a static website
\n - \n
Specify the hosted zone ID for the region that you created the bucket in.\n\t\t\t\t\t\tFor more information about valid values, see the table Amazon S3\n\t\t\t\t\t\t\tWebsite Endpoints in the Amazon Web Services General\n\t\t\t\t\t\t\tReference.
\n \n - Another Route 53 resource record set in your hosted zone
\n - \n
Specify the hosted zone ID of your hosted zone. (An alias resource record\n\t\t\t\t\t\tset can't reference a resource record set in a different hosted\n\t\t\t\t\t\tzone.)
\n \n
",
"smithy.api#required": {}
}
},
@@ -1938,6 +1947,15 @@
"smithy.api#output": {}
}
},
+ "com.amazonaws.route53#Bias": {
+ "type": "integer",
+ "traits": {
+ "smithy.api#range": {
+ "min": -99,
+ "max": 99
+ }
+ }
+ },
"com.amazonaws.route53#Change": {
"type": "structure",
"members": {
@@ -2189,6 +2207,510 @@
"SubmittedAt": "2017-02-10T01:36:41.958Z"
}
}
+ },
+ {
+ "title": "To create weighted resource record sets",
+ "documentation": "The following example creates two weighted resource record sets. The resource with a Weight of 100 will get 1/3rd of traffic (100/100+200), and the other resource will get the rest of the traffic for example.com.",
+ "input": {
+ "HostedZoneId": "Z3M3LMPEXAMPLE",
+ "ChangeBatch": {
+ "Comment": "Web servers for example.com",
+ "Changes": [
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "SetIdentifier": "Seattle data center",
+ "Weight": 100,
+ "TTL": 60,
+ "ResourceRecords": [
+ {
+ "Value": "192.0.2.44"
+ }
+ ],
+ "HealthCheckId": "abcdef11-2222-3333-4444-555555fedcba"
+ }
+ },
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "SetIdentifier": "Portland data center",
+ "Weight": 200,
+ "TTL": 60,
+ "ResourceRecords": [
+ {
+ "Value": "192.0.2.45"
+ }
+ ],
+ "HealthCheckId": "abcdef66-7777-8888-9999-000000fedcba"
+ }
+ }
+ ]
+ }
+ },
+ "output": {
+ "ChangeInfo": {
+ "Comment": "Web servers for example.com",
+ "Id": "/change/C2682N5HXP0BZ4",
+ "Status": "PENDING",
+ "SubmittedAt": "2017-02-10T01:36:41.958Z"
+ }
+ }
+ },
+ {
+ "title": "To create an alias resource record set",
+ "documentation": "The following example creates an alias resource record set that routes traffic to a CloudFront distribution.",
+ "input": {
+ "HostedZoneId": "Z3M3LMPEXAMPLE",
+ "ChangeBatch": {
+ "Comment": "CloudFront distribution for example.com",
+ "Changes": [
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "AliasTarget": {
+ "HostedZoneId": "Z2FDTNDATAQYW2",
+ "DNSName": "d123rk29d0stfj.cloudfront.net",
+ "EvaluateTargetHealth": false
+ }
+ }
+ }
+ ]
+ }
+ },
+ "output": {
+ "ChangeInfo": {
+ "Comment": "CloudFront distribution for example.com",
+ "Id": "/change/C2682N5HXP0BZ4",
+ "Status": "PENDING",
+ "SubmittedAt": "2017-02-10T01:36:41.958Z"
+ }
+ }
+ },
+ {
+ "title": "To create weighted alias resource record sets",
+ "documentation": "The following example creates two weighted alias resource record sets that route traffic to ELB load balancers. The resource with a Weight of 100 will get 1/3rd of traffic (100/100+200), and the other resource will get the rest of the traffic for example.com.",
+ "input": {
+ "HostedZoneId": "Z3M3LMPEXAMPLE",
+ "ChangeBatch": {
+ "Comment": "ELB load balancers for example.com",
+ "Changes": [
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "SetIdentifier": "Ohio region",
+ "Weight": 100,
+ "AliasTarget": {
+ "HostedZoneId": "Z3AADJGX6KTTL2",
+ "DNSName": "example-com-123456789.us-east-2.elb.amazonaws.com ",
+ "EvaluateTargetHealth": true
+ }
+ }
+ },
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "SetIdentifier": "Oregon region",
+ "Weight": 200,
+ "AliasTarget": {
+ "HostedZoneId": "Z1H1FL5HABSF5",
+ "DNSName": "example-com-987654321.us-west-2.elb.amazonaws.com ",
+ "EvaluateTargetHealth": true
+ }
+ }
+ }
+ ]
+ }
+ },
+ "output": {
+ "ChangeInfo": {
+ "Comment": "ELB load balancers for example.com",
+ "Id": "/change/C2682N5HXP0BZ4",
+ "Status": "PENDING",
+ "SubmittedAt": "2017-02-10T01:36:41.958Z"
+ }
+ }
+ },
+ {
+ "title": "To create latency resource record sets",
+ "documentation": "The following example creates two latency resource record sets that route traffic to EC2 instances. Traffic for example.com is routed either to the Ohio region or the Oregon region, depending on the latency between the user and those regions.",
+ "input": {
+ "HostedZoneId": "Z3M3LMPEXAMPLE",
+ "ChangeBatch": {
+ "Comment": "EC2 instances for example.com",
+ "Changes": [
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "SetIdentifier": "Ohio region",
+ "Region": "us-east-2",
+ "TTL": 60,
+ "ResourceRecords": [
+ {
+ "Value": "192.0.2.44"
+ }
+ ],
+ "HealthCheckId": "abcdef11-2222-3333-4444-555555fedcba"
+ }
+ },
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "SetIdentifier": "Oregon region",
+ "Region": "us-west-2",
+ "TTL": 60,
+ "ResourceRecords": [
+ {
+ "Value": "192.0.2.45"
+ }
+ ],
+ "HealthCheckId": "abcdef66-7777-8888-9999-000000fedcba"
+ }
+ }
+ ]
+ }
+ },
+ "output": {
+ "ChangeInfo": {
+ "Comment": "EC2 instances for example.com",
+ "Id": "/change/C2682N5HXP0BZ4",
+ "Status": "PENDING",
+ "SubmittedAt": "2017-02-10T01:36:41.958Z"
+ }
+ }
+ },
+ {
+ "title": "To create latency alias resource record sets",
+ "documentation": "The following example creates two latency alias resource record sets that route traffic for example.com to ELB load balancers. Requests are routed either to the Ohio region or the Oregon region, depending on the latency between the user and those regions.",
+ "input": {
+ "HostedZoneId": "Z3M3LMPEXAMPLE",
+ "ChangeBatch": {
+ "Comment": "ELB load balancers for example.com",
+ "Changes": [
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "SetIdentifier": "Ohio region",
+ "Region": "us-east-2",
+ "AliasTarget": {
+ "HostedZoneId": "Z3AADJGX6KTTL2",
+ "DNSName": "example-com-123456789.us-east-2.elb.amazonaws.com ",
+ "EvaluateTargetHealth": true
+ }
+ }
+ },
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "SetIdentifier": "Oregon region",
+ "Region": "us-west-2",
+ "AliasTarget": {
+ "HostedZoneId": "Z1H1FL5HABSF5",
+ "DNSName": "example-com-987654321.us-west-2.elb.amazonaws.com ",
+ "EvaluateTargetHealth": true
+ }
+ }
+ }
+ ]
+ }
+ },
+ "output": {
+ "ChangeInfo": {
+ "Comment": "ELB load balancers for example.com",
+ "Id": "/change/C2682N5HXP0BZ4",
+ "Status": "PENDING",
+ "SubmittedAt": "2017-02-10T01:36:41.958Z"
+ }
+ }
+ },
+ {
+ "title": "To create failover resource record sets",
+ "documentation": "The following example creates primary and secondary failover resource record sets that route traffic to EC2 instances. Traffic is generally routed to the primary resource, in the Ohio region. If that resource is unavailable, traffic is routed to the secondary resource, in the Oregon region.",
+ "input": {
+ "HostedZoneId": "Z3M3LMPEXAMPLE",
+ "ChangeBatch": {
+ "Comment": "Failover configuration for example.com",
+ "Changes": [
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "SetIdentifier": "Ohio region",
+ "Failover": "PRIMARY",
+ "TTL": 60,
+ "ResourceRecords": [
+ {
+ "Value": "192.0.2.44"
+ }
+ ],
+ "HealthCheckId": "abcdef11-2222-3333-4444-555555fedcba"
+ }
+ },
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "SetIdentifier": "Oregon region",
+ "Failover": "SECONDARY",
+ "TTL": 60,
+ "ResourceRecords": [
+ {
+ "Value": "192.0.2.45"
+ }
+ ],
+ "HealthCheckId": "abcdef66-7777-8888-9999-000000fedcba"
+ }
+ }
+ ]
+ }
+ },
+ "output": {
+ "ChangeInfo": {
+ "Comment": "Failover configuration for example.com",
+ "Id": "/change/C2682N5HXP0BZ4",
+ "Status": "PENDING",
+ "SubmittedAt": "2017-02-10T01:36:41.958Z"
+ }
+ }
+ },
+ {
+ "title": "To create failover alias resource record sets",
+ "documentation": "The following example creates primary and secondary failover alias resource record sets that route traffic to ELB load balancers. Traffic is generally routed to the primary resource, in the Ohio region. If that resource is unavailable, traffic is routed to the secondary resource, in the Oregon region.",
+ "input": {
+ "HostedZoneId": "Z3M3LMPEXAMPLE",
+ "ChangeBatch": {
+ "Comment": "Failover alias configuration for example.com",
+ "Changes": [
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "SetIdentifier": "Ohio region",
+ "Failover": "PRIMARY",
+ "AliasTarget": {
+ "HostedZoneId": "Z3AADJGX6KTTL2",
+ "DNSName": "example-com-123456789.us-east-2.elb.amazonaws.com ",
+ "EvaluateTargetHealth": true
+ }
+ }
+ },
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "SetIdentifier": "Oregon region",
+ "Failover": "SECONDARY",
+ "AliasTarget": {
+ "HostedZoneId": "Z1H1FL5HABSF5",
+ "DNSName": "example-com-987654321.us-west-2.elb.amazonaws.com ",
+ "EvaluateTargetHealth": true
+ }
+ }
+ }
+ ]
+ }
+ },
+ "output": {
+ "ChangeInfo": {
+ "Comment": "Failover alias configuration for example.com",
+ "Id": "/change/C2682N5HXP0BZ4",
+ "Status": "PENDING",
+ "SubmittedAt": "2017-02-10T01:36:41.958Z"
+ }
+ }
+ },
+ {
+ "title": "To create geolocation resource record sets",
+ "documentation": "The following example creates four geolocation resource record sets that use IPv4 addresses to route traffic to resources such as web servers running on EC2 instances. Traffic is routed to one of four IP addresses, for North America (NA), for South America (SA), for Europe (EU), and for all other locations (*).",
+ "input": {
+ "HostedZoneId": "Z3M3LMPEXAMPLE",
+ "ChangeBatch": {
+ "Comment": "Geolocation configuration for example.com",
+ "Changes": [
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "SetIdentifier": "North America",
+ "GeoLocation": {
+ "ContinentCode": "NA"
+ },
+ "TTL": 60,
+ "ResourceRecords": [
+ {
+ "Value": "192.0.2.44"
+ }
+ ]
+ }
+ },
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "SetIdentifier": "South America",
+ "GeoLocation": {
+ "ContinentCode": "SA"
+ },
+ "TTL": 60,
+ "ResourceRecords": [
+ {
+ "Value": "192.0.2.45"
+ }
+ ]
+ }
+ },
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "SetIdentifier": "Europe",
+ "GeoLocation": {
+ "ContinentCode": "EU"
+ },
+ "TTL": 60,
+ "ResourceRecords": [
+ {
+ "Value": "192.0.2.46"
+ }
+ ]
+ }
+ },
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "SetIdentifier": "Other locations",
+ "GeoLocation": {
+ "CountryCode": "*"
+ },
+ "TTL": 60,
+ "ResourceRecords": [
+ {
+ "Value": "192.0.2.47"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "output": {
+ "ChangeInfo": {
+ "Comment": "Geolocation configuration for example.com",
+ "Id": "/change/C2682N5HXP0BZ4",
+ "Status": "PENDING",
+ "SubmittedAt": "2017-02-10T01:36:41.958Z"
+ }
+ }
+ },
+ {
+ "title": "To create geolocation alias resource record sets",
+ "documentation": "The following example creates four geolocation alias resource record sets that route traffic to ELB load balancers. Traffic is routed to one of four IP addresses, for North America (NA), for South America (SA), for Europe (EU), and for all other locations (*).",
+ "input": {
+ "HostedZoneId": "Z3M3LMPEXAMPLE",
+ "ChangeBatch": {
+ "Comment": "Geolocation alias configuration for example.com",
+ "Changes": [
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "SetIdentifier": "North America",
+ "GeoLocation": {
+ "ContinentCode": "NA"
+ },
+ "AliasTarget": {
+ "HostedZoneId": "Z3AADJGX6KTTL2",
+ "DNSName": "example-com-123456789.us-east-2.elb.amazonaws.com ",
+ "EvaluateTargetHealth": true
+ }
+ }
+ },
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "SetIdentifier": "South America",
+ "GeoLocation": {
+ "ContinentCode": "SA"
+ },
+ "AliasTarget": {
+ "HostedZoneId": "Z2P70J7HTTTPLU",
+ "DNSName": "example-com-234567890.sa-east-1.elb.amazonaws.com ",
+ "EvaluateTargetHealth": true
+ }
+ }
+ },
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "SetIdentifier": "Europe",
+ "GeoLocation": {
+ "ContinentCode": "EU"
+ },
+ "AliasTarget": {
+ "HostedZoneId": "Z215JYRZR1TBD5",
+ "DNSName": "example-com-234567890.eu-central-1.elb.amazonaws.com ",
+ "EvaluateTargetHealth": true
+ }
+ }
+ },
+ {
+ "Action": "CREATE",
+ "ResourceRecordSet": {
+ "Name": "example.com",
+ "Type": "A",
+ "SetIdentifier": "Other locations",
+ "GeoLocation": {
+ "CountryCode": "*"
+ },
+ "AliasTarget": {
+ "HostedZoneId": "Z1LMS91P8CMLE5",
+ "DNSName": "example-com-234567890.ap-southeast-1.elb.amazonaws.com ",
+ "EvaluateTargetHealth": true
+ }
+ }
+ }
+ ]
+ }
+ },
+ "output": {
+ "ChangeInfo": {
+ "Comment": "Geolocation alias configuration for example.com",
+ "Id": "/change/C2682N5HXP0BZ4",
+ "Status": "PENDING",
+ "SubmittedAt": "2017-02-10T01:36:41.958Z"
+ }
+ }
}
],
"smithy.api#http": {
@@ -2492,7 +3014,7 @@
"LocationName": {
"target": "com.amazonaws.route53#CidrLocationNameDefaultNotAllowed",
"traits": {
- "smithy.api#documentation": "Name of the location that is associated with the CIDR\n\t\t\tcollection.
",
+ "smithy.api#documentation": "Name of the location that is associated with the CIDR collection.
",
"smithy.api#required": {}
}
},
@@ -3059,6 +3581,28 @@
"smithy.api#httpError": 400
}
},
+ "com.amazonaws.route53#Coordinates": {
+ "type": "structure",
+ "members": {
+ "Latitude": {
+ "target": "com.amazonaws.route53#Latitude",
+ "traits": {
+ "smithy.api#documentation": " Specifies a coordinate of the north–south position of a geographic point on the surface of\n\t\t\tthe Earth (-90 - 90).
",
+ "smithy.api#required": {}
+ }
+ },
+ "Longitude": {
+ "target": "com.amazonaws.route53#Longitude",
+ "traits": {
+ "smithy.api#documentation": " Specifies a coordinate of the east–west position of a geographic point on the surface of\n\t\t\tthe Earth (-180 - 180).
",
+ "smithy.api#required": {}
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "\n\t\t\tA complex type that lists the coordinates for a geoproximity resource record.\n\t\t
"
+ }
+ },
"com.amazonaws.route53#CreateCidrCollection": {
"type": "operation",
"input": {
@@ -4023,7 +4567,7 @@
}
},
"traits": {
- "smithy.api#documentation": "A string repesenting the status of DNSSEC signing.
"
+ "smithy.api#documentation": "A string representing the status of DNSSEC signing.
"
}
},
"com.amazonaws.route53#DeactivateKeySigningKey": {
@@ -5102,7 +5646,7 @@
"CountryCode": {
"target": "com.amazonaws.route53#GeoLocationCountryCode",
"traits": {
- "smithy.api#documentation": "For geolocation resource record sets, the two-letter code for a country.
\n Amazon Route 53 uses the two-letter country codes that are specified in ISO standard 3166-1\n\t\t\t\talpha-2.
\n Route 53 also supports the contry code UA forr Ukraine.
"
+ "smithy.api#documentation": "For geolocation resource record sets, the two-letter code for a country.
\n Amazon Route 53 uses the two-letter country codes that are specified in ISO standard 3166-1\n\t\t\t\talpha-2.
\n Route 53 also supports the country code UA for\n\t\t\tUkraine.
"
}
},
"SubdivisionCode": {
@@ -5223,6 +5767,38 @@
}
}
},
+ "com.amazonaws.route53#GeoProximityLocation": {
+ "type": "structure",
+ "members": {
+ "AWSRegion": {
+ "target": "com.amazonaws.route53#AWSRegion",
+ "traits": {
+ "smithy.api#documentation": " The Amazon Web Services Region the resource you are directing DNS traffic to, is in.
"
+ }
+ },
+ "LocalZoneGroup": {
+ "target": "com.amazonaws.route53#LocalZoneGroup",
+ "traits": {
+ "smithy.api#documentation": "\n\t\t\tSpecifies an Amazon Web Services Local Zone Group.\n\t\t
\n A local Zone Group is usually the Local Zone code without the ending character. For example, \n\t\t\tif the Local Zone is us-east-1-bue-1a the Local Zone Group is us-east-1-bue-1.
\n You can identify the Local Zones Group for a specific Local Zone by using the describe-availability-zones CLI command:
\n This command returns: \"GroupName\": \"us-west-2-den-1\", specifying that the Local Zone us-west-2-den-1a \n\t\t\tbelongs to the Local Zone Group us-west-2-den-1.
"
+ }
+ },
+ "Coordinates": {
+ "target": "com.amazonaws.route53#Coordinates",
+ "traits": {
+ "smithy.api#documentation": " Contains the longitude and latitude for a geographic region.
"
+ }
+ },
+ "Bias": {
+ "target": "com.amazonaws.route53#Bias",
+ "traits": {
+ "smithy.api#documentation": "\n\t\t\tThe bias increases or decreases the size of the geographic region from which Route 53 routes traffic to a resource.\n\t\t
\n To use Bias to change the size of the geographic region, specify the \n\t\t\tapplicable value for the bias:
\n \n - \n
To expand the size of the geographic region from which Route 53 routes traffic to a resource, specify a \n\t\t\t\tpositive integer from 1 to 99 for the bias. Route 53 shrinks the size of adjacent regions.
\n \n - \n
To shrink the size of the geographic region from which Route 53 routes traffic to a resource, specify a \n\t\t\t\tnegative bias of -1 to -99. Route 53 expands the size of adjacent regions.
\n \n
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": " (Resource record sets only): A complex type that lets you control how Amazon Route 53\n\t\t\tresponds to DNS queries based on the geographic origin of the query and your resources.\n\t\t\tOnly one of , LocalZoneGroup, Coordinates, or Amazon Web ServicesRegion is allowed per request at a time.
\n For more information about geoproximity routing, see Geoproximity routing in the\n\t\t\t\t\tAmazon Route 53 Developer Guide.
"
+ }
+ },
"com.amazonaws.route53#GetAccountLimit": {
"type": "operation",
"input": {
@@ -5452,7 +6028,7 @@
"Status": {
"target": "com.amazonaws.route53#DNSSECStatus",
"traits": {
- "smithy.api#documentation": "A string repesenting the status of DNSSEC.
",
+ "smithy.api#documentation": "A string representing the status of DNSSEC.
",
"smithy.api#required": {}
}
},
@@ -5506,7 +6082,7 @@
"CountryCode": {
"target": "com.amazonaws.route53#GeoLocationCountryCode",
"traits": {
- "smithy.api#documentation": "Amazon Route 53 uses the two-letter country codes that are specified in ISO standard 3166-1\n\t\t\t\talpha-2.
\n Route 53 also supports the contry code UA forr Ukraine.
",
+ "smithy.api#documentation": "Amazon Route 53 uses the two-letter country codes that are specified in ISO standard 3166-1\n\t\t\t\talpha-2.
\n Route 53 also supports the country code UA for\n\t\t\tUkraine.
",
"smithy.api#httpQuery": "countrycode"
}
},
@@ -6416,7 +6992,7 @@
"Type": {
"target": "com.amazonaws.route53#HealthCheckType",
"traits": {
- "smithy.api#documentation": "The type of health check that you want to create, which indicates how Amazon Route 53\n\t\t\tdetermines whether an endpoint is healthy.
\n \n You can't change the value of Type after you create a health\n\t\t\t\tcheck.
\n \n You can create the following types of health checks:
\n \n - \n
\n HTTP: Route 53 tries to establish a TCP\n\t\t\t\t\tconnection. If successful, Route 53 submits an HTTP request and waits for an\n\t\t\t\t\tHTTP status code of 200 or greater and less than 400.
\n \n - \n
\n HTTPS: Route 53 tries to establish a TCP\n\t\t\t\t\tconnection. If successful, Route 53 submits an HTTPS request and waits for an\n\t\t\t\t\tHTTP status code of 200 or greater and less than 400.
\n \n If you specify HTTPS for the value of Type, the\n\t\t\t\t\t\tendpoint must support TLS v1.0 or later.
\n \n \n - \n
\n HTTP_STR_MATCH: Route 53 tries to establish a\n\t\t\t\t\tTCP connection. If successful, Route 53 submits an HTTP request and searches the\n\t\t\t\t\tfirst 5,120 bytes of the response body for the string that you specify in\n\t\t\t\t\t\tSearchString.
\n \n - \n
\n HTTPS_STR_MATCH: Route 53 tries to establish\n\t\t\t\t\ta TCP connection. If successful, Route 53 submits an HTTPS request\n\t\t\t\t\tand searches the first 5,120 bytes of the response body for the string that you\n\t\t\t\t\tspecify in SearchString.
\n \n - \n
\n TCP: Route 53 tries to establish a TCP\n\t\t\t\t\tconnection.
\n \n - \n
\n CLOUDWATCH_METRIC: The health check is\n\t\t\t\t\tassociated with a CloudWatch alarm. If the state of the alarm is\n\t\t\t\t\tOK, the health check is considered healthy. If the state is\n\t\t\t\t\t\tALARM, the health check is considered unhealthy. If CloudWatch\n\t\t\t\t\tdoesn't have sufficient data to determine whether the state is OK\n\t\t\t\t\tor ALARM, the health check status depends on the setting for\n\t\t\t\t\t\tInsufficientDataHealthStatus: Healthy,\n\t\t\t\t\t\tUnhealthy, or LastKnownStatus.
\n \n - \n
\n CALCULATED: For health checks that monitor\n\t\t\t\t\tthe status of other health checks, Route 53 adds up the number of health checks\n\t\t\t\t\tthat Route 53 health checkers consider to be healthy and compares that number\n\t\t\t\t\twith the value of HealthThreshold.
\n \n - \n
\n RECOVERY_CONTROL: The health check is\n\t\t\t\t\tassocated with a Route53 Application Recovery Controller routing control. If the\n\t\t\t\t\trouting control state is ON, the health check is considered\n\t\t\t\t\thealthy. If the state is OFF, the health check is considered\n\t\t\t\t\tunhealthy.
\n \n
\n For more information, see How Route 53 Determines Whether an Endpoint Is Healthy in the\n\t\t\t\tAmazon Route 53 Developer Guide.
",
+ "smithy.api#documentation": "The type of health check that you want to create, which indicates how Amazon Route 53\n\t\t\tdetermines whether an endpoint is healthy.
\n \n You can't change the value of Type after you create a health\n\t\t\t\tcheck.
\n \n You can create the following types of health checks:
\n \n - \n
\n HTTP: Route 53 tries to establish a TCP\n\t\t\t\t\tconnection. If successful, Route 53 submits an HTTP request and waits for an\n\t\t\t\t\tHTTP status code of 200 or greater and less than 400.
\n \n - \n
\n HTTPS: Route 53 tries to establish a TCP\n\t\t\t\t\tconnection. If successful, Route 53 submits an HTTPS request and waits for an\n\t\t\t\t\tHTTP status code of 200 or greater and less than 400.
\n \n If you specify HTTPS for the value of Type, the\n\t\t\t\t\t\tendpoint must support TLS v1.0 or later.
\n \n \n - \n
\n HTTP_STR_MATCH: Route 53 tries to establish a\n\t\t\t\t\tTCP connection. If successful, Route 53 submits an HTTP request and searches the\n\t\t\t\t\tfirst 5,120 bytes of the response body for the string that you specify in\n\t\t\t\t\t\tSearchString.
\n \n - \n
\n HTTPS_STR_MATCH: Route 53 tries to establish\n\t\t\t\t\ta TCP connection. If successful, Route 53 submits an HTTPS request\n\t\t\t\t\tand searches the first 5,120 bytes of the response body for the string that you\n\t\t\t\t\tspecify in SearchString.
\n \n - \n
\n TCP: Route 53 tries to establish a TCP\n\t\t\t\t\tconnection.
\n \n - \n
\n CLOUDWATCH_METRIC: The health check is\n\t\t\t\t\tassociated with a CloudWatch alarm. If the state of the alarm is\n\t\t\t\t\tOK, the health check is considered healthy. If the state is\n\t\t\t\t\t\tALARM, the health check is considered unhealthy. If CloudWatch\n\t\t\t\t\tdoesn't have sufficient data to determine whether the state is OK\n\t\t\t\t\tor ALARM, the health check status depends on the setting for\n\t\t\t\t\t\tInsufficientDataHealthStatus: Healthy,\n\t\t\t\t\t\tUnhealthy, or LastKnownStatus.
\n \n - \n
\n CALCULATED: For health checks that monitor\n\t\t\t\t\tthe status of other health checks, Route 53 adds up the number of health checks\n\t\t\t\t\tthat Route 53 health checkers consider to be healthy and compares that number\n\t\t\t\t\twith the value of HealthThreshold.
\n \n - \n
\n RECOVERY_CONTROL: The health check is associated with a\n\t\t\t\t\tRoute53 Application Recovery Controller routing control. If the routing control\n\t\t\t\t\tstate is ON, the health check is considered healthy. If the state\n\t\t\t\t\tis OFF, the health check is considered unhealthy.
\n \n
\n For more information, see How Route 53 Determines Whether an Endpoint Is Healthy in the\n\t\t\t\tAmazon Route 53 Developer Guide.
",
"smithy.api#required": {}
}
},
@@ -7439,6 +8015,16 @@
"smithy.api#httpError": 400
}
},
+ "com.amazonaws.route53#Latitude": {
+ "type": "string",
+ "traits": {
+ "smithy.api#length": {
+ "min": 1,
+ "max": 6
+ },
+ "smithy.api#pattern": "^[-+]?[0-9]{1,2}(\\.[0-9]{0,2})?$"
+ }
+ },
"com.amazonaws.route53#LimitValue": {
"type": "long",
"traits": {
@@ -7773,7 +8359,7 @@
"MaxItems": {
"target": "smithy.api#Integer",
"traits": {
- "smithy.api#documentation": "(Optional) The maximum number of geolocations to be included in the response body for\n\t\t\tthis request. If more than maxitems geolocations remain to be listed, then\n\t\t\tthe value of the IsTruncated element in the response is\n\t\t\ttrue.
",
+ "smithy.api#documentation": "(Optional) The maximum number of geolocations to be included in the response body for this\n\t\t\trequest. If more than maxitems geolocations remain to be listed, then the\n\t\t\tvalue of the IsTruncated element in the response is\n\t\t\ttrue.
",
"smithy.api#httpQuery": "maxitems"
}
}
@@ -9302,6 +9888,15 @@
"smithy.api#output": {}
}
},
+ "com.amazonaws.route53#LocalZoneGroup": {
+ "type": "string",
+ "traits": {
+ "smithy.api#length": {
+ "min": 1,
+ "max": 64
+ }
+ }
+ },
"com.amazonaws.route53#LocationSummaries": {
"type": "list",
"member": {
@@ -9322,6 +9917,16 @@
"smithy.api#documentation": "A complex type that contains information about the CIDR location.
"
}
},
+ "com.amazonaws.route53#Longitude": {
+ "type": "string",
+ "traits": {
+ "smithy.api#length": {
+ "min": 1,
+ "max": 7
+ },
+ "smithy.api#pattern": "^[-+]?[0-9]{1,3}(\\.[0-9]{0,2})?$"
+ }
+ },
"com.amazonaws.route53#MeasureLatency": {
"type": "boolean"
},
@@ -9939,7 +10544,7 @@
"GeoLocation": {
"target": "com.amazonaws.route53#GeoLocation",
"traits": {
- "smithy.api#documentation": "\n Geolocation resource record sets only: A complex type that lets\n\t\t\tyou control how Amazon Route 53 responds to DNS queries based on the geographic origin\n\t\t\tof the query. For example, if you want all queries from Africa to be routed to a web\n\t\t\tserver with an IP address of 192.0.2.111, create a resource record set with\n\t\t\ta Type of A and a ContinentCode of\n\t\t\t\tAF.
\n \n Although creating geolocation and geolocation alias resource record sets in a\n\t\t\t\tprivate hosted zone is allowed, it's not supported.
\n \n If you create separate resource record sets for overlapping geographic regions (for\n\t\t\texample, one resource record set for a continent and one for a country on the same\n\t\t\tcontinent), priority goes to the smallest geographic region. This allows you to route\n\t\t\tmost queries for a continent to one resource and to route queries for a country on that\n\t\t\tcontinent to a different resource.
\n You can't create two geolocation resource record sets that specify the same geographic\n\t\t\tlocation.
\n The value * in the CountryCode element matches all\n\t\t\tgeographic locations that aren't specified in other geolocation resource record sets\n\t\t\tthat have the same values for the Name and Type\n\t\t\telements.
\n \n Geolocation works by mapping IP addresses to locations. However, some IP addresses\n\t\t\t\taren't mapped to geographic locations, so even if you create geolocation resource\n\t\t\t\trecord sets that cover all seven continents, Route 53 will receive some DNS queries\n\t\t\t\tfrom locations that it can't identify. We recommend that you create a resource\n\t\t\t\trecord set for which the value of CountryCode is *. Two\n\t\t\t\tgroups of queries are routed to the resource that you specify in this record:\n\t\t\t\tqueries that come from locations for which you haven't created geolocation resource\n\t\t\t\trecord sets and queries from IP addresses that aren't mapped to a location. If you\n\t\t\t\tdon't create a * resource record set, Route 53 returns a \"no answer\"\n\t\t\t\tresponse for queries from those locations.
\n \n You can't create non-geolocation resource record sets that have the same values for\n\t\t\tthe Name and Type elements as geolocation resource record\n\t\t\tsets.
"
+ "smithy.api#documentation": "\n Geolocation resource record sets only: A complex type that lets you\n\t\t\tcontrol how Amazon Route 53 responds to DNS queries based on the geographic origin of\n\t\t\tthe query. For example, if you want all queries from Africa to be routed to a web server\n\t\t\twith an IP address of 192.0.2.111, create a resource record set with a\n\t\t\t\tType of A and a ContinentCode of\n\t\t\t\tAF.
\n If you create separate resource record sets for overlapping geographic regions (for\n\t\t\texample, one resource record set for a continent and one for a country on the same\n\t\t\tcontinent), priority goes to the smallest geographic region. This allows you to route\n\t\t\tmost queries for a continent to one resource and to route queries for a country on that\n\t\t\tcontinent to a different resource.
\n You can't create two geolocation resource record sets that specify the same geographic\n\t\t\tlocation.
\n The value * in the CountryCode element matches all\n\t\t\tgeographic locations that aren't specified in other geolocation resource record sets\n\t\t\tthat have the same values for the Name and Type\n\t\t\telements.
\n \n Geolocation works by mapping IP addresses to locations. However, some IP addresses\n\t\t\t\taren't mapped to geographic locations, so even if you create geolocation resource\n\t\t\t\trecord sets that cover all seven continents, Route 53 will receive some DNS queries\n\t\t\t\tfrom locations that it can't identify. We recommend that you create a resource\n\t\t\t\trecord set for which the value of CountryCode is *. Two\n\t\t\t\tgroups of queries are routed to the resource that you specify in this record:\n\t\t\t\tqueries that come from locations for which you haven't created geolocation resource\n\t\t\t\trecord sets and queries from IP addresses that aren't mapped to a location. If you\n\t\t\t\tdon't create a * resource record set, Route 53 returns a \"no answer\"\n\t\t\t\tresponse for queries from those locations.
\n \n You can't create non-geolocation resource record sets that have the same values for\n\t\t\tthe Name and Type elements as geolocation resource record\n\t\t\tsets.
"
}
},
"Failover": {
@@ -9986,6 +10591,12 @@
},
"CidrRoutingConfig": {
"target": "com.amazonaws.route53#CidrRoutingConfig"
+ },
+ "GeoProximityLocation": {
+ "target": "com.amazonaws.route53#GeoProximityLocation",
+ "traits": {
+ "smithy.api#documentation": "\n GeoproximityLocation resource record sets only: A complex type that lets you control how\n\t\t\t\tRoute 53 responds to DNS queries based on the geographic origin of the\n\t\t\tquery and your resources.
"
+ }
}
},
"traits": {
@@ -11229,7 +11840,7 @@
"FullyQualifiedDomainName": {
"target": "com.amazonaws.route53#FullyQualifiedDomainName",
"traits": {
- "smithy.api#documentation": "Amazon Route 53 behavior depends on whether you specify a value for\n\t\t\t\tIPAddress.
\n \n If a health check already has a value for IPAddress, you can change\n\t\t\t\tthe value. However, you can't update an existing health check to add or remove the\n\t\t\t\tvalue of IPAddress.
\n \n \n If you specify a value for\n IPAddress:
\n Route 53 sends health check requests to the specified IPv4 or IPv6 address and passes\n\t\t\tthe value of FullyQualifiedDomainName in the Host header for\n\t\t\tall health checks except TCP health checks. This is typically the fully qualified DNS\n\t\t\tname of the endpoint on which you want Route 53 to perform health checks.
\n When Route 53 checks the health of an endpoint, here is how it constructs the\n\t\t\t\tHost header:
\n \n - \n
If you specify a value of 80 for Port and\n\t\t\t\t\t\tHTTP or HTTP_STR_MATCH for Type,\n\t\t\t\t\tRoute 53 passes the value of FullyQualifiedDomainName to the\n\t\t\t\t\tendpoint in the Host header.
\n \n - \n
If you specify a value of 443 for Port and\n\t\t\t\t\t\tHTTPS or HTTPS_STR_MATCH for Type,\n\t\t\t\t\tRoute 53 passes the value of FullyQualifiedDomainName to the\n\t\t\t\t\tendpoint in the Host header.
\n \n - \n
If you specify another value for Port and any value except\n\t\t\t\t\t\tTCP for Type, Route 53 passes\n\t\t\t\t\t\t\t\n FullyQualifiedDomainName:Port\n \n\t\t\t\t\tto the endpoint in the Host header.
\n \n
\n If you don't specify a value for FullyQualifiedDomainName, Route 53\n\t\t\tsubstitutes the value of IPAddress in the Host header in each\n\t\t\tof the above cases.
\n \n If you don't specify a value for\n IPAddress:
\n If you don't specify a value for IPAddress, Route 53 sends a DNS request\n\t\t\tto the domain that you specify in FullyQualifiedDomainName at the interval\n\t\t\tyou specify in RequestInterval. Using an IPv4 address that is returned by\n\t\t\tDNS, Route 53 then checks the health of the endpoint.
\n \n If you don't specify a value for IPAddress, Route 53 uses only IPv4\n\t\t\t\tto send health checks to the endpoint. If there's no resource record set with a type\n\t\t\t\tof A for the name that you specify for FullyQualifiedDomainName, the\n\t\t\t\thealth check fails with a \"DNS resolution failed\" error.
\n \n If you want to check the health of weighted, latency, or failover resource record sets\n\t\t\tand you choose to specify the endpoint only by FullyQualifiedDomainName, we\n\t\t\trecommend that you create a separate health check for each endpoint. For example, create\n\t\t\ta health check for each HTTP server that is serving content for www.example.com. For the\n\t\t\tvalue of FullyQualifiedDomainName, specify the domain name of the server\n\t\t\t(such as us-east-2-www.example.com), not the name of the resource record\n\t\t\tsets (www.example.com).
\n \n In this configuration, if the value of FullyQualifiedDomainName\n\t\t\t\tmatches the name of the resource record sets and you then associate the health check\n\t\t\t\twith those resource record sets, health check results will be unpredictable.
\n \n In addition, if the value of Type is HTTP,\n\t\t\t\tHTTPS, HTTP_STR_MATCH, or HTTPS_STR_MATCH,\n\t\t\tRoute 53 passes the value of FullyQualifiedDomainName in the\n\t\t\t\tHost header, as it does when you specify a value for\n\t\t\t\tIPAddress. If the value of Type is TCP, Route\n\t\t\t53 doesn't pass a Host header.
"
+ "smithy.api#documentation": "Amazon Route 53 behavior depends on whether you specify a value for\n\t\t\t\tIPAddress.
\n \n If a health check already has a value for IPAddress, you can change\n\t\t\t\tthe value. However, you can't update an existing health check to add or remove the\n\t\t\t\tvalue of IPAddress.
\n \n \n If you specify a value for\n IPAddress:
\n Route 53 sends health check requests to the specified IPv4 or IPv6 address and passes\n\t\t\tthe value of FullyQualifiedDomainName in the Host header for\n\t\t\tall health checks except TCP health checks. This is typically the fully qualified DNS\n\t\t\tname of the endpoint on which you want Route 53 to perform health checks.
\n When Route 53 checks the health of an endpoint, here is how it constructs the\n\t\t\t\tHost header:
\n \n - \n
If you specify a value of 80 for Port and\n\t\t\t\t\t\tHTTP or HTTP_STR_MATCH for Type,\n\t\t\t\t\tRoute 53 passes the value of FullyQualifiedDomainName to the\n\t\t\t\t\tendpoint in the Host header.
\n \n - \n
If you specify a value of 443 for Port and\n\t\t\t\t\t\tHTTPS or HTTPS_STR_MATCH for Type,\n\t\t\t\t\tRoute 53 passes the value of FullyQualifiedDomainName to the\n\t\t\t\t\tendpoint in the Host header.
\n \n - \n
If you specify another value for Port and any value except\n\t\t\t\t\t\tTCP for Type, Route 53 passes\n\t\t\t\t\t\t\t\n FullyQualifiedDomainName:Port\n \n\t\t\t\t\tto the endpoint in the Host header.
\n \n
\n If you don't specify a value for FullyQualifiedDomainName, Route 53\n\t\t\tsubstitutes the value of IPAddress in the Host header in each\n\t\t\tof the above cases.
\n \n If you don't specify a value for\n IPAddress:
\n If you don't specify a value for IPAddress, Route 53 sends a DNS request\n\t\t\tto the domain that you specify in FullyQualifiedDomainName at the interval\n\t\t\tyou specify in RequestInterval. Using an IPv4 address that is returned by\n\t\t\tDNS, Route 53 then checks the health of the endpoint.
\n If you don't specify a value for IPAddress, you can’t update the health check to remove the FullyQualifiedDomainName; if you don’t specify a value for IPAddress on creation, a \n\t\t\tFullyQualifiedDomainName is required.
\n \n If you don't specify a value for IPAddress, Route 53 uses only IPv4\n\t\t\t\tto send health checks to the endpoint. If there's no resource record set with a type\n\t\t\t\tof A for the name that you specify for FullyQualifiedDomainName, the\n\t\t\t\thealth check fails with a \"DNS resolution failed\" error.
\n \n If you want to check the health of weighted, latency, or failover resource record sets\n\t\t\tand you choose to specify the endpoint only by FullyQualifiedDomainName, we\n\t\t\trecommend that you create a separate health check for each endpoint. For example, create\n\t\t\ta health check for each HTTP server that is serving content for www.example.com. For the\n\t\t\tvalue of FullyQualifiedDomainName, specify the domain name of the server\n\t\t\t(such as us-east-2-www.example.com), not the name of the resource record\n\t\t\tsets (www.example.com).
\n \n In this configuration, if the value of FullyQualifiedDomainName\n\t\t\t\tmatches the name of the resource record sets and you then associate the health check\n\t\t\t\twith those resource record sets, health check results will be unpredictable.
\n \n In addition, if the value of Type is HTTP,\n\t\t\t\tHTTPS, HTTP_STR_MATCH, or HTTPS_STR_MATCH,\n\t\t\tRoute 53 passes the value of FullyQualifiedDomainName in the\n\t\t\t\tHost header, as it does when you specify a value for\n\t\t\t\tIPAddress. If the value of Type is TCP, Route\n\t\t\t53 doesn't pass a Host header.
"
}
},
"SearchString": {
diff --git a/codegen/sdk-codegen/aws-models/route53resolver.json b/codegen/sdk-codegen/aws-models/route53resolver.json
index e917716349b..f8ae5ce7185 100644
--- a/codegen/sdk-codegen/aws-models/route53resolver.json
+++ b/codegen/sdk-codegen/aws-models/route53resolver.json
@@ -756,6 +756,12 @@
"smithy.api#documentation": "A name that lets you identify the rule in the rule group.
",
"smithy.api#required": {}
}
+ },
+ "Qtype": {
+ "target": "com.amazonaws.route53resolver#Qtype",
+ "traits": {
+ "smithy.api#documentation": "\n\t\t\tThe DNS query type you want the rule to evaluate. Allowed values are;\n\t\t
\n \n - \n
\n\t\t\t\tA: Returns an IPv4 address.
\n \n - \n
AAAA: Returns an Ipv6 address.
\n \n - \n
CAA: Restricts CAs that can create SSL/TLS certifications for the domain.
\n \n - \n
CNAME: Returns another domain name.
\n \n - \n
DS: Record that identifies the DNSSEC signing key of a delegated zone.
\n \n - \n
MX: Specifies mail servers.
\n \n - \n
NAPTR: Regular-expression-based rewriting of domain names.
\n \n - \n
NS: Authoritative name servers.
\n \n - \n
PTR: Maps an IP address to a domain name.
\n \n - \n
SOA: Start of authority record for the zone.
\n \n - \n
SPF: Lists the servers authorized to send emails from a domain.
\n \n - \n
SRV: Application specific values that identify servers.
\n \n - \n
TXT: Verifies email senders and application-specific values.
\n \n
"
+ }
}
},
"traits": {
@@ -1359,6 +1365,12 @@
"smithy.api#documentation": "The ID of the domain list that's used in the rule.
",
"smithy.api#required": {}
}
+ },
+ "Qtype": {
+ "target": "com.amazonaws.route53resolver#Qtype",
+ "traits": {
+ "smithy.api#documentation": "\n\t\t\tThe DNS query type that the rule you are deleting evaluates. Allowed values are;\n\t\t
\n \n - \n
\n\t\t\t\tA: Returns an IPv4 address.
\n \n - \n
AAAA: Returns an Ipv6 address.
\n \n - \n
CAA: Restricts CAs that can create SSL/TLS certifications for the domain.
\n \n - \n
CNAME: Returns another domain name.
\n \n - \n
DS: Record that identifies the DNSSEC signing key of a delegated zone.
\n \n - \n
MX: Specifies mail servers.
\n \n - \n
NAPTR: Regular-expression-based rewriting of domain names.
\n \n - \n
NS: Authoritative name servers.
\n \n - \n
PTR: Maps an IP address to a domain name.
\n \n - \n
SOA: Start of authority record for the zone.
\n \n - \n
SPF: Lists the servers authorized to send emails from a domain.
\n \n - \n
SRV: Application specific values that identify servers.
\n \n - \n
TXT: Verifies email senders and application-specific values.
\n \n
"
+ }
}
},
"traits": {
@@ -2287,6 +2299,12 @@
"traits": {
"smithy.api#documentation": "The date and time that the rule was last modified, in Unix time format and Coordinated Universal Time (UTC).
"
}
+ },
+ "Qtype": {
+ "target": "com.amazonaws.route53resolver#Qtype",
+ "traits": {
+ "smithy.api#documentation": "\n\t\t\tThe DNS query type you want the rule to evaluate. Allowed values are;\n\t\t
\n \n - \n
\n\t\t\t\tA: Returns an IPv4 address.
\n \n - \n
AAAA: Returns an Ipv6 address.
\n \n - \n
CAA: Restricts CAs that can create SSL/TLS certifications for the domain.
\n \n - \n
CNAME: Returns another domain name.
\n \n - \n
DS: Record that identifies the DNSSEC signing key of a delegated zone.
\n \n - \n
MX: Specifies mail servers.
\n \n - \n
NAPTR: Regular-expression-based rewriting of domain names.
\n \n - \n
NS: Authoritative name servers.
\n \n - \n
PTR: Maps an IP address to a domain name.
\n \n - \n
SOA: Start of authority record for the zone.
\n \n - \n
SPF: Lists the servers authorized to send emails from a domain.
\n \n - \n
SRV: Application specific values that identify servers.
\n \n - \n
TXT: Verifies email senders and application-specific values.
\n \n
"
+ }
}
},
"traits": {
@@ -5728,6 +5746,15 @@
"smithy.api#output": {}
}
},
+ "com.amazonaws.route53resolver#Qtype": {
+ "type": "string",
+ "traits": {
+ "smithy.api#length": {
+ "min": 1,
+ "max": 16
+ }
+ }
+ },
"com.amazonaws.route53resolver#ResolverAutodefinedReverseStatus": {
"type": "enum",
"members": {
@@ -8569,6 +8596,12 @@
"traits": {
"smithy.api#documentation": "The name of the rule.
"
}
+ },
+ "Qtype": {
+ "target": "com.amazonaws.route53resolver#Qtype",
+ "traits": {
+ "smithy.api#documentation": "\n\t\t\tThe DNS query type you want the rule to evaluate. Allowed values are;\n\t\t
\n \n - \n
\n\t\t\t\tA: Returns an IPv4 address.
\n \n - \n
AAAA: Returns an Ipv6 address.
\n \n - \n
CAA: Restricts CAs that can create SSL/TLS certifications for the domain.
\n \n - \n
CNAME: Returns another domain name.
\n \n - \n
DS: Record that identifies the DNSSEC signing key of a delegated zone.
\n \n - \n
MX: Specifies mail servers.
\n \n - \n
NAPTR: Regular-expression-based rewriting of domain names.
\n \n - \n
NS: Authoritative name servers.
\n \n - \n
PTR: Maps an IP address to a domain name.
\n \n - \n
SOA: Start of authority record for the zone.
\n \n - \n
SPF: Lists the servers authorized to send emails from a domain.
\n \n - \n
SRV: Application specific values that identify servers.
\n \n - \n
TXT: Verifies email senders and application-specific values.
\n \n
"
+ }
}
},
"traits": {
diff --git a/codegen/sdk-codegen/aws-models/s3-control.json b/codegen/sdk-codegen/aws-models/s3-control.json
index 306e0ea4997..75e5c663b05 100644
--- a/codegen/sdk-codegen/aws-models/s3-control.json
+++ b/codegen/sdk-codegen/aws-models/s3-control.json
@@ -644,6 +644,29 @@
"error": "OutpostId must only contain a-z, A-Z, 0-9 and `-`.",
"type": "error"
},
+ {
+ "conditions": [
+ {
+ "fn": "isSet",
+ "argv": [
+ {
+ "ref": "Endpoint"
+ }
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "error": "Invalid Configuration: DualStack and custom endpoint are not supported",
+ "type": "error"
+ },
{
"conditions": [
{
@@ -657,21 +680,6 @@
}
],
"rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "error": "Invalid configuration: Outposts do not support dual-stack",
- "type": "error"
- },
{
"conditions": [
{
@@ -708,6 +716,43 @@
},
"type": "endpoint"
},
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://s3-outposts-fips.{Region}.{partitionResult#dualStackDnsSuffix}",
+ "properties": {
+ "authSchemes": [
+ {
+ "disableDoubleEncoding": true,
+ "name": "sigv4",
+ "signingName": "s3-outposts",
+ "signingRegion": "{Region}"
+ }
+ ]
+ },
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
{
"conditions": [
{
@@ -736,6 +781,34 @@
},
"type": "endpoint"
},
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://s3-outposts.{Region}.{partitionResult#dualStackDnsSuffix}",
+ "properties": {
+ "authSchemes": [
+ {
+ "disableDoubleEncoding": true,
+ "name": "sigv4",
+ "signingName": "s3-outposts",
+ "signingRegion": "{Region}"
+ }
+ ]
+ },
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
{
"conditions": [],
"endpoint": {
@@ -836,21 +909,6 @@
}
],
"rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "error": "Invalid configuration: Outpost Access Points do not support dual-stack",
- "type": "error"
- },
{
"conditions": [
{
@@ -878,6 +936,29 @@
}
],
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "isSet",
+ "argv": [
+ {
+ "ref": "Endpoint"
+ }
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "error": "Invalid Configuration: DualStack and custom endpoint are not supported",
+ "type": "error"
+ },
{
"conditions": [
{
@@ -1111,6 +1192,50 @@
}
],
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://s3-outposts-fips.{accessPointArn#region}.{arnPartition#dualStackDnsSuffix}",
+ "properties": {
+ "authSchemes": [
+ {
+ "disableDoubleEncoding": true,
+ "name": "sigv4",
+ "signingName": "s3-outposts",
+ "signingRegion": "{accessPointArn#region}"
+ }
+ ]
+ },
+ "headers": {
+ "x-amz-account-id": [
+ "{accessPointArn#accountId}"
+ ],
+ "x-amz-outpost-id": [
+ "{outpostId}"
+ ]
+ }
+ },
+ "type": "endpoint"
+ },
{
"conditions": [
{
@@ -1146,6 +1271,41 @@
},
"type": "endpoint"
},
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://s3-outposts.{accessPointArn#region}.{arnPartition#dualStackDnsSuffix}",
+ "properties": {
+ "authSchemes": [
+ {
+ "disableDoubleEncoding": true,
+ "name": "sigv4",
+ "signingName": "s3-outposts",
+ "signingRegion": "{accessPointArn#region}"
+ }
+ ]
+ },
+ "headers": {
+ "x-amz-account-id": [
+ "{accessPointArn#accountId}"
+ ],
+ "x-amz-outpost-id": [
+ "{outpostId}"
+ ]
+ }
+ },
+ "type": "endpoint"
+ },
{
"conditions": [
{
@@ -1374,21 +1534,6 @@
}
],
"rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "error": "Invalid configuration: Outpost buckets do not support dual-stack",
- "type": "error"
- },
{
"conditions": [
{
@@ -1416,6 +1561,29 @@
}
],
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "isSet",
+ "argv": [
+ {
+ "ref": "Endpoint"
+ }
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "error": "Invalid Configuration: DualStack and custom endpoint are not supported",
+ "type": "error"
+ },
{
"conditions": [
{
@@ -1649,6 +1817,50 @@
}
],
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://s3-outposts-fips.{bucketArn#region}.{arnPartition#dualStackDnsSuffix}",
+ "properties": {
+ "authSchemes": [
+ {
+ "disableDoubleEncoding": true,
+ "name": "sigv4",
+ "signingName": "s3-outposts",
+ "signingRegion": "{bucketArn#region}"
+ }
+ ]
+ },
+ "headers": {
+ "x-amz-account-id": [
+ "{bucketArn#accountId}"
+ ],
+ "x-amz-outpost-id": [
+ "{outpostId}"
+ ]
+ }
+ },
+ "type": "endpoint"
+ },
{
"conditions": [
{
@@ -1684,6 +1896,41 @@
},
"type": "endpoint"
},
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://s3-outposts.{bucketArn#region}.{arnPartition#dualStackDnsSuffix}",
+ "properties": {
+ "authSchemes": [
+ {
+ "disableDoubleEncoding": true,
+ "name": "sigv4",
+ "signingName": "s3-outposts",
+ "signingRegion": "{bucketArn#region}"
+ }
+ ]
+ },
+ "headers": {
+ "x-amz-account-id": [
+ "{bucketArn#accountId}"
+ ],
+ "x-amz-outpost-id": [
+ "{outpostId}"
+ ]
+ }
+ },
+ "type": "endpoint"
+ },
{
"conditions": [
{
@@ -3368,128 +3615,262 @@
],
"params": {
"AccountId": "123456789012",
- "OutpostId": "op-123",
- "Region": "us-east-2",
+ "OutpostId": "op-123",
+ "Region": "us-east-2",
+ "RequiresAccountId": true,
+ "UseDualStack": false,
+ "UseFIPS": false
+ }
+ },
+ {
+ "documentation": "ListRegionalBuckets without OutpostId = regular endpoint@us-east-2",
+ "expect": {
+ "endpoint": {
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "s3",
+ "signingRegion": "us-east-2",
+ "disableDoubleEncoding": true
+ }
+ ]
+ },
+ "url": "https://123456789012.s3-control.us-east-2.amazonaws.com"
+ }
+ },
+ "operationInputs": [
+ {
+ "builtInParams": {
+ "AWS::Region": "us-east-2"
+ },
+ "operationName": "ListRegionalBuckets",
+ "operationParams": {
+ "AccountId": "123456789012"
+ }
+ }
+ ],
+ "params": {
+ "AccountId": "123456789012",
+ "Region": "us-east-2",
+ "RequiresAccountId": true,
+ "UseDualStack": false,
+ "UseFIPS": false
+ }
+ },
+ {
+ "documentation": "ListRegionalBucket + OutpostId with fips = outposts endpoint@us-east-2",
+ "expect": {
+ "endpoint": {
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "s3-outposts",
+ "signingRegion": "us-east-2",
+ "disableDoubleEncoding": true
+ }
+ ]
+ },
+ "url": "https://s3-outposts-fips.us-east-2.amazonaws.com"
+ }
+ },
+ "operationInputs": [
+ {
+ "builtInParams": {
+ "AWS::Region": "us-east-2",
+ "AWS::UseFIPS": true
+ },
+ "operationName": "ListRegionalBuckets",
+ "operationParams": {
+ "AccountId": "123456789012",
+ "OutpostId": "op-123"
+ }
+ }
+ ],
+ "params": {
+ "AccountId": "123456789012",
+ "OutpostId": "op-123",
+ "Region": "us-east-2",
+ "RequiresAccountId": true,
+ "UseDualStack": false,
+ "UseFIPS": true
+ }
+ },
+ {
+ "documentation": "outpost access points support dualstack@us-west-2",
+ "expect": {
+ "endpoint": {
+ "headers": {
+ "x-amz-account-id": [
+ "123456789012"
+ ],
+ "x-amz-outpost-id": [
+ "op-01234567890123456"
+ ]
+ },
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "s3-outposts",
+ "signingRegion": "us-west-2",
+ "disableDoubleEncoding": true
+ }
+ ]
+ },
+ "url": "https://s3-outposts.us-west-2.api.aws"
+ }
+ },
+ "operationInputs": [
+ {
+ "builtInParams": {
+ "AWS::Region": "us-west-2",
+ "AWS::UseDualStack": true
+ },
+ "operationName": "GetAccessPoint",
+ "operationParams": {
+ "Name": "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
+ "AccountId": "123456789012"
+ }
+ },
+ {
+ "builtInParams": {
+ "AWS::Region": "us-west-2",
+ "AWS::UseDualStack": true
+ },
+ "operationName": "DeleteAccessPoint",
+ "operationParams": {
+ "Name": "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
+ "AccountId": "123456789012"
+ }
+ }
+ ],
+ "params": {
+ "AccessPointName": "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
+ "AccountId": "123456789012",
+ "Region": "us-west-2",
"RequiresAccountId": true,
- "UseDualStack": false,
+ "UseDualStack": true,
"UseFIPS": false
}
},
{
- "documentation": "ListRegionalBuckets without OutpostId = regular endpoint@us-east-2",
+ "documentation": "outpost access points support dualstack@af-south-1",
"expect": {
"endpoint": {
+ "headers": {
+ "x-amz-account-id": [
+ "123456789012"
+ ],
+ "x-amz-outpost-id": [
+ "op-01234567890123456"
+ ]
+ },
"properties": {
"authSchemes": [
{
"name": "sigv4",
- "signingName": "s3",
- "signingRegion": "us-east-2",
+ "signingName": "s3-outposts",
+ "signingRegion": "af-south-1",
"disableDoubleEncoding": true
}
]
},
- "url": "https://123456789012.s3-control.us-east-2.amazonaws.com"
+ "url": "https://s3-outposts.af-south-1.api.aws"
}
},
"operationInputs": [
{
"builtInParams": {
- "AWS::Region": "us-east-2"
+ "AWS::Region": "af-south-1",
+ "AWS::UseDualStack": true
},
- "operationName": "ListRegionalBuckets",
+ "operationName": "GetAccessPoint",
+ "operationParams": {
+ "Name": "arn:aws:s3-outposts:af-south-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
+ "AccountId": "123456789012"
+ }
+ },
+ {
+ "builtInParams": {
+ "AWS::Region": "af-south-1",
+ "AWS::UseDualStack": true
+ },
+ "operationName": "DeleteAccessPoint",
"operationParams": {
+ "Name": "arn:aws:s3-outposts:af-south-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
"AccountId": "123456789012"
}
}
],
"params": {
+ "AccessPointName": "arn:aws:s3-outposts:af-south-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
"AccountId": "123456789012",
- "Region": "us-east-2",
+ "Region": "af-south-1",
"RequiresAccountId": true,
- "UseDualStack": false,
+ "UseDualStack": true,
"UseFIPS": false
}
},
{
- "documentation": "ListRegionalBucket + OutpostId with fips = outposts endpoint@us-east-2",
+ "documentation": "outpost access points support fips + dualstack@af-south-1",
"expect": {
"endpoint": {
+ "headers": {
+ "x-amz-account-id": [
+ "123456789012"
+ ],
+ "x-amz-outpost-id": [
+ "op-01234567890123456"
+ ]
+ },
"properties": {
"authSchemes": [
{
"name": "sigv4",
"signingName": "s3-outposts",
- "signingRegion": "us-east-2",
+ "signingRegion": "af-south-1",
"disableDoubleEncoding": true
}
]
},
- "url": "https://s3-outposts-fips.us-east-2.amazonaws.com"
+ "url": "https://s3-outposts-fips.af-south-1.api.aws"
}
},
"operationInputs": [
{
"builtInParams": {
- "AWS::Region": "us-east-2",
- "AWS::UseFIPS": true
+ "AWS::Region": "af-south-1",
+ "AWS::UseFIPS": true,
+ "AWS::UseDualStack": true
},
- "operationName": "ListRegionalBuckets",
+ "operationName": "GetAccessPoint",
"operationParams": {
- "AccountId": "123456789012",
- "OutpostId": "op-123"
+ "Name": "arn:aws:s3-outposts:af-south-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
+ "AccountId": "123456789012"
+ }
+ },
+ {
+ "builtInParams": {
+ "AWS::Region": "af-south-1",
+ "AWS::UseFIPS": true,
+ "AWS::UseDualStack": true
+ },
+ "operationName": "DeleteAccessPoint",
+ "operationParams": {
+ "Name": "arn:aws:s3-outposts:af-south-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
+ "AccountId": "123456789012"
}
}
],
"params": {
- "AccountId": "123456789012",
- "OutpostId": "op-123",
- "Region": "us-east-2",
- "RequiresAccountId": true,
- "UseDualStack": false,
- "UseFIPS": true
- }
- },
- {
- "documentation": "outpost access points do not support dualstack@us-west-2",
- "expect": {
- "error": "Invalid configuration: Outpost Access Points do not support dual-stack"
- },
- "params": {
- "AccessPointName": "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
- "AccountId": "123456789012",
- "Region": "us-west-2",
- "RequiresAccountId": true,
- "UseDualStack": true,
- "UseFIPS": false
- }
- },
- {
- "documentation": "outpost access points do not support dualstack@cn-north-1",
- "expect": {
- "error": "Invalid configuration: Outpost Access Points do not support dual-stack"
- },
- "params": {
- "AccessPointName": "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
- "AccountId": "123456789012",
- "Region": "cn-north-1",
- "RequiresAccountId": true,
- "UseDualStack": true,
- "UseFIPS": false
- }
- },
- {
- "documentation": "outpost access points do not support dualstack@af-south-1",
- "expect": {
- "error": "Invalid configuration: Outpost Access Points do not support dual-stack"
- },
- "params": {
- "AccessPointName": "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
+ "AccessPointName": "arn:aws:s3-outposts:af-south-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
"AccountId": "123456789012",
"Region": "af-south-1",
"RequiresAccountId": true,
"UseDualStack": true,
- "UseFIPS": false
+ "UseFIPS": true
}
},
{
@@ -3905,6 +4286,46 @@
"UseFIPS": true
}
},
+ {
+ "documentation": "ListRegionalBucket + OutpostId + fips + dualstack@us-east-2",
+ "expect": {
+ "endpoint": {
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "s3-outposts",
+ "signingRegion": "us-east-2",
+ "disableDoubleEncoding": true
+ }
+ ]
+ },
+ "url": "https://s3-outposts-fips.us-east-2.api.aws"
+ }
+ },
+ "operationInputs": [
+ {
+ "builtInParams": {
+ "AWS::Region": "us-east-2",
+ "AWS::UseFIPS": true,
+ "AWS::UseDualStack": true
+ },
+ "operationName": "ListRegionalBuckets",
+ "operationParams": {
+ "AccountId": "123456789012",
+ "OutpostId": "op-123"
+ }
+ }
+ ],
+ "params": {
+ "AccountId": "123456789012",
+ "OutpostId": "op-123",
+ "Region": "us-east-2",
+ "RequiresAccountId": true,
+ "UseDualStack": true,
+ "UseFIPS": true
+ }
+ },
{
"documentation": "CreateBucket + OutpostId endpoint url@us-east-2",
"expect": {
@@ -3949,32 +4370,17 @@
{
"documentation": "dualstack cannot be used with outposts when an endpoint URL is set@us-west-2.",
"expect": {
- "error": "Invalid configuration: Outpost Access Points do not support dual-stack"
+ "error": "Invalid Configuration: DualStack and custom endpoint are not supported"
},
"params": {
"AccessPointName": "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
- "Endpoint": "https://beta.example.com",
+ "Endpoint": "https://s3-outposts.us-west-2.api.aws",
"Region": "us-west-2",
"RequiresAccountId": true,
"UseDualStack": true,
"UseFIPS": false
}
},
- {
- "documentation": "Dual-stack cannot be used with outposts@us-west-2",
- "expect": {
- "error": "Invalid configuration: Outposts do not support dual-stack"
- },
- "params": {
- "Bucket": "bucketname",
- "Endpoint": "https://beta.example.com",
- "OutpostId": "op-123",
- "Region": "us-west-2",
- "RequiresAccountId": false,
- "UseDualStack": true,
- "UseFIPS": false
- }
- },
{
"documentation": "vanilla bucket arn requires account id@us-west-2",
"expect": {
@@ -4204,16 +4610,50 @@
}
},
{
- "documentation": "Outposts do not support dualstack@us-west-2",
+ "documentation": "bucket ARN in aws partition with fips + dualstack@us-east-2",
"expect": {
- "error": "Invalid configuration: Outpost buckets do not support dual-stack"
+ "endpoint": {
+ "headers": {
+ "x-amz-account-id": [
+ "123456789012"
+ ],
+ "x-amz-outpost-id": [
+ "op-01234567890123456"
+ ]
+ },
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "s3-outposts",
+ "signingRegion": "us-east-2",
+ "disableDoubleEncoding": true
+ }
+ ]
+ },
+ "url": "https://s3-outposts-fips.us-east-2.api.aws"
+ }
},
+ "operationInputs": [
+ {
+ "builtInParams": {
+ "AWS::Region": "us-east-2",
+ "AWS::UseFIPS": true,
+ "AWS::UseDualStack": true
+ },
+ "operationName": "GetBucket",
+ "operationParams": {
+ "Bucket": "arn:aws:s3-outposts:us-east-2:123456789012:outpost:op-01234567890123456:bucket:mybucket",
+ "AccountId": "123456789012"
+ }
+ }
+ ],
"params": {
- "Bucket": "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket",
- "Region": "us-west-2",
+ "Bucket": "arn:aws:s3-outposts:us-east-2:123456789012:outpost:op-01234567890123456:bucket:mybucket",
+ "Region": "us-east-2",
"RequiresAccountId": true,
"UseDualStack": true,
- "UseFIPS": false
+ "UseFIPS": true
}
},
{
@@ -4445,10 +4885,43 @@
}
},
{
- "documentation": "Outposts do not support dualstack@us-west-2",
+ "documentation": "Outposts support dualstack @us-west-2",
"expect": {
- "error": "Invalid configuration: Outpost buckets do not support dual-stack"
+ "endpoint": {
+ "headers": {
+ "x-amz-account-id": [
+ "123456789012"
+ ],
+ "x-amz-outpost-id": [
+ "op-01234567890123456"
+ ]
+ },
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "s3-outposts",
+ "signingRegion": "us-west-2",
+ "disableDoubleEncoding": true
+ }
+ ]
+ },
+ "url": "https://s3-outposts.us-west-2.api.aws"
+ }
},
+ "operationInputs": [
+ {
+ "builtInParams": {
+ "AWS::Region": "us-west-2",
+ "AWS::UseDualStack": true
+ },
+ "operationName": "GetBucket",
+ "operationParams": {
+ "Bucket": "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket",
+ "AccountId": "123456789012"
+ }
+ }
+ ],
"params": {
"Bucket": "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket",
"Region": "us-west-2",
@@ -4685,19 +5158,6 @@
"UseFIPS": true
}
},
- {
- "documentation": "Outposts do not support dualstack@us-west-2",
- "expect": {
- "error": "Invalid configuration: Outpost buckets do not support dual-stack"
- },
- "params": {
- "Bucket": "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket",
- "Region": "us-west-2",
- "RequiresAccountId": true,
- "UseDualStack": true,
- "UseFIPS": false
- }
- },
{
"documentation": "Invalid ARN: missing outpost id and bucket@us-west-2",
"expect": {
@@ -5479,16 +5939,16 @@
}
},
{
- "documentation": "get bucket with endpoint_url and dualstack is not supported@us-west-2",
+ "documentation": "get bucket with custom endpoint and dualstack is not supported@us-west-2",
"expect": {
- "error": "Invalid configuration: Outpost buckets do not support dual-stack"
+ "error": "Invalid Configuration: DualStack and custom endpoint are not supported"
},
"operationInputs": [
{
"builtInParams": {
"AWS::Region": "us-west-2",
"AWS::UseDualStack": true,
- "SDK::Endpoint": "https://beta.example.com"
+ "SDK::Endpoint": "https://s3-outposts.us-west-2.api.aws"
},
"operationName": "GetBucket",
"operationParams": {
@@ -5499,7 +5959,7 @@
],
"params": {
"Bucket": "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket",
- "Endpoint": "https://beta.example.com",
+ "Endpoint": "https://s3-outposts.us-west-2.api.aws",
"Region": "us-west-2",
"RequiresAccountId": true,
"UseDualStack": true,
diff --git a/codegen/sdk-codegen/aws-models/sagemaker.json b/codegen/sdk-codegen/aws-models/sagemaker.json
index e72c9064fbc..723e869077a 100644
--- a/codegen/sdk-codegen/aws-models/sagemaker.json
+++ b/codegen/sdk-codegen/aws-models/sagemaker.json
@@ -423,6 +423,12 @@
"traits": {
"smithy.api#enumValue": "S3Object"
}
+ },
+ "S3PREFIX": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "S3Prefix"
+ }
}
}
},
@@ -1554,18 +1560,6 @@
"smithy.api#enumValue": "TensorBoard"
}
},
- "VSCode": {
- "target": "smithy.api#Unit",
- "traits": {
- "smithy.api#enumValue": "VSCode"
- }
- },
- "Savitur": {
- "target": "smithy.api#Unit",
- "traits": {
- "smithy.api#enumValue": "Savitur"
- }
- },
"CodeEditor": {
"target": "smithy.api#Unit",
"traits": {
@@ -1584,12 +1578,6 @@
"smithy.api#enumValue": "RStudioServerPro"
}
},
- "RSession": {
- "target": "smithy.api#Unit",
- "traits": {
- "smithy.api#enumValue": "RSession"
- }
- },
"RSessionGateway": {
"target": "smithy.api#Unit",
"traits": {
@@ -1601,24 +1589,6 @@
"traits": {
"smithy.api#enumValue": "Canvas"
}
- },
- "DatasetManager": {
- "target": "smithy.api#Unit",
- "traits": {
- "smithy.api#enumValue": "DatasetManager"
- }
- },
- "SageMakerLite": {
- "target": "smithy.api#Unit",
- "traits": {
- "smithy.api#enumValue": "SageMakerLite"
- }
- },
- "Local": {
- "target": "smithy.api#Unit",
- "traits": {
- "smithy.api#enumValue": "Local"
- }
}
}
},
@@ -58229,18 +58199,6 @@
"smithy.api#enumValue": "KernelGateway"
}
},
- "VSCode": {
- "target": "smithy.api#Unit",
- "traits": {
- "smithy.api#enumValue": "VSCode"
- }
- },
- "Savitur": {
- "target": "smithy.api#Unit",
- "traits": {
- "smithy.api#enumValue": "Savitur"
- }
- },
"CodeEditor": {
"target": "smithy.api#Unit",
"traits": {
@@ -65615,6 +65573,12 @@
"type": "list",
"member": {
"target": "com.amazonaws.sagemaker#AccountId"
+ },
+ "traits": {
+ "smithy.api#length": {
+ "min": 0,
+ "max": 10
+ }
}
},
"com.amazonaws.sagemaker#VpcSecurityGroupIds": {
diff --git a/codegen/sdk-codegen/aws-models/secrets-manager.json b/codegen/sdk-codegen/aws-models/secrets-manager.json
index cb6dcc9c2d4..50ffc73459c 100644
--- a/codegen/sdk-codegen/aws-models/secrets-manager.json
+++ b/codegen/sdk-codegen/aws-models/secrets-manager.json
@@ -111,6 +111,54 @@
],
"traits": {
"smithy.api#documentation": "Retrieves the contents of the encrypted fields SecretString or SecretBinary for up to 20 secrets. To retrieve a single secret, call GetSecretValue.
\n To choose which secrets to retrieve, you can specify a list of secrets by name or ARN, or you can use filters. If Secrets Manager encounters errors such as AccessDeniedException while attempting to retrieve any of the secrets, you can see the errors in Errors in the response.
\n Secrets Manager generates CloudTrail GetSecretValue log entries for each secret you request when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.
\n \n Required permissions: \n secretsmanager:BatchGetSecretValue, and you must have secretsmanager:GetSecretValue for each secret. If you use filters, you must also have secretsmanager:ListSecrets. If the secrets are encrypted using customer-managed keys instead of the Amazon Web Services managed key \n aws/secretsmanager, then you also need kms:Decrypt permissions for the keys.\n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
",
+ "smithy.api#examples": [
+ {
+ "title": "To retrieve the secret values for a group of secrets listed by name",
+ "documentation": "The following example gets the values for three secrets.",
+ "input": {
+ "SecretIdList": [
+ "MySecret1",
+ "MySecret2",
+ "MySecret3"
+ ]
+ },
+ "output": {
+ "SecretValues": [
+ {
+ "ARN": "®ion-arn;&asm-service-name;:us-west-2:&ExampleAccountId;:secret:MySecret1-a1b2c3",
+ "CreatedDate": 1.700591229801E9,
+ "Name": "MySecret1",
+ "SecretString": "{\"username\":\"diego_ramirez\",\"password\":\"EXAMPLE-PASSWORD\",\"engine\":\"mysql\",\"host\":\"secretsmanagertutorial.cluster.us-west-2.rds.amazonaws.com\",\"port\":3306,\"dbClusterIdentifier\":\"secretsmanagertutorial\"}",
+ "VersionId": "a1b2c3d4-5678-90ab-cdef-EXAMPLEaaaaa",
+ "VersionStages": [
+ "AWSCURRENT"
+ ]
+ },
+ {
+ "ARN": "®ion-arn;&asm-service-name;:us-west-2:&ExampleAccountId;:secret:MySecret2-a1b2c3",
+ "CreatedDate": 1.699911394105E9,
+ "Name": "MySecret2",
+ "SecretString": "{\"username\":\"akua_mansa\",\"password\":\"EXAMPLE-PASSWORD\"",
+ "VersionId": "a1b2c3d4-5678-90ab-cdef-EXAMPLEbbbbb",
+ "VersionStages": [
+ "AWSCURRENT"
+ ]
+ },
+ {
+ "ARN": "®ion-arn;&asm-service-name;:us-west-2:&ExampleAccountId;:secret:MySecret3-a1b2c3",
+ "CreatedDate": 1.699911394105E9,
+ "Name": "MySecret3",
+ "SecretString": "{\"username\":\"jie_liu\",\"password\":\"EXAMPLE-PASSWORD\"",
+ "VersionId": "a1b2c3d4-5678-90ab-cdef-EXAMPLEccccc",
+ "VersionStages": [
+ "AWSCURRENT"
+ ]
+ }
+ ],
+ "Errors": []
+ }
+ }
+ ],
"smithy.api#paginated": {
"inputToken": "NextToken",
"outputToken": "NextToken",
@@ -692,7 +740,7 @@
"LastRotatedDate": {
"target": "com.amazonaws.secretsmanager#LastRotatedDateType",
"traits": {
- "smithy.api#documentation": "The last date and time that Secrets Manager rotated the secret. \n If the secret isn't configured for rotation, Secrets Manager returns null.
"
+ "smithy.api#documentation": "The last date and time that Secrets Manager rotated the secret. \n If the secret isn't configured for rotation or rotation has been disabled, Secrets Manager returns null.
"
}
},
"LastChangedDate": {
@@ -716,7 +764,7 @@
"NextRotationDate": {
"target": "com.amazonaws.secretsmanager#NextRotationDateType",
"traits": {
- "smithy.api#documentation": "The next rotation is scheduled to occur on or before this date. If the secret isn't configured for rotation, Secrets Manager returns null.
"
+ "smithy.api#documentation": "The next rotation is scheduled to occur on or before this date. If the secret isn't configured for rotation or rotation has been disabled, Secrets Manager returns null.
"
}
},
"Tags": {
@@ -951,7 +999,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Generates a random password. We recommend that you specify the\n maximum length and include every character type that the system you are generating a password\n for can support.
\n Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.
\n \n Required permissions: \n secretsmanager:GetRandomPassword. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
",
+ "smithy.api#documentation": "Generates a random password. We recommend that you specify the\n maximum length and include every character type that the system you are generating a password\n for can support. By default, Secrets Manager uses uppercase and lowercase letters, numbers, and the following characters in passwords: !\\\"#$%&'()*+,-./:;<=>?@[\\\\]^_`{|}~\n
\n Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.
\n \n Required permissions: \n secretsmanager:GetRandomPassword. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
",
"smithy.api#examples": [
{
"title": "To generate a random password",
@@ -1224,7 +1272,7 @@
"SecretBinary": {
"target": "com.amazonaws.secretsmanager#SecretBinaryType",
"traits": {
- "smithy.api#documentation": "The decrypted secret value, if the secret value was originally provided as\n binary data in the form of a byte array. The response parameter represents the binary data as\n a base64-encoded\n string.
\n If the secret was created by using the Secrets Manager console, or if the secret value was \n originally provided as a string, then this field is omitted. The secret value appears in \n SecretString instead.
"
+ "smithy.api#documentation": "The decrypted secret value, if the secret value was originally provided as\n binary data in the form of a byte array. When you retrieve a SecretBinary using the HTTP API, the Python SDK, or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not encoded.
\n If the secret was created by using the Secrets Manager console, or if the secret value was \n originally provided as a string, then this field is omitted. The secret value appears in \n SecretString instead.
"
}
},
"SecretString": {
@@ -2067,7 +2115,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Replicates the secret to a new Regions. See Multi-Region secrets.
\n Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.
\n \n Required permissions: \n secretsmanager:ReplicateSecretToRegions. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
",
+ "smithy.api#documentation": "Replicates the secret to a new Regions. See Multi-Region secrets.
\n Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.
\n \n Required permissions: \n secretsmanager:ReplicateSecretToRegions. \n If the primary secret is encrypted with a KMS key other than aws/secretsmanager, you also need kms:Decrypt permission to the key. To encrypt the replicated secret with a KMS key other than aws/secretsmanager, you need kms:GenerateDataKey and kms:Encrypt to the key. For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
",
"smithy.api#examples": [
{
"title": "Example",
@@ -2580,7 +2628,7 @@
"NextRotationDate": {
"target": "com.amazonaws.secretsmanager#NextRotationDateType",
"traits": {
- "smithy.api#documentation": "The next rotation is scheduled to occur on or before this date. If the secret isn't configured for rotation, Secrets Manager returns null.
"
+ "smithy.api#documentation": "The next rotation is scheduled to occur on or before this date. If the secret isn't configured for rotation or rotation has been disabled, Secrets Manager returns null.
"
}
},
"Tags": {
diff --git a/codegen/sdk-codegen/aws-models/securityhub.json b/codegen/sdk-codegen/aws-models/securityhub.json
index ae508f40928..51bc9e5db5b 100644
--- a/codegen/sdk-codegen/aws-models/securityhub.json
+++ b/codegen/sdk-codegen/aws-models/securityhub.json
@@ -13686,7 +13686,7 @@
"CompatibleRuntimes": {
"target": "com.amazonaws.securityhub#NonEmptyStringList",
"traits": {
- "smithy.api#documentation": "The layer's compatible runtimes. Maximum number of five items.
\n Valid values: nodejs10.x | nodejs12.x | java8 |\n java11 | python2.7 | python3.6 |\n python3.7 | python3.8 | dotnetcore1.0 |\n dotnetcore2.1 | go1.x | ruby2.5 |\n provided\n
"
+ "smithy.api#documentation": "The layer's compatible function runtimes.
\n The following list includes deprecated runtimes. For more information, see Runtime deprecation policy in the Lambda Developer Guide.
\n Array Members: Maximum number of 5 items.
\n Valid Values: nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | nodejs16.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | dotnet6 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2 | nodejs18.x | python3.10 | java17 | ruby3.2 | python3.11 | nodejs20.x | provided.al2023 | python3.12 | java21\n
"
}
},
"CreatedDate": {
@@ -32032,7 +32032,7 @@
"name": "securityhub"
},
"aws.protocols#restJson1": {},
- "smithy.api#documentation": "Security Hub provides you with a comprehensive view of the security state of\n your Amazon Web Services environment and resources. It also provides you with the readiness\n status of your environment based on controls from supported security standards. Security Hub collects security data from Amazon Web Services accounts, services, and\n integrated third-party products and helps you analyze security trends in your environment\n to identify the highest priority security issues. For more information about Security Hub, see the \n Security Hub User \nGuide\n .
\n When you use operations in the Security Hub API, the requests are executed only in\n the Amazon Web Services Region that is currently active or in the specific Amazon Web Services Region that you specify in your request. Any configuration or settings change\n that results from the operation is applied only to that Region. To make the same change in\n other Regions, run the same command for each Region in which you want to apply the change.
\n For example, if your Region is set to us-west-2, when you use CreateMembers to add a member account to Security Hub, the association of\n the member account with the administrator account is created only in the us-west-2\n Region. Security Hub must be enabled for the member account in the same Region that the invitation\n was sent from.
\n The following throttling limits apply to using Security Hub API operations.
\n \n - \n
\n BatchEnableStandards - RateLimit of 1 request per\n second. BurstLimit of 1 request per second.
\n \n - \n
\n GetFindings - RateLimit of 3 requests per second.\n BurstLimit of 6 requests per second.
\n \n - \n
\n BatchImportFindings - RateLimit of 10 requests per second.\n BurstLimit of 30 requests per second.
\n \n - \n
\n BatchUpdateFindings - RateLimit of 10 requests per second.\n BurstLimit of 30 requests per second.
\n \n - \n
\n UpdateStandardsControl - RateLimit of 1 request per\n second. BurstLimit of 5 requests per second.
\n \n - \n
All other operations - RateLimit of 10 requests per second.\n BurstLimit of 30 requests per second.
\n \n
",
+ "smithy.api#documentation": "Security Hub provides you with a comprehensive view of your security state in Amazon Web Services and helps \n you assess your Amazon Web Services environment against security industry standards and best practices.
\n Security Hub collects security data across Amazon Web Services accounts, Amazon Web Services, and \n supported third-party products and helps you analyze your security trends and identify the highest priority security \n issues.
\n To help you manage the security state of your organization, Security Hub supports multiple security standards. \n These include the Amazon Web Services Foundational Security Best Practices (FSBP) standard developed by Amazon Web Services, \n and external compliance frameworks such as the Center for Internet Security (CIS), the Payment Card Industry Data \n Security Standard (PCI DSS), and the National Institute of Standards and Technology (NIST). Each standard includes \n several security controls, each of which represents a security best practice. Security Hub runs checks against \n security controls and generates control findings to help you assess your compliance against security best practices.
\n In addition to generating control findings, Security Hub also receives findings from other Amazon Web Services, \n such as Amazon GuardDuty and Amazon Inspector, and \n supported third-party products. This gives you a single pane of glass into a variety of security-related issues. You \n can also send Security Hub findings to other Amazon Web Services and supported third-party products.
\n Security Hub offers automation features that help you triage and remediate security issues. For example, \n you can use automation rules to automatically update critical findings when a security check fails. You can also leverage the integration with \n Amazon EventBridge to trigger automatic responses to specific findings.
\n This guide, the Security Hub API Reference, provides\n information about the Security Hub API. This includes supported resources, HTTP methods, parameters,\n and schemas. If you're new to Security Hub, you might find it helpful to also review the \n Security Hub User Guide\n . The\n user guide explains key concepts and provides procedures\n that demonstrate how to use Security Hub features. It also provides information about topics such as\n integrating Security Hub with other Amazon Web Services.
\n In addition to interacting with Security Hub by making calls to the Security Hub API, you can\n use a current version of an Amazon Web Services command line tool or SDK. Amazon Web Services provides tools \n and SDKs that consist of libraries and sample code for various languages and platforms, such as PowerShell,\n Java, Go, Python, C++, and .NET. These tools and SDKs provide convenient, programmatic access to\n Security Hub and other Amazon Web Services . They also handle tasks such as signing requests, \n managing errors, and retrying requests automatically. For information about installing and using the Amazon Web Services tools\n and SDKs, see Tools to Build on Amazon Web Services.
\n With the exception of operations that are related to central configuration, Security Hub API requests are executed only in\n the Amazon Web Services Region that is currently active or in the specific Amazon Web Services Region that you specify in your request. Any configuration or settings change\n that results from the operation is applied only to that Region. To make the same change in\n other Regions, call the same API operation in each Region in which you want to apply the change. When you use central configuration, \nAPI requests for enabling Security Hub, standards, and controls are executed in the home Region and all linked Regions. For a list of \ncentral configuration operations, see the Central configuration \nterms and concepts section of the Security Hub User Guide.
\n The following throttling limits apply to Security Hub API operations.
\n \n - \n
\n BatchEnableStandards - RateLimit of 1 request per\n second. BurstLimit of 1 request per second.
\n \n - \n
\n GetFindings - RateLimit of 3 requests per second.\n BurstLimit of 6 requests per second.
\n \n - \n
\n BatchImportFindings - RateLimit of 10 requests per second.\n BurstLimit of 30 requests per second.
\n \n - \n
\n BatchUpdateFindings - RateLimit of 10 requests per second.\n BurstLimit of 30 requests per second.
\n \n - \n
\n UpdateStandardsControl - RateLimit of 1 request per\n second. BurstLimit of 5 requests per second.
\n \n - \n
All other operations - RateLimit of 10 requests per second.\n BurstLimit of 30 requests per second.
\n \n
",
"smithy.api#title": "AWS SecurityHub",
"smithy.rules#endpointRuleSet": {
"version": "1.0",
diff --git a/codegen/sdk-codegen/aws-models/supplychain.json b/codegen/sdk-codegen/aws-models/supplychain.json
new file mode 100644
index 00000000000..f79e717f53a
--- /dev/null
+++ b/codegen/sdk-codegen/aws-models/supplychain.json
@@ -0,0 +1,1177 @@
+{
+ "smithy": "2.0",
+ "shapes": {
+ "com.amazonaws.supplychain#AccessDeniedException": {
+ "type": "structure",
+ "members": {
+ "message": {
+ "target": "smithy.api#String"
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "You do not have the required privileges to perform this action.
",
+ "smithy.api#error": "client",
+ "smithy.api#httpError": 403
+ }
+ },
+ "com.amazonaws.supplychain#BillOfMaterialsImportJob": {
+ "type": "structure",
+ "members": {
+ "instanceId": {
+ "target": "com.amazonaws.supplychain#UUID",
+ "traits": {
+ "smithy.api#documentation": "The BillOfMaterialsImportJob instanceId.
",
+ "smithy.api#required": {},
+ "smithy.api#resourceIdentifier": "instanceId"
+ }
+ },
+ "jobId": {
+ "target": "com.amazonaws.supplychain#UUID",
+ "traits": {
+ "smithy.api#documentation": "The BillOfMaterialsImportJob jobId.
",
+ "smithy.api#required": {},
+ "smithy.api#resourceIdentifier": "jobId"
+ }
+ },
+ "status": {
+ "target": "com.amazonaws.supplychain#ConfigurationJobStatus",
+ "traits": {
+ "smithy.api#documentation": "The BillOfMaterialsImportJob ConfigurationJobStatus.
",
+ "smithy.api#required": {}
+ }
+ },
+ "s3uri": {
+ "target": "com.amazonaws.supplychain#ConfigurationS3Uri",
+ "traits": {
+ "smithy.api#documentation": "The S3 URI from which the CSV is read.
",
+ "smithy.api#required": {}
+ }
+ },
+ "message": {
+ "target": "smithy.api#String",
+ "traits": {
+ "smithy.api#documentation": "When the BillOfMaterialsImportJob has reached a terminal state, there will be a message.
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "The BillOfMaterialsImportJob details.
"
+ }
+ },
+ "com.amazonaws.supplychain#BillOfMaterialsImportJobResource": {
+ "type": "resource",
+ "identifiers": {
+ "instanceId": {
+ "target": "com.amazonaws.supplychain#UUID"
+ },
+ "jobId": {
+ "target": "com.amazonaws.supplychain#UUID"
+ }
+ },
+ "properties": {
+ "status": {
+ "target": "com.amazonaws.supplychain#ConfigurationJobStatus"
+ },
+ "s3uri": {
+ "target": "com.amazonaws.supplychain#ConfigurationS3Uri"
+ },
+ "message": {
+ "target": "smithy.api#String"
+ }
+ },
+ "create": {
+ "target": "com.amazonaws.supplychain#CreateBillOfMaterialsImportJob"
+ },
+ "read": {
+ "target": "com.amazonaws.supplychain#GetBillOfMaterialsImportJob"
+ },
+ "traits": {
+ "aws.api#arn": {
+ "template": "instance/{instanceId}/bill-of-materials-import-job/{jobId}"
+ }
+ }
+ },
+ "com.amazonaws.supplychain#ClientToken": {
+ "type": "string",
+ "traits": {
+ "smithy.api#documentation": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.
",
+ "smithy.api#length": {
+ "min": 33,
+ "max": 126
+ }
+ }
+ },
+ "com.amazonaws.supplychain#ConfigurationJobStatus": {
+ "type": "enum",
+ "members": {
+ "NEW": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "NEW"
+ }
+ },
+ "FAILED": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "FAILED"
+ }
+ },
+ "IN_PROGRESS": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "IN_PROGRESS"
+ }
+ },
+ "QUEUED": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "QUEUED"
+ }
+ },
+ "SUCCESS": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "SUCCESS"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "The status of the job.
"
+ }
+ },
+ "com.amazonaws.supplychain#ConfigurationS3Uri": {
+ "type": "string",
+ "traits": {
+ "smithy.api#length": {
+ "min": 10
+ },
+ "smithy.api#pattern": "^[sS]3://[a-z0-9][a-z0-9.-]{1,61}[a-z0-9]/.+$"
+ }
+ },
+ "com.amazonaws.supplychain#ConflictException": {
+ "type": "structure",
+ "members": {
+ "message": {
+ "target": "smithy.api#String"
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "Updating or deleting a resource can cause an inconsistent state.
",
+ "smithy.api#error": "client",
+ "smithy.api#httpError": 409
+ }
+ },
+ "com.amazonaws.supplychain#CreateBillOfMaterialsImportJob": {
+ "type": "operation",
+ "input": {
+ "target": "com.amazonaws.supplychain#CreateBillOfMaterialsImportJobRequest"
+ },
+ "output": {
+ "target": "com.amazonaws.supplychain#CreateBillOfMaterialsImportJobResponse"
+ },
+ "errors": [
+ {
+ "target": "com.amazonaws.supplychain#AccessDeniedException"
+ },
+ {
+ "target": "com.amazonaws.supplychain#ConflictException"
+ },
+ {
+ "target": "com.amazonaws.supplychain#InternalServerException"
+ },
+ {
+ "target": "com.amazonaws.supplychain#ServiceQuotaExceededException"
+ },
+ {
+ "target": "com.amazonaws.supplychain#ThrottlingException"
+ },
+ {
+ "target": "com.amazonaws.supplychain#ValidationException"
+ }
+ ],
+ "traits": {
+ "smithy.api#documentation": "CreateBillOfMaterialsImportJob creates an import job for the Product Bill Of Materials (BOM) entity. For information on the product_bom entity, see the AWS Supply Chain User Guide.
\n The CSV file must be located in an Amazon S3 location accessible to AWS Supply Chain. It is recommended to use the same Amazon S3 bucket created during your AWS Supply Chain instance creation.
",
+ "smithy.api#examples": [
+ {
+ "title": "Invoke CreateBillOfMaterialsImportJob",
+ "input": {
+ "instanceId": "60f82bbd-71f7-4fcd-a941-472f574c5243",
+ "s3uri": "s3://mybucketname/pathelemene/file.csv",
+ "clientToken": "550e8400-e29b-41d4-a716-446655440000"
+ },
+ "output": {
+ "jobId": "f79b359b-1515-4436-a3bf-bae7b33e47b4"
+ }
+ }
+ ],
+ "smithy.api#http": {
+ "code": 200,
+ "method": "POST",
+ "uri": "/api/configuration/instances/{instanceId}/bill-of-materials-import-jobs"
+ },
+ "smithy.api#idempotent": {}
+ }
+ },
+ "com.amazonaws.supplychain#CreateBillOfMaterialsImportJobRequest": {
+ "type": "structure",
+ "members": {
+ "instanceId": {
+ "target": "com.amazonaws.supplychain#UUID",
+ "traits": {
+ "smithy.api#documentation": "The AWS Supply Chain instance identifier.
",
+ "smithy.api#httpLabel": {},
+ "smithy.api#required": {}
+ }
+ },
+ "s3uri": {
+ "target": "com.amazonaws.supplychain#ConfigurationS3Uri",
+ "traits": {
+ "smithy.api#documentation": "The S3 URI of the CSV file to be imported. The bucket must grant permissions for AWS Supply Chain to read the file.
",
+ "smithy.api#required": {}
+ }
+ },
+ "clientToken": {
+ "target": "com.amazonaws.supplychain#ClientToken",
+ "traits": {
+ "smithy.api#documentation": "An idempotency token.
",
+ "smithy.api#idempotencyToken": {}
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "The request parameters for CreateBillOfMaterialsImportJob.
",
+ "smithy.api#input": {}
+ }
+ },
+ "com.amazonaws.supplychain#CreateBillOfMaterialsImportJobResponse": {
+ "type": "structure",
+ "members": {
+ "jobId": {
+ "target": "com.amazonaws.supplychain#UUID",
+ "traits": {
+ "smithy.api#documentation": "The new BillOfMaterialsImportJob identifier.
",
+ "smithy.api#required": {}
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "The response parameters of CreateBillOfMaterialsImportJob.
",
+ "smithy.api#output": {}
+ }
+ },
+ "com.amazonaws.supplychain#GalaxyPublicAPIGateway": {
+ "type": "service",
+ "version": "2024-01-01",
+ "resources": [
+ {
+ "target": "com.amazonaws.supplychain#BillOfMaterialsImportJobResource"
+ }
+ ],
+ "errors": [
+ {
+ "target": "com.amazonaws.supplychain#AccessDeniedException"
+ },
+ {
+ "target": "com.amazonaws.supplychain#ConflictException"
+ },
+ {
+ "target": "com.amazonaws.supplychain#InternalServerException"
+ },
+ {
+ "target": "com.amazonaws.supplychain#ResourceNotFoundException"
+ },
+ {
+ "target": "com.amazonaws.supplychain#ServiceQuotaExceededException"
+ },
+ {
+ "target": "com.amazonaws.supplychain#ThrottlingException"
+ },
+ {
+ "target": "com.amazonaws.supplychain#ValidationException"
+ }
+ ],
+ "traits": {
+ "aws.api#service": {
+ "sdkId": "SupplyChain",
+ "arnNamespace": "scn",
+ "endpointPrefix": "scn"
+ },
+ "aws.auth#sigv4": {
+ "name": "scn"
+ },
+ "aws.protocols#restJson1": {},
+ "smithy.api#cors": {
+ "additionalAllowedHeaders": [
+ "*",
+ "content-type",
+ "x-amz-content-sha256",
+ "x-amz-user-agent",
+ "x-amzn-platform-id",
+ "x-amzn-trace-id"
+ ],
+ "additionalExposedHeaders": [
+ "x-amzn-errortype",
+ "x-amzn-requestid",
+ "x-amzn-trace-id"
+ ],
+ "maxAge": 86400
+ },
+ "smithy.api#documentation": "\n AWS Supply Chain is a cloud-based application that works with your enterprise resource planning (ERP) and supply chain management systems. Using AWS Supply Chain, you can connect and extract your inventory, supply, and demand related data from existing ERP or supply chain systems into a single data model.\n
\n The AWS Supply Chain API supports configuration data import for Supply Planning.
\n \n All AWS Supply chain API operations are Amazon-authenticated and certificate-signed. They not only require the use of the AWS SDK, but also allow for the exclusive use of AWS Identity and Access Management users and roles to help facilitate access, trust, and permission policies.\n
",
+ "smithy.api#title": "AWS Supply Chain",
+ "smithy.rules#endpointRuleSet": {
+ "version": "1.0",
+ "parameters": {
+ "Region": {
+ "builtIn": "AWS::Region",
+ "required": false,
+ "documentation": "The AWS region used to dispatch the request.",
+ "type": "String"
+ },
+ "UseDualStack": {
+ "builtIn": "AWS::UseDualStack",
+ "required": true,
+ "default": false,
+ "documentation": "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.",
+ "type": "Boolean"
+ },
+ "UseFIPS": {
+ "builtIn": "AWS::UseFIPS",
+ "required": true,
+ "default": false,
+ "documentation": "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.",
+ "type": "Boolean"
+ },
+ "Endpoint": {
+ "builtIn": "SDK::Endpoint",
+ "required": false,
+ "documentation": "Override the endpoint used to send this request",
+ "type": "String"
+ }
+ },
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "isSet",
+ "argv": [
+ {
+ "ref": "Endpoint"
+ }
+ ]
+ }
+ ],
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ }
+ ],
+ "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "type": "error"
+ },
+ {
+ "conditions": [],
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
+ "type": "error"
+ },
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": {
+ "ref": "Endpoint"
+ },
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ],
+ "type": "tree"
+ }
+ ],
+ "type": "tree"
+ },
+ {
+ "conditions": [],
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "isSet",
+ "argv": [
+ {
+ "ref": "Region"
+ }
+ ]
+ }
+ ],
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "aws.partition",
+ "argv": [
+ {
+ "ref": "Region"
+ }
+ ],
+ "assign": "PartitionResult"
+ }
+ ],
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "rules": [
+ {
+ "conditions": [],
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://scn-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ],
+ "type": "tree"
+ }
+ ],
+ "type": "tree"
+ },
+ {
+ "conditions": [],
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
+ }
+ ],
+ "type": "tree"
+ },
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ }
+ ],
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ },
+ true
+ ]
+ }
+ ],
+ "rules": [
+ {
+ "conditions": [],
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://scn-fips.{Region}.{PartitionResult#dnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ],
+ "type": "tree"
+ }
+ ],
+ "type": "tree"
+ },
+ {
+ "conditions": [],
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
+ }
+ ],
+ "type": "tree"
+ },
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "rules": [
+ {
+ "conditions": [],
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://scn.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ],
+ "type": "tree"
+ }
+ ],
+ "type": "tree"
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
+ }
+ ],
+ "type": "tree"
+ },
+ {
+ "conditions": [],
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://scn.{Region}.{PartitionResult#dnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ],
+ "type": "tree"
+ }
+ ],
+ "type": "tree"
+ }
+ ],
+ "type": "tree"
+ },
+ {
+ "conditions": [],
+ "error": "Invalid Configuration: Missing Region",
+ "type": "error"
+ }
+ ],
+ "type": "tree"
+ }
+ ]
+ },
+ "smithy.rules#endpointTests": {
+ "testCases": [
+ {
+ "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://scn-fips.us-east-1.api.aws"
+ }
+ },
+ "params": {
+ "Region": "us-east-1",
+ "UseFIPS": true,
+ "UseDualStack": true
+ }
+ },
+ {
+ "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://scn-fips.us-east-1.amazonaws.com"
+ }
+ },
+ "params": {
+ "Region": "us-east-1",
+ "UseFIPS": true,
+ "UseDualStack": false
+ }
+ },
+ {
+ "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://scn.us-east-1.api.aws"
+ }
+ },
+ "params": {
+ "Region": "us-east-1",
+ "UseFIPS": false,
+ "UseDualStack": true
+ }
+ },
+ {
+ "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://scn.us-east-1.amazonaws.com"
+ }
+ },
+ "params": {
+ "Region": "us-east-1",
+ "UseFIPS": false,
+ "UseDualStack": false
+ }
+ },
+ {
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://scn-fips.cn-north-1.api.amazonwebservices.com.cn"
+ }
+ },
+ "params": {
+ "Region": "cn-north-1",
+ "UseFIPS": true,
+ "UseDualStack": true
+ }
+ },
+ {
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://scn-fips.cn-north-1.amazonaws.com.cn"
+ }
+ },
+ "params": {
+ "Region": "cn-north-1",
+ "UseFIPS": true,
+ "UseDualStack": false
+ }
+ },
+ {
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://scn.cn-north-1.api.amazonwebservices.com.cn"
+ }
+ },
+ "params": {
+ "Region": "cn-north-1",
+ "UseFIPS": false,
+ "UseDualStack": true
+ }
+ },
+ {
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://scn.cn-north-1.amazonaws.com.cn"
+ }
+ },
+ "params": {
+ "Region": "cn-north-1",
+ "UseFIPS": false,
+ "UseDualStack": false
+ }
+ },
+ {
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://scn-fips.us-gov-east-1.api.aws"
+ }
+ },
+ "params": {
+ "Region": "us-gov-east-1",
+ "UseFIPS": true,
+ "UseDualStack": true
+ }
+ },
+ {
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://scn-fips.us-gov-east-1.amazonaws.com"
+ }
+ },
+ "params": {
+ "Region": "us-gov-east-1",
+ "UseFIPS": true,
+ "UseDualStack": false
+ }
+ },
+ {
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://scn.us-gov-east-1.api.aws"
+ }
+ },
+ "params": {
+ "Region": "us-gov-east-1",
+ "UseFIPS": false,
+ "UseDualStack": true
+ }
+ },
+ {
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://scn.us-gov-east-1.amazonaws.com"
+ }
+ },
+ "params": {
+ "Region": "us-gov-east-1",
+ "UseFIPS": false,
+ "UseDualStack": false
+ }
+ },
+ {
+ "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled",
+ "expect": {
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both"
+ },
+ "params": {
+ "Region": "us-iso-east-1",
+ "UseFIPS": true,
+ "UseDualStack": true
+ }
+ },
+ {
+ "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://scn-fips.us-iso-east-1.c2s.ic.gov"
+ }
+ },
+ "params": {
+ "Region": "us-iso-east-1",
+ "UseFIPS": true,
+ "UseDualStack": false
+ }
+ },
+ {
+ "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled",
+ "expect": {
+ "error": "DualStack is enabled but this partition does not support DualStack"
+ },
+ "params": {
+ "Region": "us-iso-east-1",
+ "UseFIPS": false,
+ "UseDualStack": true
+ }
+ },
+ {
+ "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://scn.us-iso-east-1.c2s.ic.gov"
+ }
+ },
+ "params": {
+ "Region": "us-iso-east-1",
+ "UseFIPS": false,
+ "UseDualStack": false
+ }
+ },
+ {
+ "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack enabled",
+ "expect": {
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both"
+ },
+ "params": {
+ "Region": "us-isob-east-1",
+ "UseFIPS": true,
+ "UseDualStack": true
+ }
+ },
+ {
+ "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://scn-fips.us-isob-east-1.sc2s.sgov.gov"
+ }
+ },
+ "params": {
+ "Region": "us-isob-east-1",
+ "UseFIPS": true,
+ "UseDualStack": false
+ }
+ },
+ {
+ "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack enabled",
+ "expect": {
+ "error": "DualStack is enabled but this partition does not support DualStack"
+ },
+ "params": {
+ "Region": "us-isob-east-1",
+ "UseFIPS": false,
+ "UseDualStack": true
+ }
+ },
+ {
+ "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://scn.us-isob-east-1.sc2s.sgov.gov"
+ }
+ },
+ "params": {
+ "Region": "us-isob-east-1",
+ "UseFIPS": false,
+ "UseDualStack": false
+ }
+ },
+ {
+ "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://example.com"
+ }
+ },
+ "params": {
+ "Region": "us-east-1",
+ "UseFIPS": false,
+ "UseDualStack": false,
+ "Endpoint": "https://example.com"
+ }
+ },
+ {
+ "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://example.com"
+ }
+ },
+ "params": {
+ "UseFIPS": false,
+ "UseDualStack": false,
+ "Endpoint": "https://example.com"
+ }
+ },
+ {
+ "documentation": "For custom endpoint with fips enabled and dualstack disabled",
+ "expect": {
+ "error": "Invalid Configuration: FIPS and custom endpoint are not supported"
+ },
+ "params": {
+ "Region": "us-east-1",
+ "UseFIPS": true,
+ "UseDualStack": false,
+ "Endpoint": "https://example.com"
+ }
+ },
+ {
+ "documentation": "For custom endpoint with fips disabled and dualstack enabled",
+ "expect": {
+ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported"
+ },
+ "params": {
+ "Region": "us-east-1",
+ "UseFIPS": false,
+ "UseDualStack": true,
+ "Endpoint": "https://example.com"
+ }
+ },
+ {
+ "documentation": "Missing region",
+ "expect": {
+ "error": "Invalid Configuration: Missing Region"
+ }
+ }
+ ],
+ "version": "1.0"
+ }
+ }
+ },
+ "com.amazonaws.supplychain#GetBillOfMaterialsImportJob": {
+ "type": "operation",
+ "input": {
+ "target": "com.amazonaws.supplychain#GetBillOfMaterialsImportJobRequest"
+ },
+ "output": {
+ "target": "com.amazonaws.supplychain#GetBillOfMaterialsImportJobResponse"
+ },
+ "errors": [
+ {
+ "target": "com.amazonaws.supplychain#AccessDeniedException"
+ },
+ {
+ "target": "com.amazonaws.supplychain#InternalServerException"
+ },
+ {
+ "target": "com.amazonaws.supplychain#ResourceNotFoundException"
+ },
+ {
+ "target": "com.amazonaws.supplychain#ThrottlingException"
+ },
+ {
+ "target": "com.amazonaws.supplychain#ValidationException"
+ }
+ ],
+ "traits": {
+ "smithy.api#documentation": "Get status and details of a BillOfMaterialsImportJob.
",
+ "smithy.api#examples": [
+ {
+ "title": "Invoke GetBillOfMaterialsImportJob for a successful job",
+ "input": {
+ "instanceId": "60f82bbd-71f7-4fcd-a941-472f574c5243",
+ "jobId": "f79b359b-1515-4436-a3bf-bae7b33e47b4"
+ },
+ "output": {
+ "job": {
+ "instanceId": "60f82bbd-71f7-4fcd-a941-472f574c5243",
+ "jobId": "f79b359b-1515-4436-a3bf-bae7b33e47b4",
+ "status": "SUCCESS",
+ "s3uri": "s3://mybucketname/pathelemene/file.csv",
+ "message": "Import job completed successfully."
+ }
+ }
+ },
+ {
+ "title": "Invoke GetBillOfMaterialsImportJob for an in-progress job",
+ "input": {
+ "instanceId": "60f82bbd-71f7-4fcd-a941-472f574c5243",
+ "jobId": "f79b359b-1515-4436-a3bf-bae7b33e47b4"
+ },
+ "output": {
+ "job": {
+ "instanceId": "60f82bbd-71f7-4fcd-a941-472f574c5243",
+ "jobId": "f79b359b-1515-4436-a3bf-bae7b33e47b4",
+ "status": "IN_PROGRESS",
+ "s3uri": "s3://mybucketname/pathelemene/file.csv"
+ }
+ }
+ }
+ ],
+ "smithy.api#http": {
+ "code": 200,
+ "method": "GET",
+ "uri": "/api/configuration/instances/{instanceId}/bill-of-materials-import-jobs/{jobId}"
+ },
+ "smithy.api#readonly": {}
+ }
+ },
+ "com.amazonaws.supplychain#GetBillOfMaterialsImportJobRequest": {
+ "type": "structure",
+ "members": {
+ "instanceId": {
+ "target": "com.amazonaws.supplychain#UUID",
+ "traits": {
+ "smithy.api#documentation": "The AWS Supply Chain instance identifier.
",
+ "smithy.api#httpLabel": {},
+ "smithy.api#required": {}
+ }
+ },
+ "jobId": {
+ "target": "com.amazonaws.supplychain#UUID",
+ "traits": {
+ "smithy.api#documentation": "The BillOfMaterialsImportJob identifier.
",
+ "smithy.api#httpLabel": {},
+ "smithy.api#required": {}
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "The request parameters for GetBillOfMaterialsImportJob.
",
+ "smithy.api#input": {}
+ }
+ },
+ "com.amazonaws.supplychain#GetBillOfMaterialsImportJobResponse": {
+ "type": "structure",
+ "members": {
+ "job": {
+ "target": "com.amazonaws.supplychain#BillOfMaterialsImportJob",
+ "traits": {
+ "smithy.api#documentation": "The BillOfMaterialsImportJob.
",
+ "smithy.api#nestedProperties": {},
+ "smithy.api#required": {}
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "The response parameters for GetBillOfMaterialsImportJob.
",
+ "smithy.api#output": {}
+ }
+ },
+ "com.amazonaws.supplychain#InternalServerException": {
+ "type": "structure",
+ "members": {
+ "message": {
+ "target": "smithy.api#String"
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "Unexpected error during processing of request.
",
+ "smithy.api#error": "server",
+ "smithy.api#httpError": 500,
+ "smithy.api#retryable": {}
+ }
+ },
+ "com.amazonaws.supplychain#ResourceNotFoundException": {
+ "type": "structure",
+ "members": {
+ "message": {
+ "target": "smithy.api#String"
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "Request references a resource which does not exist.
",
+ "smithy.api#error": "client",
+ "smithy.api#httpError": 404
+ }
+ },
+ "com.amazonaws.supplychain#ServiceQuotaExceededException": {
+ "type": "structure",
+ "members": {
+ "message": {
+ "target": "smithy.api#String"
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "Request would cause a service quota to be exceeded.
",
+ "smithy.api#error": "client",
+ "smithy.api#httpError": 402
+ }
+ },
+ "com.amazonaws.supplychain#ThrottlingException": {
+ "type": "structure",
+ "members": {
+ "message": {
+ "target": "smithy.api#String"
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "Request was denied due to request throttling.
",
+ "smithy.api#error": "client",
+ "smithy.api#httpError": 429,
+ "smithy.api#retryable": {
+ "throttling": true
+ }
+ }
+ },
+ "com.amazonaws.supplychain#UUID": {
+ "type": "string",
+ "traits": {
+ "smithy.api#length": {
+ "min": 36,
+ "max": 36
+ },
+ "smithy.api#pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$"
+ }
+ },
+ "com.amazonaws.supplychain#ValidationException": {
+ "type": "structure",
+ "members": {
+ "message": {
+ "target": "smithy.api#String"
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "The input does not satisfy the constraints specified by an AWS service.
",
+ "smithy.api#error": "client",
+ "smithy.api#httpError": 400
+ }
+ }
+ }
+}
\ No newline at end of file
diff --git a/codegen/sdk-codegen/aws-models/transfer.json b/codegen/sdk-codegen/aws-models/transfer.json
index e08ad173812..138a2a7f110 100644
--- a/codegen/sdk-codegen/aws-models/transfer.json
+++ b/codegen/sdk-codegen/aws-models/transfer.json
@@ -2710,6 +2710,12 @@
"traits": {
"smithy.api#documentation": "A structure that contains the parameters for an SFTP connector object.
"
}
+ },
+ "ServiceManagedEgressIpAddresses": {
+ "target": "com.amazonaws.transfer#ServiceManagedEgressIpAddresses",
+ "traits": {
+ "smithy.api#documentation": "The list of egress IP addresses of this connector. These IP addresses are assigned automatically when you create the connector.
"
+ }
}
},
"traits": {
@@ -3039,6 +3045,12 @@
"traits": {
"smithy.api#documentation": "Specifies whether or not performance for your Amazon S3 directories is optimized. This is disabled by default.
\n By default, home directory mappings have a TYPE of DIRECTORY. If you enable this option, you would then need to explicitly set the HomeDirectoryMapEntry\n Type to FILE if you want a mapping to have a file target.
"
}
+ },
+ "As2ServiceManagedEgressIpAddresses": {
+ "target": "com.amazonaws.transfer#ServiceManagedEgressIpAddresses",
+ "traits": {
+ "smithy.api#documentation": "The list of egress IP addresses of this server. These IP addresses are only relevant\n for servers that use the AS2 protocol. They are used for sending asynchronous MDNs.
\n These IP addresses are assigned automatically when you create an AS2 server. Additionally,\n if you update an existing server and add the AS2 protocol, static IP addresses are assigned as well.
"
+ }
}
},
"traits": {
@@ -3718,7 +3730,7 @@
"DirectoryId": {
"target": "com.amazonaws.transfer#DirectoryId",
"traits": {
- "smithy.api#documentation": "The identifier of the Directory Service directory that you want to stop sharing.
"
+ "smithy.api#documentation": "The identifier of the Directory Service directory that you want to use as your identity provider.
"
}
},
"Function": {
@@ -6351,6 +6363,18 @@
"com.amazonaws.transfer#ServiceErrorMessage": {
"type": "string"
},
+ "com.amazonaws.transfer#ServiceManagedEgressIpAddress": {
+ "type": "string",
+ "traits": {
+ "smithy.api#pattern": "^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}$"
+ }
+ },
+ "com.amazonaws.transfer#ServiceManagedEgressIpAddresses": {
+ "type": "list",
+ "member": {
+ "target": "com.amazonaws.transfer#ServiceManagedEgressIpAddress"
+ }
+ },
"com.amazonaws.transfer#ServiceMetadata": {
"type": "structure",
"members": {
diff --git a/codegen/sdk-codegen/aws-models/wisdom.json b/codegen/sdk-codegen/aws-models/wisdom.json
index 0de94c13989..a3fa3a916e0 100644
--- a/codegen/sdk-codegen/aws-models/wisdom.json
+++ b/codegen/sdk-codegen/aws-models/wisdom.json
@@ -2427,6 +2427,9 @@
}
],
"traits": {
+ "smithy.api#deprecated": {
+ "message": "GetRecommendations API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications."
+ },
"smithy.api#documentation": "Retrieves recommendations for the specified session. To avoid retrieving the same\n recommendations in subsequent calls, use NotifyRecommendationsReceived. This API supports long-polling behavior with the\n waitTimeSeconds parameter. Short poll is the default behavior and only returns\n recommendations already available. To perform a manual query against an assistant, use QueryAssistant.
",
"smithy.api#http": {
"uri": "/assistants/{assistantId}/sessions/{sessionId}/recommendations",
@@ -3903,6 +3906,9 @@
}
],
"traits": {
+ "smithy.api#deprecated": {
+ "message": "QueryAssistant API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications."
+ },
"smithy.api#documentation": "Performs a manual search against the specified assistant. To retrieve recommendations for\n an assistant, use GetRecommendations.\n
",
"smithy.api#http": {
"uri": "/assistants/{assistantId}/query",
diff --git a/codegen/sdk-codegen/aws-models/workspaces.json b/codegen/sdk-codegen/aws-models/workspaces.json
index ed4e07a9e48..2aa51585578 100644
--- a/codegen/sdk-codegen/aws-models/workspaces.json
+++ b/codegen/sdk-codegen/aws-models/workspaces.json
@@ -2089,7 +2089,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Creates one or more WorkSpaces.
\n This operation is asynchronous and returns before the WorkSpaces are created.
\n \n \n - \n
The MANUAL running mode value is only supported by Amazon WorkSpaces\n Core. Contact your account team to be allow-listed to use this value. For more\n information, see Amazon WorkSpaces\n Core.
\n \n - \n
You don't need to specify the PCOIP protocol for Linux bundles\n because WSP is the default protocol for those bundles.
\n \n - \n
Ensure you review your running mode to ensure you are using a running mode that is optimal for your needs and budget.\n For more information on switching running modes, see \n \n Can I switch between hourly and monthly billing?\n
\n \n
\n "
+ "smithy.api#documentation": "Creates one or more WorkSpaces.
\n This operation is asynchronous and returns before the WorkSpaces are created.
\n \n \n - \n
The MANUAL running mode value is only supported by Amazon WorkSpaces\n Core. Contact your account team to be allow-listed to use this value. For more\n information, see Amazon WorkSpaces\n Core.
\n \n - \n
You don't need to specify the PCOIP protocol for Linux bundles\n because WSP is the default protocol for those bundles.
\n \n
\n "
}
},
"com.amazonaws.workspaces#CreateWorkspacesRequest": {
@@ -6238,7 +6238,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Reboots the specified WorkSpaces.
\n You cannot reboot a WorkSpace unless its state is AVAILABLE or\n UNHEALTHY.
\n This operation is asynchronous and returns before the WorkSpaces have rebooted.
"
+ "smithy.api#documentation": "Reboots the specified WorkSpaces.
\n You cannot reboot a WorkSpace unless its state is AVAILABLE,\n UNHEALTHY, or REBOOTING. Reboot a WorkSpace in the REBOOTING \n state only if your WorkSpace has been stuck in the REBOOTING state for over 20 minutes.
\n This operation is asynchronous and returns before the WorkSpaces have rebooted.
"
}
},
"com.amazonaws.workspaces#RebootWorkspacesRequest": {
@@ -8832,7 +8832,7 @@
"RunningMode": {
"target": "com.amazonaws.workspaces#RunningMode",
"traits": {
- "smithy.api#documentation": "The running mode. For more information, see Manage the WorkSpace Running\n Mode.
\n \n \n - \n
The MANUAL value is only supported by Amazon WorkSpaces Core. Contact\n your account team to be allow-listed to use this value. For more information, see\n Amazon WorkSpaces Core.
\n \n - \n
Ensure you review your running mode to ensure you are using a running mode that is optimal for your needs and budget.\n For more information on switching running modes, see \n \n Can I switch between hourly and monthly billing?\n
\n \n
\n "
+ "smithy.api#documentation": "The running mode. For more information, see Manage the WorkSpace Running\n Mode.
\n \n The MANUAL value is only supported by Amazon WorkSpaces Core. Contact\n your account team to be allow-listed to use this value. For more information, see\n Amazon WorkSpaces Core.
\n "
}
},
"RunningModeAutoStopTimeoutInMinutes": {
diff --git a/codegen/sdk-codegen/build.gradle.kts b/codegen/sdk-codegen/build.gradle.kts
index eabc76fee48..27441506b1e 100644
--- a/codegen/sdk-codegen/build.gradle.kts
+++ b/codegen/sdk-codegen/build.gradle.kts
@@ -39,7 +39,9 @@ plugins {
}
dependencies {
+ val smithyVersion: String by project
implementation(project(":smithy-aws-go-codegen"))
+ implementation("software.amazon.smithy:smithy-smoke-test-traits:$smithyVersion")
}
// This project doesn't produce a JAR.
diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/CloudFrontKVSSigV4a.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/CloudFrontKVSSigV4a.java
new file mode 100644
index 00000000000..3dae691f957
--- /dev/null
+++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/CloudFrontKVSSigV4a.java
@@ -0,0 +1,148 @@
+package software.amazon.smithy.aws.go.codegen.customization;
+
+import java.util.List;
+import java.util.ArrayList;
+import software.amazon.smithy.aws.go.codegen.AddAwsConfigFields;
+import software.amazon.smithy.aws.go.codegen.AwsGoDependency;
+import software.amazon.smithy.aws.go.codegen.AwsSignatureVersion4;
+import software.amazon.smithy.aws.go.codegen.AwsSignatureVersion4aUtils;
+import software.amazon.smithy.aws.traits.ServiceTrait;
+import software.amazon.smithy.aws.traits.auth.SigV4ATrait;
+import software.amazon.smithy.aws.traits.auth.SigV4Trait;
+import software.amazon.smithy.codegen.core.Symbol;
+import software.amazon.smithy.codegen.core.SymbolProvider;
+import software.amazon.smithy.go.codegen.GoDelegator;
+import software.amazon.smithy.go.codegen.GoSettings;
+import software.amazon.smithy.go.codegen.GoWriter;
+import software.amazon.smithy.go.codegen.SmithyGoDependency;
+import software.amazon.smithy.go.codegen.SymbolUtils;
+import software.amazon.smithy.go.codegen.integration.ConfigField;
+import software.amazon.smithy.go.codegen.integration.ConfigFieldResolver;
+import software.amazon.smithy.go.codegen.integration.GoIntegration;
+import software.amazon.smithy.go.codegen.integration.MiddlewareRegistrar;
+import software.amazon.smithy.go.codegen.integration.RuntimeClientPlugin;
+import software.amazon.smithy.model.Model;
+import software.amazon.smithy.model.shapes.ServiceShape;
+import software.amazon.smithy.model.traits.AuthTrait;
+import software.amazon.smithy.utils.ListUtils;
+import software.amazon.smithy.utils.SetUtils;
+
+/**
+ * This integration configures the CloudFront Key Value Store client for Signature Version 4a
+ */
+public class CloudFrontKVSSigV4a implements GoIntegration {
+ /**
+ * Return true if service is CFKVS.
+ *
+ * @param model is the generation model.
+ * @param service is the service shape being audited.
+ */
+ private static boolean isCFKVSService(Model model, ServiceShape service) {
+ final String sdkId = service.expectTrait(ServiceTrait.class).getSdkId();
+ final String serviceId = sdkId.replace("-", "").replace(" ", "").toLowerCase();
+ return serviceId.equalsIgnoreCase("cloudfrontkeyvaluestore");
+ }
+
+ private final List runtimeClientPlugins = new ArrayList<>();
+
+
+ @Override
+ public List getClientPlugins() {
+ return runtimeClientPlugins;
+ }
+
+ @Override
+ public Model preprocessModel(Model model, GoSettings settings) {
+ ServiceShape service = settings.getService(model);
+ if (!isCFKVSService(model, service)) {
+ return model;
+ }
+
+ if (settings.getService(model).hasTrait(SigV4ATrait.class)) {
+ return model;
+ }
+
+ var v4a = SigV4ATrait.builder()
+ .name(service.expectTrait(SigV4Trait.class).getName())
+ .build();
+
+ return model.toBuilder()
+ .addShape(
+ service.toBuilder()
+ .addTrait(v4a)
+ // FUTURE: https://github.com/aws/smithy-go/issues/493
+ // we are keeping sigv4 at the end of this list (it will never be selected)
+ // as a stopgap to drive codegen of payload checksum routines
+ .addTrait(new AuthTrait(SetUtils.of(SigV4ATrait.ID, SigV4Trait.ID)))
+ .build()
+ )
+ .build();
+ }
+
+ @Override
+ public void processFinalizedModel(GoSettings settings, Model model) {
+ if (!isCFKVSService(model, settings.getService(model))) {
+ return;
+ }
+ runtimeClientPlugins.add(
+ RuntimeClientPlugin.builder()
+ .configFields(
+ ListUtils.of(
+ ConfigField.builder()
+ .name(AwsSignatureVersion4aUtils.V4A_SIGNER_INTERFACE_NAME)
+ .type(SymbolUtils.buildPackageSymbol(
+ AwsSignatureVersion4aUtils.V4A_SIGNER_INTERFACE_NAME)
+ )
+ .documentation("Signature Version 4a (SigV4a) Signer")
+ .build()
+ )
+ )
+ .build());
+ runtimeClientPlugins.add(
+ RuntimeClientPlugin.builder()
+ .servicePredicate(CloudFrontKVSSigV4a::isCFKVSService)
+ .addConfigFieldResolver(
+ ConfigFieldResolver.builder()
+ .location(ConfigFieldResolver.Location.CLIENT)
+ .target(ConfigFieldResolver.Target.INITIALIZATION)
+ .resolver(SymbolUtils.createValueSymbolBuilder(
+ AwsSignatureVersion4aUtils.SIGNER_RESOLVER).build())
+ .build())
+ .build());
+ }
+
+ @Override
+ public void writeAdditionalFiles(
+ GoSettings settings,
+ Model model,
+ SymbolProvider symbolProvider,
+ GoDelegator goDelegator
+ ) {
+
+ if (!isCFKVSService(model, model.expectShape(settings.getService(), ServiceShape.class))) {
+ return;
+ }
+
+ ServiceShape serviceShape = settings.getService(model);
+ goDelegator.useShapeWriter(serviceShape, writer -> {
+ writerSignerInterface(writer);
+ writerConfigFieldResolver(writer, serviceShape);
+ writeNewV4ASignerFunc(writer, serviceShape);
+ });
+
+ }
+
+
+ private void writerSignerInterface(GoWriter writer) {
+ AwsSignatureVersion4aUtils.writerSignerInterface(writer);
+ }
+
+ private void writeNewV4ASignerFunc(GoWriter writer, ServiceShape serviceShape) {
+ AwsSignatureVersion4aUtils.writeNewV4ASignerFunc(writer, serviceShape);
+ }
+
+ private void writerConfigFieldResolver(GoWriter writer, ServiceShape serviceShape) {
+ AwsSignatureVersion4aUtils.writerConfigFieldResolver(writer, serviceShape);
+ }
+
+}
diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/auth/AwsSigV4aAuthScheme.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/auth/AwsSigV4aAuthScheme.java
index 75684e2cdbc..f1f903b31c5 100644
--- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/auth/AwsSigV4aAuthScheme.java
+++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/auth/AwsSigV4aAuthScheme.java
@@ -16,16 +16,16 @@
package software.amazon.smithy.aws.go.codegen.customization.auth;
import software.amazon.smithy.aws.go.codegen.SdkGoTypes;
+import software.amazon.smithy.aws.traits.auth.SigV4ATrait;
import software.amazon.smithy.codegen.core.SymbolProvider;
import software.amazon.smithy.go.codegen.GoDelegator;
import software.amazon.smithy.go.codegen.GoSettings;
import software.amazon.smithy.go.codegen.GoStdlibTypes;
import software.amazon.smithy.go.codegen.GoWriter;
import software.amazon.smithy.go.codegen.SmithyGoTypes;
-import software.amazon.smithy.go.codegen.auth.SigV4aTrait;
import software.amazon.smithy.go.codegen.integration.GoIntegration;
import software.amazon.smithy.go.codegen.integration.RuntimeClientPlugin;
-import software.amazon.smithy.go.codegen.integration.auth.SigV4aDefinition;
+import software.amazon.smithy.go.codegen.integration.auth.SigV4ADefinition;
import software.amazon.smithy.model.Model;
import software.amazon.smithy.utils.ListUtils;
import software.amazon.smithy.utils.MapUtils;
@@ -43,7 +43,7 @@ public class AwsSigV4aAuthScheme implements GoIntegration {
public List getClientPlugins() {
return ListUtils.of(
RuntimeClientPlugin.builder()
- .addAuthSchemeDefinition(SigV4aTrait.ID, new AwsSigV4a())
+ .addAuthSchemeDefinition(SigV4ATrait.ID, new AwsSigV4A())
.build()
);
}
@@ -52,12 +52,12 @@ public List getClientPlugins() {
public void writeAdditionalFiles(
GoSettings settings, Model model, SymbolProvider symbolProvider, GoDelegator goDelegator
) {
- if (settings.getService(model).hasTrait(SigV4aTrait.class)) {
+ if (settings.getService(model).hasTrait(SigV4ATrait.class)) {
goDelegator.useFileWriter("options.go", settings.getModuleName(), generateAdditionalSource());
}
}
- public static class AwsSigV4a extends SigV4aDefinition {
+ public static class AwsSigV4A extends SigV4ADefinition {
@Override
public GoWriter.Writable generateDefaultAuthScheme() {
return goTemplate("""
@@ -67,7 +67,7 @@ public GoWriter.Writable generateDefaultAuthScheme() {
LogSigning: options.ClientLogMode.IsSigning(),
})""",
SdkGoTypes.Internal.Auth.NewHTTPAuthScheme,
- SigV4aTrait.ID.toString(),
+ SigV4ATrait.ID.toString(),
SdkGoTypes.Internal.V4A.SignerAdapter);
}
diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/auth/BackfillSigV4aTrait.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/auth/BackfillSigV4ATrait.java
similarity index 76%
rename from codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/auth/BackfillSigV4aTrait.java
rename to codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/auth/BackfillSigV4ATrait.java
index bda36437265..e0f6879cf1d 100644
--- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/auth/BackfillSigV4aTrait.java
+++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/auth/BackfillSigV4ATrait.java
@@ -16,9 +16,9 @@
package software.amazon.smithy.aws.go.codegen.customization.auth;
import software.amazon.smithy.aws.traits.ServiceTrait;
+import software.amazon.smithy.aws.traits.auth.SigV4ATrait;
import software.amazon.smithy.aws.traits.auth.SigV4Trait;
import software.amazon.smithy.go.codegen.GoSettings;
-import software.amazon.smithy.go.codegen.auth.SigV4aTrait;
import software.amazon.smithy.go.codegen.integration.GoIntegration;
import software.amazon.smithy.model.Model;
import software.amazon.smithy.model.shapes.ServiceShape;
@@ -28,8 +28,8 @@
/**
* Throws the aws.auth#sigv4a trait onto the service such that auth codegen picks it up.
*/
-public class BackfillSigV4aTrait implements GoIntegration {
- private boolean isBackfillSigV4aService(ServiceShape service) {
+public class BackfillSigV4ATrait implements GoIntegration {
+ private boolean isBackfillService(ServiceShape service) {
final String sdkId = service.expectTrait(ServiceTrait.class).getSdkId();
return sdkId.equalsIgnoreCase("s3") || sdkId.equalsIgnoreCase("eventbridge");
};
@@ -37,15 +37,22 @@ private boolean isBackfillSigV4aService(ServiceShape service) {
@Override
public Model preprocessModel(Model model, GoSettings settings) {
ServiceShape service = settings.getService(model);
- if (!isBackfillSigV4aService(service)) {
+ if (!isBackfillService(service)) {
return model;
}
+ if (settings.getService(model).hasTrait(SigV4ATrait.class)) {
+ return model;
+ }
+
+ var v4a = SigV4ATrait.builder()
+ .name(service.expectTrait(SigV4Trait.class).getName())
+ .build();
return model.toBuilder()
.addShape(
service.toBuilder()
- .addTrait(new SigV4aTrait())
- .addTrait(new AuthTrait(SetUtils.of(SigV4Trait.ID, SigV4aTrait.ID)))
+ .addTrait(v4a)
+ .addTrait(new AuthTrait(SetUtils.of(SigV4Trait.ID, SigV4ATrait.ID)))
.build()
)
.build();
diff --git a/codegen/smithy-aws-go-codegen/src/main/resources/META-INF/services/software.amazon.smithy.go.codegen.integration.GoIntegration b/codegen/smithy-aws-go-codegen/src/main/resources/META-INF/services/software.amazon.smithy.go.codegen.integration.GoIntegration
index 540f3a8d080..335d5506776 100644
--- a/codegen/smithy-aws-go-codegen/src/main/resources/META-INF/services/software.amazon.smithy.go.codegen.integration.GoIntegration
+++ b/codegen/smithy-aws-go-codegen/src/main/resources/META-INF/services/software.amazon.smithy.go.codegen.integration.GoIntegration
@@ -1,4 +1,4 @@
-software.amazon.smithy.aws.go.codegen.customization.auth.BackfillSigV4aTrait
+software.amazon.smithy.aws.go.codegen.customization.auth.BackfillSigV4ATrait
software.amazon.smithy.aws.go.codegen.AddProtocols
software.amazon.smithy.aws.go.codegen.ClientResolvedDefaultsMode
software.amazon.smithy.aws.go.codegen.AddAwsConfigFields
@@ -73,3 +73,4 @@ software.amazon.smithy.aws.go.codegen.customization.auth.S3ExpressAuthScheme
software.amazon.smithy.aws.go.codegen.customization.S3BucketContext
software.amazon.smithy.aws.go.codegen.customization.s3.ExpressDefaultChecksum
software.amazon.smithy.aws.go.codegen.customization.auth.GlobalAnonymousOption
+software.amazon.smithy.aws.go.codegen.customization.CloudFrontKVSSigV4a
diff --git a/codegen/smithy-aws-go-codegen/src/main/resources/software/amazon/smithy/aws/go/codegen/endpoints.json b/codegen/smithy-aws-go-codegen/src/main/resources/software/amazon/smithy/aws/go/codegen/endpoints.json
index e65f0091a62..1d0ff98ced9 100644
--- a/codegen/smithy-aws-go-codegen/src/main/resources/software/amazon/smithy/aws/go/codegen/endpoints.json
+++ b/codegen/smithy-aws-go-codegen/src/main/resources/software/amazon/smithy/aws/go/codegen/endpoints.json
@@ -12585,6 +12585,12 @@
},
"hostname" : "oidc.il-central-1.amazonaws.com"
},
+ "me-central-1" : {
+ "credentialScope" : {
+ "region" : "me-central-1"
+ },
+ "hostname" : "oidc.me-central-1.amazonaws.com"
+ },
"me-south-1" : {
"credentialScope" : {
"region" : "me-south-1"
@@ -15934,11 +15940,59 @@
"eu-west-1" : { },
"eu-west-2" : { },
"eu-west-3" : { },
+ "fips-us-east-1" : {
+ "credentialScope" : {
+ "region" : "us-east-1"
+ },
+ "deprecated" : true,
+ "hostname" : "securitylake-fips.us-east-1.amazonaws.com"
+ },
+ "fips-us-east-2" : {
+ "credentialScope" : {
+ "region" : "us-east-2"
+ },
+ "deprecated" : true,
+ "hostname" : "securitylake-fips.us-east-2.amazonaws.com"
+ },
+ "fips-us-west-1" : {
+ "credentialScope" : {
+ "region" : "us-west-1"
+ },
+ "deprecated" : true,
+ "hostname" : "securitylake-fips.us-west-1.amazonaws.com"
+ },
+ "fips-us-west-2" : {
+ "credentialScope" : {
+ "region" : "us-west-2"
+ },
+ "deprecated" : true,
+ "hostname" : "securitylake-fips.us-west-2.amazonaws.com"
+ },
"sa-east-1" : { },
- "us-east-1" : { },
- "us-east-2" : { },
- "us-west-1" : { },
- "us-west-2" : { }
+ "us-east-1" : {
+ "variants" : [ {
+ "hostname" : "securitylake-fips.us-east-1.amazonaws.com",
+ "tags" : [ "fips" ]
+ } ]
+ },
+ "us-east-2" : {
+ "variants" : [ {
+ "hostname" : "securitylake-fips.us-east-2.amazonaws.com",
+ "tags" : [ "fips" ]
+ } ]
+ },
+ "us-west-1" : {
+ "variants" : [ {
+ "hostname" : "securitylake-fips.us-west-1.amazonaws.com",
+ "tags" : [ "fips" ]
+ } ]
+ },
+ "us-west-2" : {
+ "variants" : [ {
+ "hostname" : "securitylake-fips.us-west-2.amazonaws.com",
+ "tags" : [ "fips" ]
+ } ]
+ }
}
},
"serverlessrepo" : {
@@ -20669,6 +20723,23 @@
"cn-north-1" : { }
}
},
+ "iottwinmaker" : {
+ "endpoints" : {
+ "api-cn-north-1" : {
+ "credentialScope" : {
+ "region" : "cn-north-1"
+ },
+ "hostname" : "api.iottwinmaker.cn-north-1.amazonaws.com.cn"
+ },
+ "cn-north-1" : { },
+ "data-cn-north-1" : {
+ "credentialScope" : {
+ "region" : "cn-north-1"
+ },
+ "hostname" : "data.iottwinmaker.cn-north-1.amazonaws.com.cn"
+ }
+ }
+ },
"kafka" : {
"endpoints" : {
"cn-north-1" : { },
@@ -26499,6 +26570,15 @@
"us-iso-east-1" : { }
}
},
+ "guardduty" : {
+ "defaults" : {
+ "protocols" : [ "https" ]
+ },
+ "endpoints" : {
+ "us-iso-east-1" : { }
+ },
+ "isRegionalized" : true
+ },
"health" : {
"endpoints" : {
"us-iso-east-1" : { }
diff --git a/config/CHANGELOG.md b/config/CHANGELOG.md
index 28eb28a1408..0cd31f00ecc 100644
--- a/config/CHANGELOG.md
+++ b/config/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.26.4 (2024-01-16)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
# v1.26.3 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/config/go.mod b/config/go.mod
index 5efdbea70d9..42be088c903 100644
--- a/config/go.mod
+++ b/config/go.mod
@@ -4,11 +4,11 @@ go 1.19
require (
github.com/aws/aws-sdk-go-v2 v1.24.1
- github.com/aws/aws-sdk-go-v2/credentials v1.16.14
+ github.com/aws/aws-sdk-go-v2/credentials v1.16.15
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11
github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2
github.com/aws/aws-sdk-go-v2/service/sso v1.18.6
- github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.6
+ github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7
github.com/aws/aws-sdk-go-v2/service/sts v1.26.7
github.com/aws/smithy-go v1.19.0
github.com/google/go-cmp v0.5.8
diff --git a/config/go_module_metadata.go b/config/go_module_metadata.go
index f719e036a39..6de4538a4d5 100644
--- a/config/go_module_metadata.go
+++ b/config/go_module_metadata.go
@@ -3,4 +3,4 @@
package config
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.26.3"
+const goModuleVersion = "1.26.4"
diff --git a/credentials/CHANGELOG.md b/credentials/CHANGELOG.md
index 82c87c36573..6671a41c92a 100644
--- a/credentials/CHANGELOG.md
+++ b/credentials/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.16.15 (2024-01-16)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
# v1.16.14 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/credentials/go.mod b/credentials/go.mod
index 8a0106bd759..40001ce2145 100644
--- a/credentials/go.mod
+++ b/credentials/go.mod
@@ -6,7 +6,7 @@ require (
github.com/aws/aws-sdk-go-v2 v1.24.1
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11
github.com/aws/aws-sdk-go-v2/service/sso v1.18.6
- github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.6
+ github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7
github.com/aws/aws-sdk-go-v2/service/sts v1.26.7
github.com/aws/smithy-go v1.19.0
github.com/google/go-cmp v0.5.8
diff --git a/credentials/go_module_metadata.go b/credentials/go_module_metadata.go
index 74074d0b195..c8bcd2dceb5 100644
--- a/credentials/go_module_metadata.go
+++ b/credentials/go_module_metadata.go
@@ -3,4 +3,4 @@
package credentials
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.16.14"
+const goModuleVersion = "1.16.15"
diff --git a/example/service/dynamodb/createTable/go.mod b/example/service/dynamodb/createTable/go.mod
index 624a8881c09..97aed503244 100644
--- a/example/service/dynamodb/createTable/go.mod
+++ b/example/service/dynamodb/createTable/go.mod
@@ -4,12 +4,12 @@ go 1.19
require (
github.com/aws/aws-sdk-go-v2 v1.24.1
- github.com/aws/aws-sdk-go-v2/config v1.26.3
+ github.com/aws/aws-sdk-go-v2/config v1.26.4
github.com/aws/aws-sdk-go-v2/service/dynamodb v1.26.8
)
require (
- github.com/aws/aws-sdk-go-v2/credentials v1.16.14 // indirect
+ github.com/aws/aws-sdk-go-v2/credentials v1.16.15 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 // indirect
@@ -18,7 +18,7 @@ require (
github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.8.11 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.18.6 // indirect
- github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.6 // indirect
+ github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 // indirect
github.com/aws/smithy-go v1.19.0 // indirect
github.com/jmespath/go-jmespath v0.4.0 // indirect
diff --git a/example/service/dynamodb/scanItems/go.mod b/example/service/dynamodb/scanItems/go.mod
index 0b94a5f2ae8..6a5d39ef5d5 100644
--- a/example/service/dynamodb/scanItems/go.mod
+++ b/example/service/dynamodb/scanItems/go.mod
@@ -4,13 +4,13 @@ go 1.19
require (
github.com/aws/aws-sdk-go-v2 v1.24.1
- github.com/aws/aws-sdk-go-v2/config v1.26.3
+ github.com/aws/aws-sdk-go-v2/config v1.26.4
github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue v1.12.14
github.com/aws/aws-sdk-go-v2/service/dynamodb v1.26.8
)
require (
- github.com/aws/aws-sdk-go-v2/credentials v1.16.14 // indirect
+ github.com/aws/aws-sdk-go-v2/credentials v1.16.15 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 // indirect
@@ -20,7 +20,7 @@ require (
github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.8.11 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.18.6 // indirect
- github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.6 // indirect
+ github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 // indirect
github.com/aws/smithy-go v1.19.0 // indirect
github.com/jmespath/go-jmespath v0.4.0 // indirect
diff --git a/example/service/s3/listObjects/go.mod b/example/service/s3/listObjects/go.mod
index 06f30ea0719..256dca1ea5e 100644
--- a/example/service/s3/listObjects/go.mod
+++ b/example/service/s3/listObjects/go.mod
@@ -3,14 +3,14 @@ module github.com/aws/aws-sdk-go-v2/example/service/s3/listObjects
go 1.19
require (
- github.com/aws/aws-sdk-go-v2/config v1.26.3
- github.com/aws/aws-sdk-go-v2/service/s3 v1.47.8
+ github.com/aws/aws-sdk-go-v2/config v1.26.4
+ github.com/aws/aws-sdk-go-v2/service/s3 v1.48.0
)
require (
github.com/aws/aws-sdk-go-v2 v1.24.1 // indirect
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.4 // indirect
- github.com/aws/aws-sdk-go-v2/credentials v1.16.14 // indirect
+ github.com/aws/aws-sdk-go-v2/credentials v1.16.15 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 // indirect
@@ -21,7 +21,7 @@ require (
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.10 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.18.6 // indirect
- github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.6 // indirect
+ github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 // indirect
github.com/aws/smithy-go v1.19.0 // indirect
)
diff --git a/example/service/s3/usingPrivateLink/go.mod b/example/service/s3/usingPrivateLink/go.mod
index e5a6d2d9ba4..e8551da1093 100644
--- a/example/service/s3/usingPrivateLink/go.mod
+++ b/example/service/s3/usingPrivateLink/go.mod
@@ -4,14 +4,14 @@ go 1.19
require (
github.com/aws/aws-sdk-go-v2 v1.24.1
- github.com/aws/aws-sdk-go-v2/config v1.26.3
- github.com/aws/aws-sdk-go-v2/service/s3 v1.47.8
- github.com/aws/aws-sdk-go-v2/service/s3control v1.41.8
+ github.com/aws/aws-sdk-go-v2/config v1.26.4
+ github.com/aws/aws-sdk-go-v2/service/s3 v1.48.0
+ github.com/aws/aws-sdk-go-v2/service/s3control v1.42.0
)
require (
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.4 // indirect
- github.com/aws/aws-sdk-go-v2/credentials v1.16.14 // indirect
+ github.com/aws/aws-sdk-go-v2/credentials v1.16.15 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 // indirect
@@ -22,7 +22,7 @@ require (
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.10 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.18.6 // indirect
- github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.6 // indirect
+ github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 // indirect
github.com/aws/smithy-go v1.19.0 // indirect
)
diff --git a/feature/ec2/imds/internal/configtesting/go.mod b/feature/ec2/imds/internal/configtesting/go.mod
index cbb9f871932..c2b3370aa51 100644
--- a/feature/ec2/imds/internal/configtesting/go.mod
+++ b/feature/ec2/imds/internal/configtesting/go.mod
@@ -3,20 +3,20 @@ module github.com/aws/aws-sdk-go-v2/feature/ec2/imds/internal/configtesting
go 1.19
require (
- github.com/aws/aws-sdk-go-v2/config v1.26.3
+ github.com/aws/aws-sdk-go-v2/config v1.26.4
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11
)
require (
github.com/aws/aws-sdk-go-v2 v1.24.1 // indirect
- github.com/aws/aws-sdk-go-v2/credentials v1.16.14 // indirect
+ github.com/aws/aws-sdk-go-v2/credentials v1.16.15 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 // indirect
github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.18.6 // indirect
- github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.6 // indirect
+ github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 // indirect
github.com/aws/smithy-go v1.19.0 // indirect
)
diff --git a/feature/s3/manager/CHANGELOG.md b/feature/s3/manager/CHANGELOG.md
index 69baa485613..4ab05fda6bf 100644
--- a/feature/s3/manager/CHANGELOG.md
+++ b/feature/s3/manager/CHANGELOG.md
@@ -1,3 +1,11 @@
+# v1.15.12 (2024-01-16)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
+# v1.15.11 (2024-01-05)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
# v1.15.10 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/feature/s3/manager/go.mod b/feature/s3/manager/go.mod
index 3e7f125c8b4..e83dd61348d 100644
--- a/feature/s3/manager/go.mod
+++ b/feature/s3/manager/go.mod
@@ -4,15 +4,15 @@ go 1.19
require (
github.com/aws/aws-sdk-go-v2 v1.24.1
- github.com/aws/aws-sdk-go-v2/config v1.26.3
- github.com/aws/aws-sdk-go-v2/service/s3 v1.47.8
+ github.com/aws/aws-sdk-go-v2/config v1.26.4
+ github.com/aws/aws-sdk-go-v2/service/s3 v1.48.0
github.com/aws/smithy-go v1.19.0
github.com/google/go-cmp v0.5.8
)
require (
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.4 // indirect
- github.com/aws/aws-sdk-go-v2/credentials v1.16.14 // indirect
+ github.com/aws/aws-sdk-go-v2/credentials v1.16.15 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 // indirect
@@ -23,7 +23,7 @@ require (
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.10 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.18.6 // indirect
- github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.6 // indirect
+ github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 // indirect
github.com/jmespath/go-jmespath v0.4.0 // indirect
)
diff --git a/feature/s3/manager/go_module_metadata.go b/feature/s3/manager/go_module_metadata.go
index 52f747c9270..ab1332ac2e6 100644
--- a/feature/s3/manager/go_module_metadata.go
+++ b/feature/s3/manager/go_module_metadata.go
@@ -3,4 +3,4 @@
package manager
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.15.10"
+const goModuleVersion = "1.15.12"
diff --git a/internal/configsources/configtesting/go.mod b/internal/configsources/configtesting/go.mod
index 41dd08b79bd..ca8883a189c 100644
--- a/internal/configsources/configtesting/go.mod
+++ b/internal/configsources/configtesting/go.mod
@@ -3,20 +3,20 @@ module github.com/aws/aws-sdk-go-v2/internal/configsources/configtesting
go 1.19
require (
- github.com/aws/aws-sdk-go-v2/config v1.26.3
+ github.com/aws/aws-sdk-go-v2/config v1.26.4
github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10
)
require (
github.com/aws/aws-sdk-go-v2 v1.24.1 // indirect
- github.com/aws/aws-sdk-go-v2/credentials v1.16.14 // indirect
+ github.com/aws/aws-sdk-go-v2/credentials v1.16.15 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 // indirect
github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.18.6 // indirect
- github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.6 // indirect
+ github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 // indirect
github.com/aws/smithy-go v1.19.0 // indirect
)
diff --git a/service/cloudfrontkeyvaluestore/CHANGELOG.md b/service/cloudfrontkeyvaluestore/CHANGELOG.md
index 4b5fd06fc7f..8f2b3368d95 100644
--- a/service/cloudfrontkeyvaluestore/CHANGELOG.md
+++ b/service/cloudfrontkeyvaluestore/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.1.7 (2024-01-16)
+
+* No change notes available for this release.
+
# v1.1.6 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/cloudfrontkeyvaluestore/api_client.go b/service/cloudfrontkeyvaluestore/api_client.go
index 93ec74b0a81..dabe9e7a163 100644
--- a/service/cloudfrontkeyvaluestore/api_client.go
+++ b/service/cloudfrontkeyvaluestore/api_client.go
@@ -14,6 +14,7 @@ import (
internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy"
internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources"
+ "github.com/aws/aws-sdk-go-v2/internal/v4a"
smithy "github.com/aws/smithy-go"
smithydocument "github.com/aws/smithy-go/document"
"github.com/aws/smithy-go/logging"
@@ -51,6 +52,8 @@ func New(options Options, optFns ...func(*Options)) *Client {
resolveEndpointResolverV2(&options)
+ resolveHTTPSignerV4a(&options)
+
resolveAuthSchemeResolver(&options)
for _, fn := range optFns {
@@ -166,6 +169,11 @@ func resolveAuthSchemeResolver(options *Options) {
func resolveAuthSchemes(options *Options) {
if options.AuthSchemes == nil {
options.AuthSchemes = []smithyhttp.AuthScheme{
+ internalauth.NewHTTPAuthScheme("aws.auth#sigv4a", &v4a.SignerAdapter{
+ Signer: options.httpSignerV4a,
+ Logger: options.Logger,
+ LogSigning: options.ClientLogMode.IsSigning(),
+ }),
internalauth.NewHTTPAuthScheme("aws.auth#sigv4", &internalauthsmithy.V4SignerAdapter{
Signer: options.HTTPSignerV4,
Logger: options.Logger,
@@ -429,6 +437,27 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error {
return nil
}
+type httpSignerV4a interface {
+ SignHTTP(ctx context.Context, credentials v4a.Credentials, r *http.Request, payloadHash,
+ service string, regionSet []string, signingTime time.Time,
+ optFns ...func(*v4a.SignerOptions)) error
+}
+
+func resolveHTTPSignerV4a(o *Options) {
+ if o.httpSignerV4a != nil {
+ return
+ }
+ o.httpSignerV4a = newDefaultV4aSigner(*o)
+}
+
+func newDefaultV4aSigner(o Options) *v4a.Signer {
+ return v4a.NewSigner(func(so *v4a.SignerOptions) {
+ so.Logger = o.Logger
+ so.LogSigning = o.ClientLogMode.IsSigning()
+ so.DisableURIPathEscaping = false
+ })
+}
+
func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error {
return awsmiddleware.AddRequestIDRetrieverMiddleware(stack)
}
diff --git a/service/cloudfrontkeyvaluestore/auth.go b/service/cloudfrontkeyvaluestore/auth.go
index e43490e9fa4..67f9115dd7a 100644
--- a/service/cloudfrontkeyvaluestore/auth.go
+++ b/service/cloudfrontkeyvaluestore/auth.go
@@ -121,6 +121,16 @@ var operationAuthOptions = map[string]func(*AuthResolverParameters) []*smithyaut
func serviceAuthOptions(params *AuthResolverParameters) []*smithyauth.Option {
return []*smithyauth.Option{
+ {
+ SchemeID: smithyauth.SchemeIDSigV4A,
+ SignerProperties: func() smithy.Properties {
+ var props smithy.Properties
+ smithyhttp.SetSigV4ASigningName(&props, "cloudfront-keyvaluestore")
+ smithyhttp.SetSigV4ASigningRegions(&props, []string{params.Region})
+ return props
+ }(),
+ },
+
{
SchemeID: smithyauth.SchemeIDSigV4,
SignerProperties: func() smithy.Properties {
diff --git a/service/cloudfrontkeyvaluestore/generated.json b/service/cloudfrontkeyvaluestore/generated.json
index 5c130dfa281..64d0cbef6ed 100644
--- a/service/cloudfrontkeyvaluestore/generated.json
+++ b/service/cloudfrontkeyvaluestore/generated.json
@@ -3,6 +3,7 @@
"github.com/aws/aws-sdk-go-v2": "v1.4.0",
"github.com/aws/aws-sdk-go-v2/internal/configsources": "v0.0.0-00010101000000-000000000000",
"github.com/aws/aws-sdk-go-v2/internal/endpoints/v2": "v2.0.0-00010101000000-000000000000",
+ "github.com/aws/aws-sdk-go-v2/internal/v4a": "v0.0.0-00010101000000-000000000000",
"github.com/aws/smithy-go": "v1.4.0",
"github.com/google/go-cmp": "v0.5.4"
},
diff --git a/service/cloudfrontkeyvaluestore/go.mod b/service/cloudfrontkeyvaluestore/go.mod
index 94d24634963..3f3bba12d14 100644
--- a/service/cloudfrontkeyvaluestore/go.mod
+++ b/service/cloudfrontkeyvaluestore/go.mod
@@ -6,6 +6,7 @@ require (
github.com/aws/aws-sdk-go-v2 v1.24.1
github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10
+ github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.10
github.com/aws/smithy-go v1.19.0
github.com/google/go-cmp v0.5.8
)
@@ -15,3 +16,5 @@ replace github.com/aws/aws-sdk-go-v2 => ../../
replace github.com/aws/aws-sdk-go-v2/internal/configsources => ../../internal/configsources/
replace github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 => ../../internal/endpoints/v2/
+
+replace github.com/aws/aws-sdk-go-v2/internal/v4a => ../../internal/v4a/
diff --git a/service/cloudfrontkeyvaluestore/go_module_metadata.go b/service/cloudfrontkeyvaluestore/go_module_metadata.go
index 9bd051adfb8..8b0e47c8516 100644
--- a/service/cloudfrontkeyvaluestore/go_module_metadata.go
+++ b/service/cloudfrontkeyvaluestore/go_module_metadata.go
@@ -3,4 +3,4 @@
package cloudfrontkeyvaluestore
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.1.6"
+const goModuleVersion = "1.1.7"
diff --git a/service/cloudfrontkeyvaluestore/options.go b/service/cloudfrontkeyvaluestore/options.go
index 4ffd85d42dd..a3c1d3548ba 100644
--- a/service/cloudfrontkeyvaluestore/options.go
+++ b/service/cloudfrontkeyvaluestore/options.go
@@ -4,9 +4,11 @@ package cloudfrontkeyvaluestore
import (
"context"
+ "fmt"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy"
+ "github.com/aws/aws-sdk-go-v2/internal/v4a"
smithyauth "github.com/aws/smithy-go/auth"
"github.com/aws/smithy-go/logging"
"github.com/aws/smithy-go/middleware"
@@ -95,6 +97,9 @@ type Options struct {
// within your applications.
RuntimeEnvironment aws.RuntimeEnvironment
+ // Signature Version 4a (SigV4a) Signer
+ httpSignerV4a httpSignerV4a
+
// The initial DefaultsMode used when the client options were constructed. If the
// DefaultsMode was set to aws.DefaultsModeAuto this will store what the resolved
// value was at that point in time. Currently does not support per operation call
@@ -123,6 +128,9 @@ func (o Options) Copy() Options {
}
func (o Options) GetIdentityResolver(schemeID string) smithyauth.IdentityResolver {
+ if schemeID == "aws.auth#sigv4a" {
+ return getSigV4AIdentityResolver(o)
+ }
if schemeID == "aws.auth#sigv4" {
return getSigV4IdentityResolver(o)
}
@@ -210,6 +218,46 @@ func WithSigV4SigningRegion(region string) func(*Options) {
}
}
+func getSigV4AIdentityResolver(o Options) smithyauth.IdentityResolver {
+ if o.Credentials != nil {
+ return &v4a.CredentialsProviderAdapter{
+ Provider: &v4a.SymmetricCredentialAdaptor{
+ SymmetricProvider: o.Credentials,
+ },
+ }
+ }
+ return nil
+}
+
+// WithSigV4ASigningRegions applies an override to the authentication workflow to
+// use the given signing region set for SigV4A-authenticated operations.
+//
+// This is an advanced setting. The value here is FINAL, taking precedence over
+// the resolved signing region set from both auth scheme resolution and endpoint
+// resolution.
+func WithSigV4ASigningRegions(regions []string) func(*Options) {
+ fn := func(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
+ out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
+ ) {
+ rscheme := getResolvedAuthScheme(ctx)
+ if rscheme == nil {
+ return out, metadata, fmt.Errorf("no resolved auth scheme")
+ }
+
+ smithyhttp.SetSigV4ASigningRegions(&rscheme.SignerProperties, regions)
+ return next.HandleFinalize(ctx, in)
+ }
+ return func(o *Options) {
+ o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error {
+ return s.Finalize.Insert(
+ middleware.FinalizeMiddlewareFunc("withSigV4ASigningRegions", fn),
+ "Signing",
+ middleware.Before,
+ )
+ })
+ }
+}
+
func ignoreAnonymousAuth(options *Options) {
if aws.IsCredentialsProvider(options.Credentials, (*aws.AnonymousCredentials)(nil)) {
options.Credentials = nil
diff --git a/service/cloudwatchlogs/CHANGELOG.md b/service/cloudwatchlogs/CHANGELOG.md
index 1b6b1f0ce78..d45f50fa531 100644
--- a/service/cloudwatchlogs/CHANGELOG.md
+++ b/service/cloudwatchlogs/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.31.0 (2024-01-10)
+
+* **Feature**: Add support for account level subscription filter policies to PutAccountPolicy, DescribeAccountPolicies, and DeleteAccountPolicy APIs. Additionally, PutAccountPolicy has been modified with new optional "selectionCriteria" parameter for resource selection.
+
# v1.30.2 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/cloudwatchlogs/api_op_CreateLogGroup.go b/service/cloudwatchlogs/api_op_CreateLogGroup.go
index 5bf09be7292..af6a9ec4b17 100644
--- a/service/cloudwatchlogs/api_op_CreateLogGroup.go
+++ b/service/cloudwatchlogs/api_op_CreateLogGroup.go
@@ -66,9 +66,9 @@ type CreateLogGroupInput struct {
// - The Standard log class supports all CloudWatch Logs features.
// - The Infrequent Access log class supports a subset of CloudWatch Logs
// features and incurs lower costs.
- // If you omit this parameter, the default of STANDARD is used. After a log group
- // is created, its class can't be changed. For details about the features supported
- // by each class, see Log classes (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html)
+ // If you omit this parameter, the default of STANDARD is used. The value of
+ // logGroupClass can't be changed after a log group is created. For details about
+ // the features supported by each class, see Log classes (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html)
LogGroupClass types.LogGroupClass
// The key-value pairs to use for the tags. You can grant users access to certain
diff --git a/service/cloudwatchlogs/api_op_DeleteAccountPolicy.go b/service/cloudwatchlogs/api_op_DeleteAccountPolicy.go
index e01a8c411c0..aaea8de662e 100644
--- a/service/cloudwatchlogs/api_op_DeleteAccountPolicy.go
+++ b/service/cloudwatchlogs/api_op_DeleteAccountPolicy.go
@@ -12,9 +12,15 @@ import (
smithyhttp "github.com/aws/smithy-go/transport/http"
)
-// Deletes a CloudWatch Logs account policy. To use this operation, you must be
-// signed on with the logs:DeleteDataProtectionPolicy and logs:DeleteAccountPolicy
-// permissions.
+// Deletes a CloudWatch Logs account policy. This stops the policy from applying
+// to all log groups or a subset of log groups in the account. Log-group level
+// policies will still be in effect. To use this operation, you must be signed on
+// with the correct permissions depending on the type of policy that you are
+// deleting.
+// - To delete a data protection policy, you must have the
+// logs:DeleteDataProtectionPolicy and logs:DeleteAccountPolicy permissions.
+// - To delete a subscription filter policy, you must have the
+// logs:DeleteSubscriptionFilter and logs:DeleteAccountPolicy permissions.
func (c *Client) DeleteAccountPolicy(ctx context.Context, params *DeleteAccountPolicyInput, optFns ...func(*Options)) (*DeleteAccountPolicyOutput, error) {
if params == nil {
params = &DeleteAccountPolicyInput{}
@@ -37,8 +43,7 @@ type DeleteAccountPolicyInput struct {
// This member is required.
PolicyName *string
- // The type of policy to delete. Currently, the only valid value is
- // DATA_PROTECTION_POLICY .
+ // The type of policy to delete.
//
// This member is required.
PolicyType types.PolicyType
diff --git a/service/cloudwatchlogs/api_op_DescribeAccountPolicies.go b/service/cloudwatchlogs/api_op_DescribeAccountPolicies.go
index 58b6820aeee..0e57c3f7be5 100644
--- a/service/cloudwatchlogs/api_op_DescribeAccountPolicies.go
+++ b/service/cloudwatchlogs/api_op_DescribeAccountPolicies.go
@@ -31,8 +31,7 @@ func (c *Client) DescribeAccountPolicies(ctx context.Context, params *DescribeAc
type DescribeAccountPoliciesInput struct {
// Use this parameter to limit the returned policies to only the policies that
- // match the policy type that you specify. Currently, the only valid value is
- // DATA_PROTECTION_POLICY .
+ // match the policy type that you specify.
//
// This member is required.
PolicyType types.PolicyType
diff --git a/service/cloudwatchlogs/api_op_PutAccountPolicy.go b/service/cloudwatchlogs/api_op_PutAccountPolicy.go
index 0777113fb50..4b69c59872a 100644
--- a/service/cloudwatchlogs/api_op_PutAccountPolicy.go
+++ b/service/cloudwatchlogs/api_op_PutAccountPolicy.go
@@ -12,34 +12,56 @@ import (
smithyhttp "github.com/aws/smithy-go/transport/http"
)
-// Creates an account-level data protection policy that applies to all log groups
-// in the account. A data protection policy can help safeguard sensitive data
+// Creates an account-level data protection policy or subscription filter policy
+// that applies to all log groups or a subset of log groups in the account. Data
+// protection policy A data protection policy can help safeguard sensitive data
// that's ingested by your log groups by auditing and masking the sensitive log
-// data. Each account can have only one account-level policy. Sensitive data is
-// detected and masked when it is ingested into a log group. When you set a data
-// protection policy, log events ingested into the log groups before that time are
-// not masked. If you use PutAccountPolicy to create a data protection policy for
-// your whole account, it applies to both existing log groups and all log groups
-// that are created later in this account. The account policy is applied to
-// existing log groups with eventual consistency. It might take up to 5 minutes
-// before sensitive data in existing log groups begins to be masked. By default,
-// when a user views a log event that includes masked data, the sensitive data is
-// replaced by asterisks. A user who has the logs:Unmask permission can use a
-// GetLogEvents (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogEvents.html)
+// data. Each account can have only one account-level data protection policy.
+// Sensitive data is detected and masked when it is ingested into a log group. When
+// you set a data protection policy, log events ingested into the log groups before
+// that time are not masked. If you use PutAccountPolicy to create a data
+// protection policy for your whole account, it applies to both existing log groups
+// and all log groups that are created later in this account. The account-level
+// policy is applied to existing log groups with eventual consistency. It might
+// take up to 5 minutes before sensitive data in existing log groups begins to be
+// masked. By default, when a user views a log event that includes masked data, the
+// sensitive data is replaced by asterisks. A user who has the logs:Unmask
+// permission can use a GetLogEvents (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogEvents.html)
// or FilterLogEvents (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_FilterLogEvents.html)
// operation with the unmask parameter set to true to view the unmasked log
// events. Users with the logs:Unmask can also view unmasked data in the
// CloudWatch Logs console by running a CloudWatch Logs Insights query with the
// unmask query command. For more information, including a list of types of data
// that can be audited and masked, see Protect sensitive log data with masking (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html)
-// . To use the PutAccountPolicy operation, you must be signed on with the
-// logs:PutDataProtectionPolicy and logs:PutAccountPolicy permissions. The
-// PutAccountPolicy operation applies to all log groups in the account. You can
-// also use PutDataProtectionPolicy (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDataProtectionPolicy.html)
+// . To use the PutAccountPolicy operation for a data protection policy, you must
+// be signed on with the logs:PutDataProtectionPolicy and logs:PutAccountPolicy
+// permissions. The PutAccountPolicy operation applies to all log groups in the
+// account. You can use PutDataProtectionPolicy (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDataProtectionPolicy.html)
// to create a data protection policy that applies to just one log group. If a log
// group has its own data protection policy and the account also has an
// account-level data protection policy, then the two policies are cumulative. Any
-// sensitive term specified in either policy is masked.
+// sensitive term specified in either policy is masked. Subscription filter policy
+// A subscription filter policy sets up a real-time feed of log events from
+// CloudWatch Logs to other Amazon Web Services services. Account-level
+// subscription filter policies apply to both existing log groups and log groups
+// that are created later in this account. Supported destinations are Kinesis Data
+// Streams, Kinesis Data Firehose, and Lambda. When log events are sent to the
+// receiving service, they are Base64 encoded and compressed with the GZIP format.
+// The following destinations are supported for subscription filters:
+// - An Kinesis Data Streams data stream in the same account as the subscription
+// policy, for same-account delivery.
+// - An Kinesis Data Firehose data stream in the same account as the
+// subscription policy, for same-account delivery.
+// - A Lambda function in the same account as the subscription policy, for
+// same-account delivery.
+// - A logical destination in a different account created with PutDestination (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html)
+// , for cross-account delivery. Kinesis Data Streams and Kinesis Data Firehose are
+// supported as logical destinations.
+//
+// Each account can have one account-level subscription filter policy. If you are
+// updating an existing filter, you must specify the correct name in PolicyName .
+// To perform a PutAccountPolicy subscription filter operation for any destination
+// except a Lambda function, you must also have the iam:PassRole permission.
func (c *Client) PutAccountPolicy(ctx context.Context, params *PutAccountPolicyInput, optFns ...func(*Options)) (*PutAccountPolicyOutput, error) {
if params == nil {
params = &PutAccountPolicyInput{}
@@ -57,8 +79,8 @@ func (c *Client) PutAccountPolicy(ctx context.Context, params *PutAccountPolicyI
type PutAccountPolicyInput struct {
- // Specify the data protection policy, in JSON. This policy must include two JSON
- // blocks:
+ // Specify the policy, in JSON. Data protection policy A data protection policy
+ // must include two JSON blocks:
// - The first block must include both a DataIdentifer array and an Operation
// property with an Audit action. The DataIdentifer array lists the types of
// sensitive data that you want to mask. For more information about the available
@@ -81,7 +103,29 @@ type PutAccountPolicyInput struct {
// and Version fields. The Name is different than the operation's policyName
// parameter, and is used as a dimension when CloudWatch Logs reports audit
// findings metrics to CloudWatch. The JSON specified in policyDocument can be up
- // to 30,720 characters.
+ // to 30,720 characters long. Subscription filter policy A subscription filter
+ // policy can include the following attributes in a JSON block:
+ // - DestinationArn The ARN of the destination to deliver log events to.
+ // Supported destinations are:
+ // - An Kinesis Data Streams data stream in the same account as the subscription
+ // policy, for same-account delivery.
+ // - An Kinesis Data Firehose data stream in the same account as the
+ // subscription policy, for same-account delivery.
+ // - A Lambda function in the same account as the subscription policy, for
+ // same-account delivery.
+ // - A logical destination in a different account created with PutDestination (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html)
+ // , for cross-account delivery. Kinesis Data Streams and Kinesis Data Firehose are
+ // supported as logical destinations.
+ // - RoleArn The ARN of an IAM role that grants CloudWatch Logs permissions to
+ // deliver ingested log events to the destination stream. You don't need to provide
+ // the ARN when you are working with a logical destination for cross-account
+ // delivery.
+ // - FilterPattern A filter pattern for subscribing to a filtered stream of log
+ // events.
+ // - DistributionThe method used to distribute log data to the destination. By
+ // default, log data is grouped by log stream, but the grouping can be set to
+ // Random for a more even distribution. This property is only applicable when the
+ // destination is an Kinesis Data Streams data stream.
//
// This member is required.
PolicyDocument *string
@@ -91,7 +135,7 @@ type PutAccountPolicyInput struct {
// This member is required.
PolicyName *string
- // Currently the only valid value for this parameter is DATA_PROTECTION_POLICY .
+ // The type of policy that you're creating or updating.
//
// This member is required.
PolicyType types.PolicyType
@@ -101,6 +145,16 @@ type PutAccountPolicyInput struct {
// this parameter, the default of ALL is used.
Scope types.Scope
+ // Use this parameter to apply the subscription filter policy to a subset of log
+ // groups in the account. Currently, the only supported filter is LogGroupName NOT
+ // IN [] . The selectionCriteria string can be up to 25KB in length. The length is
+ // determined by using its UTF-8 bytes. Using the selectionCriteria parameter is
+ // useful to help prevent infinite loops. For more information, see Log recursion
+ // prevention (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Subscriptions-recursion-prevention.html)
+ // . Specifing selectionCriteria is valid only when you specify
+ // SUBSCRIPTION_FILTER_POLICY for policyType .
+ SelectionCriteria *string
+
noSmithyDocumentSerde
}
diff --git a/service/cloudwatchlogs/api_op_StartLiveTail.go b/service/cloudwatchlogs/api_op_StartLiveTail.go
index c5876401ea5..05816c470b6 100644
--- a/service/cloudwatchlogs/api_op_StartLiveTail.go
+++ b/service/cloudwatchlogs/api_op_StartLiveTail.go
@@ -42,7 +42,10 @@ import (
//
// You can end a session before it times out by closing the session stream or by
// closing the client that is receiving the stream. The session also ends if the
-// established connection between the client and the server breaks.
+// established connection between the client and the server breaks. For examples of
+// using an SDK to start a Live Tail session, see Start a Live Tail session using
+// an Amazon Web Services SDK (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/example_cloudwatch-logs_StartLiveTail_section.html)
+// .
func (c *Client) StartLiveTail(ctx context.Context, params *StartLiveTailInput, optFns ...func(*Options)) (*StartLiveTailOutput, error) {
if params == nil {
params = &StartLiveTailInput{}
@@ -77,12 +80,14 @@ type StartLiveTailInput struct {
// If you specify this parameter, then only log events in the log streams that
// have names that start with the prefixes that you specify here are included in
- // the Live Tail session. You can specify this parameter only if you specify only
+ // the Live Tail session. If you specify this field, you can't also specify the
+ // logStreamNames field. You can specify this parameter only if you specify only
// one log group in logGroupIdentifiers .
LogStreamNamePrefixes []string
// If you specify this parameter, then only log events in the log streams that you
- // specify here are included in the Live Tail session. You can specify this
+ // specify here are included in the Live Tail session. If you specify this field,
+ // you can't also specify the logStreamNamePrefixes field. You can specify this
// parameter only if you specify only one log group in logGroupIdentifiers .
LogStreamNames []string
diff --git a/service/cloudwatchlogs/deserializers.go b/service/cloudwatchlogs/deserializers.go
index 326595d92d0..65b96437745 100644
--- a/service/cloudwatchlogs/deserializers.go
+++ b/service/cloudwatchlogs/deserializers.go
@@ -9680,6 +9680,15 @@ func awsAwsjson11_deserializeDocumentAccountPolicy(v **types.AccountPolicy, valu
sv.Scope = types.Scope(jtv)
}
+ case "selectionCriteria":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected SelectionCriteria to be of type string, got %T instead", value)
+ }
+ sv.SelectionCriteria = ptr.String(jtv)
+ }
+
default:
_, _ = key, value
diff --git a/service/cloudwatchlogs/go_module_metadata.go b/service/cloudwatchlogs/go_module_metadata.go
index 7bb1013ae64..b4fc9860853 100644
--- a/service/cloudwatchlogs/go_module_metadata.go
+++ b/service/cloudwatchlogs/go_module_metadata.go
@@ -3,4 +3,4 @@
package cloudwatchlogs
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.30.2"
+const goModuleVersion = "1.31.0"
diff --git a/service/cloudwatchlogs/serializers.go b/service/cloudwatchlogs/serializers.go
index 9ae3ccbfdbd..2c87537a6c4 100644
--- a/service/cloudwatchlogs/serializers.go
+++ b/service/cloudwatchlogs/serializers.go
@@ -5415,6 +5415,11 @@ func awsAwsjson11_serializeOpDocumentPutAccountPolicyInput(v *PutAccountPolicyIn
ok.String(string(v.Scope))
}
+ if v.SelectionCriteria != nil {
+ ok := object.Key("selectionCriteria")
+ ok.String(*v.SelectionCriteria)
+ }
+
return nil
}
diff --git a/service/cloudwatchlogs/types/enums.go b/service/cloudwatchlogs/types/enums.go
index 30cf2c08cd0..d99578837f5 100644
--- a/service/cloudwatchlogs/types/enums.go
+++ b/service/cloudwatchlogs/types/enums.go
@@ -220,7 +220,8 @@ type PolicyType string
// Enum values for PolicyType
const (
- PolicyTypeDataProtectionPolicy PolicyType = "DATA_PROTECTION_POLICY"
+ PolicyTypeDataProtectionPolicy PolicyType = "DATA_PROTECTION_POLICY"
+ PolicyTypeSubscriptionFilterPolicy PolicyType = "SUBSCRIPTION_FILTER_POLICY"
)
// Values returns all known values for PolicyType. Note that this can be expanded
@@ -229,6 +230,7 @@ const (
func (PolicyType) Values() []PolicyType {
return []PolicyType{
"DATA_PROTECTION_POLICY",
+ "SUBSCRIPTION_FILTER_POLICY",
}
}
diff --git a/service/cloudwatchlogs/types/types.go b/service/cloudwatchlogs/types/types.go
index 76ecb66fe6f..1ca521c8801 100644
--- a/service/cloudwatchlogs/types/types.go
+++ b/service/cloudwatchlogs/types/types.go
@@ -28,6 +28,9 @@ type AccountPolicy struct {
// The scope of the account policy.
Scope Scope
+ // The log group selection criteria for this subscription filter policy.
+ SelectionCriteria *string
+
noSmithyDocumentSerde
}
diff --git a/service/codebuild/CHANGELOG.md b/service/codebuild/CHANGELOG.md
index c9a5bc0cff0..6a797470b63 100644
--- a/service/codebuild/CHANGELOG.md
+++ b/service/codebuild/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.27.0 (2024-01-08)
+
+* **Feature**: Aws CodeBuild now supports new compute type BUILD_GENERAL1_XLARGE
+
# v1.26.6 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/codebuild/endpoints_test.go b/service/codebuild/endpoints_test.go
index bc68e66cee0..4991c46b2ef 100644
--- a/service/codebuild/endpoints_test.go
+++ b/service/codebuild/endpoints_test.go
@@ -1907,23 +1907,3 @@ func TestEndpointCase51(t *testing.T) {
t.Errorf("expect %v error in %v", e, a)
}
}
-
-// Partition doesn't support DualStack
-func TestEndpointCase52(t *testing.T) {
- var params = EndpointParameters{
- Region: ptr.String("us-isob-east-1"),
- UseFIPS: ptr.Bool(false),
- UseDualStack: ptr.Bool(true),
- }
-
- resolver := NewDefaultEndpointResolverV2()
- result, err := resolver.ResolveEndpoint(context.Background(), params)
- _, _ = result, err
-
- if err == nil {
- t.Fatalf("expect error, got none")
- }
- if e, a := "DualStack is enabled but this partition does not support DualStack", err.Error(); !strings.Contains(a, e) {
- t.Errorf("expect %v error in %v", e, a)
- }
-}
diff --git a/service/codebuild/go_module_metadata.go b/service/codebuild/go_module_metadata.go
index 5b2e1761883..9e61cfb8298 100644
--- a/service/codebuild/go_module_metadata.go
+++ b/service/codebuild/go_module_metadata.go
@@ -3,4 +3,4 @@
package codebuild
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.26.6"
+const goModuleVersion = "1.27.0"
diff --git a/service/codebuild/types/enums.go b/service/codebuild/types/enums.go
index fe10faf26b8..f80598db8c1 100644
--- a/service/codebuild/types/enums.go
+++ b/service/codebuild/types/enums.go
@@ -227,6 +227,7 @@ const (
ComputeTypeBuildGeneral1Small ComputeType = "BUILD_GENERAL1_SMALL"
ComputeTypeBuildGeneral1Medium ComputeType = "BUILD_GENERAL1_MEDIUM"
ComputeTypeBuildGeneral1Large ComputeType = "BUILD_GENERAL1_LARGE"
+ ComputeTypeBuildGeneral1Xlarge ComputeType = "BUILD_GENERAL1_XLARGE"
ComputeTypeBuildGeneral12xlarge ComputeType = "BUILD_GENERAL1_2XLARGE"
ComputeTypeBuildLambda1gb ComputeType = "BUILD_LAMBDA_1GB"
ComputeTypeBuildLambda2gb ComputeType = "BUILD_LAMBDA_2GB"
@@ -243,6 +244,7 @@ func (ComputeType) Values() []ComputeType {
"BUILD_GENERAL1_SMALL",
"BUILD_GENERAL1_MEDIUM",
"BUILD_GENERAL1_LARGE",
+ "BUILD_GENERAL1_XLARGE",
"BUILD_GENERAL1_2XLARGE",
"BUILD_LAMBDA_1GB",
"BUILD_LAMBDA_2GB",
diff --git a/service/codebuild/types/types.go b/service/codebuild/types/types.go
index cd4019bd732..beb53e84723 100644
--- a/service/codebuild/types/types.go
+++ b/service/codebuild/types/types.go
@@ -1180,6 +1180,8 @@ type ProjectEnvironment struct {
// - BUILD_GENERAL1_MEDIUM : Use up to 7 GB memory and 4 vCPUs for builds.
// - BUILD_GENERAL1_LARGE : Use up to 16 GB memory and 8 vCPUs for builds,
// depending on your environment type.
+ // - BUILD_GENERAL1_XLARGE : Use up to 70 GB memory and 36 vCPUs for builds,
+ // depending on your environment type.
// - BUILD_GENERAL1_2XLARGE : Use up to 145 GB memory, 72 vCPUs, and 824 GB of
// SSD storage for builds. This compute type supports Docker images up to 100 GB
// uncompressed.
diff --git a/service/connect/CHANGELOG.md b/service/connect/CHANGELOG.md
index bee2a6b600b..a60d1cb36e6 100644
--- a/service/connect/CHANGELOG.md
+++ b/service/connect/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.89.0 (2024-01-12)
+
+* **Feature**: Supervisor Barge for Chat is now supported through the MonitorContact API.
+
# v1.88.1 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/connect/api_op_GetCurrentMetricData.go b/service/connect/api_op_GetCurrentMetricData.go
index 21f258bc0e2..8a423a06d47 100644
--- a/service/connect/api_op_GetCurrentMetricData.go
+++ b/service/connect/api_op_GetCurrentMetricData.go
@@ -53,7 +53,11 @@ type GetCurrentMetricDataInput struct {
// SECONDS but the Value is returned in MILLISECONDS. For example, if you get a
// response like this: { "Metric": { "Name": "OLDEST_CONTACT_AGE", "Unit":
// "SECONDS" }, "Value": 24113.0 } The actual OLDEST_CONTACT_AGE is 24 seconds.
- // Name in real-time metrics report: Oldest (https://docs.aws.amazon.com/connect/latest/adminguide/real-time-metrics-definitions.html#oldest-real-time)
+ // When the filter RoutingStepExpression is used, this metric is still calculated
+ // from enqueue time. For example, if a contact that has been queued under for 10
+ // seconds has expired and becomes active, then OLDEST_CONTACT_AGE for this queue
+ // will be counted starting from 10, not 0. Name in real-time metrics report:
+ // Oldest (https://docs.aws.amazon.com/connect/latest/adminguide/real-time-metrics-definitions.html#oldest-real-time)
// SLOTS_ACTIVE Unit: COUNT Name in real-time metrics report: Active (https://docs.aws.amazon.com/connect/latest/adminguide/real-time-metrics-definitions.html#active-real-time)
// SLOTS_AVAILABLE Unit: COUNT Name in real-time metrics report: Availability (https://docs.aws.amazon.com/connect/latest/adminguide/real-time-metrics-definitions.html#availability-real-time)
//
@@ -65,10 +69,12 @@ type GetCurrentMetricDataInput struct {
// - Queues: 100
// - Routing profiles: 100
// - Channels: 3 (VOICE, CHAT, and TASK channels are supported.)
+ // - RoutingStepExpressions: 50
// Metric data is retrieved only for the resources associated with the queues or
// routing profiles, and by any channels included in the filter. (You cannot filter
// by both queue AND routing profile.) You can include both resource IDs and
- // resource ARNs in the same request. Currently tagging is only supported on the
+ // resource ARNs in the same request. When using RoutingStepExpression , you need
+ // to pass exactly one QueueId . Currently tagging is only supported on the
// resources that are passed in the filter.
//
// This member is required.
@@ -89,6 +95,8 @@ type GetCurrentMetricDataInput struct {
// profile filter. In addition, a routing profile filter is required for metrics
// CONTACTS_SCHEDULED , CONTACTS_IN_QUEUE , and OLDEST_CONTACT_AGE .
// - If no Grouping is included in the request, a summary of metrics is returned.
+ // - When using the RoutingStepExpression filter, group by
+ // ROUTING_STEP_EXPRESSION is required.
Groupings []types.Grouping
// The maximum number of results to return per page.
diff --git a/service/connect/api_op_GetMetricData.go b/service/connect/api_op_GetMetricData.go
index 5fb4603d325..e2bb7a54b5e 100644
--- a/service/connect/api_op_GetMetricData.go
+++ b/service/connect/api_op_GetMetricData.go
@@ -52,8 +52,10 @@ type GetMetricDataInput struct {
// The queues, up to 100, or channels, to use to filter the metrics returned.
// Metric data is retrieved only for the resources associated with the queues or
// channels included in the filter. You can include both queue IDs and queue ARNs
- // in the same request. VOICE, CHAT, and TASK channels are supported. To filter by
- // Queues , enter the queue ID/ARN, not the name of the queue.
+ // in the same request. VOICE, CHAT, and TASK channels are supported.
+ // RoutingStepExpression is not a valid filter for GetMetricData and we recommend
+ // switching to GetMetricDataV2 for more up-to-date features. To filter by Queues ,
+ // enter the queue ID/ARN, not the name of the queue.
//
// This member is required.
Filters *types.Filters
@@ -106,6 +108,8 @@ type GetMetricDataInput struct {
// grouped by queue, the metrics returned are grouped by queue. The values returned
// apply to the metrics for each queue rather than aggregated for all queues. If no
// grouping is specified, a summary of metrics for all queues is returned.
+ // RoutingStepExpression is not a valid filter for GetMetricData and we recommend
+ // switching to GetMetricDataV2 for more up-to-date features.
Groupings []types.Grouping
// The maximum number of results to return per page.
diff --git a/service/connect/api_op_GetMetricDataV2.go b/service/connect/api_op_GetMetricDataV2.go
index 3d235026aa4..0e17490ce73 100644
--- a/service/connect/api_op_GetMetricDataV2.go
+++ b/service/connect/api_op_GetMetricDataV2.go
@@ -54,6 +54,7 @@ type GetMetricDataV2Input struct {
// - Channels
// - User hierarchy groups
// - Feature
+ // - Routing step expression
// At least one filter must be passed from queues, routing profiles, agents, or
// user hierarchy groups. To filter by phone number, see Create a historical
// metrics report (https://docs.aws.amazon.com/connect/latest/adminguide/create-historical-metrics-report.html)
@@ -63,7 +64,7 @@ type GetMetricDataV2Input struct {
// AGENT_HIERARCHY_LEVEL_ONE | AGENT_HIERARCHY_LEVEL_TWO |
// AGENT_HIERARCHY_LEVEL_THREE | AGENT_HIERARCHY_LEVEL_FOUR |
// AGENT_HIERARCHY_LEVEL_FIVE | FEATURE |
- // contact/segmentAttributes/connect:Subtype
+ // contact/segmentAttributes/connect:Subtype | ROUTING_STEP_EXPRESSION
// - Filter values: A maximum of 100 filter values are supported in a single
// request. VOICE, CHAT, and TASK are valid filterValue for the CHANNEL filter
// key. They do not count towards limitation of 100 filter values. For example, a
@@ -73,7 +74,8 @@ type GetMetricDataV2Input struct {
// filter key. It is available only to contacts analyzed by Contact Lens
// conversational analytics. connect:Chat , connect:SMS , connect:Telephony , and
// connect:WebRTC are valid filterValue examples (not exhaustive) for the
- // contact/segmentAttributes/connect:Subtype filter key.
+ // contact/segmentAttributes/connect:Subtype filter key. ROUTING_STEP_EXPRESSION
+ // is a valid filter key with a filter value up to 3000 length.
//
// This member is required.
Filters []types.FilterV2
@@ -127,12 +129,12 @@ type GetMetricDataV2Input struct {
// filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,
// contact/segmentAttributes/connect:Subtype AVG_HANDLE_TIME Unit: Seconds Valid
// groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,
- // Feature, contact/segmentAttributes/connect:Subtype Feature is a valid filter but
- // not a valid grouping. AVG_HOLD_TIME Unit: Seconds Valid groupings and filters:
- // Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,
- // contact/segmentAttributes/connect:Subtype Feature is a valid filter but not a
- // valid grouping. AVG_HOLD_TIME_ALL_CONTACTS Unit: Seconds Valid groupings and
- // filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,
+ // Feature, contact/segmentAttributes/connect:Subtype, RoutingStepExpression
+ // Feature is a valid filter but not a valid grouping. AVG_HOLD_TIME Unit: Seconds
+ // Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent
+ // Hierarchy, Feature, contact/segmentAttributes/connect:Subtype Feature is a valid
+ // filter but not a valid grouping. AVG_HOLD_TIME_ALL_CONTACTS Unit: Seconds Valid
+ // groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,
// contact/segmentAttributes/connect:Subtype AVG_HOLDS Unit: Count Valid groupings
// and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,
// contact/segmentAttributes/connect:Subtype Feature is a valid filter but not a
@@ -169,15 +171,16 @@ type GetMetricDataV2Input struct {
// Agent, Agent Hierarchy, contact/segmentAttributes/connect:Subtype
// CONTACTS_ABANDONED Unit: Count Valid groupings and filters: Queue, Channel,
// Routing Profile, Agent, Agent Hierarchy,
- // contact/segmentAttributes/connect:Subtype CONTACTS_CREATED Unit: Count Valid
- // metric filter key: INITIATION_METHOD Valid groupings and filters: Queue,
- // Channel, Routing Profile, Feature, contact/segmentAttributes/connect:Subtype
- // Feature is a valid filter but not a valid grouping. CONTACTS_HANDLED Unit: Count
- // Valid metric filter key: INITIATION_METHOD , DISCONNECT_REASON Valid groupings
- // and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy, Feature,
+ // contact/segmentAttributes/connect:Subtype, RoutingStepExpression
+ // CONTACTS_CREATED Unit: Count Valid metric filter key: INITIATION_METHOD Valid
+ // groupings and filters: Queue, Channel, Routing Profile, Feature,
// contact/segmentAttributes/connect:Subtype Feature is a valid filter but not a
- // valid grouping. CONTACTS_HOLD_ABANDONS Unit: Count Valid groupings and filters:
- // Queue, Channel, Routing Profile, Agent, Agent Hierarchy,
+ // valid grouping. CONTACTS_HANDLED Unit: Count Valid metric filter key:
+ // INITIATION_METHOD , DISCONNECT_REASON Valid groupings and filters: Queue,
+ // Channel, Routing Profile, Agent, Agent Hierarchy, Feature,
+ // contact/segmentAttributes/connect:Subtype, RoutingStepExpression Feature is a
+ // valid filter but not a valid grouping. CONTACTS_HOLD_ABANDONS Unit: Count Valid
+ // groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,
// contact/segmentAttributes/connect:Subtype CONTACTS_ON_HOLD_AGENT_DISCONNECT
// Unit: Count Valid groupings and filters: Queue, Channel, Routing Profile, Agent,
// Agent Hierarchy CONTACTS_ON_HOLD_CUSTOMER_DISCONNECT Unit: Count Valid groupings
@@ -202,25 +205,29 @@ type GetMetricDataV2Input struct {
// Queue, Channel, Routing Profile, Agent, Agent Hierarchy,
// contact/segmentAttributes/connect:Subtype MAX_QUEUED_TIME Unit: Seconds Valid
// groupings and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,
- // contact/segmentAttributes/connect:Subtype PERCENT_NON_TALK_TIME This metric is
- // available only for contacts analyzed by Contact Lens conversational analytics.
- // Unit: Percentage Valid groupings and filters: Queue, Channel, Routing Profile,
- // Agent, Agent Hierarchy, contact/segmentAttributes/connect:Subtype
- // PERCENT_TALK_TIME This metric is available only for contacts analyzed by Contact
- // Lens conversational analytics. Unit: Percentage Valid groupings and filters:
- // Queue, Channel, Routing Profile, Agent, Agent Hierarchy,
- // contact/segmentAttributes/connect:Subtype PERCENT_TALK_TIME_AGENT This metric is
- // available only for contacts analyzed by Contact Lens conversational analytics.
- // Unit: Percentage Valid groupings and filters: Queue, Channel, Routing Profile,
- // Agent, Agent Hierarchy, contact/segmentAttributes/connect:Subtype
- // PERCENT_TALK_TIME_CUSTOMER This metric is available only for contacts analyzed
- // by Contact Lens conversational analytics. Unit: Percentage Valid groupings and
+ // contact/segmentAttributes/connect:Subtype PERCENT_CONTACTS_STEP_EXPIRED Unit:
+ // Percent Valid groupings and filters: Queue, RoutingStepExpression
+ // PERCENT_CONTACTS_STEP_JOINED Unit: Percent Valid groupings and filters: Queue,
+ // RoutingStepExpression PERCENT_NON_TALK_TIME This metric is available only for
+ // contacts analyzed by Contact Lens conversational analytics. Unit: Percentage
+ // Valid groupings and filters: Queue, Channel, Routing Profile, Agent, Agent
+ // Hierarchy, contact/segmentAttributes/connect:Subtype PERCENT_TALK_TIME This
+ // metric is available only for contacts analyzed by Contact Lens conversational
+ // analytics. Unit: Percentage Valid groupings and filters: Queue, Channel, Routing
+ // Profile, Agent, Agent Hierarchy, contact/segmentAttributes/connect:Subtype
+ // PERCENT_TALK_TIME_AGENT This metric is available only for contacts analyzed by
+ // Contact Lens conversational analytics. Unit: Percentage Valid groupings and
// filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy,
- // contact/segmentAttributes/connect:Subtype SERVICE_LEVEL You can include up to 20
- // SERVICE_LEVEL metrics in a request. Unit: Percent Valid groupings and filters:
- // Queue, Channel, Routing Profile Threshold: For ThresholdValue , enter any whole
- // number from 1 to 604800 (inclusive), in seconds. For Comparison , you must enter
- // LT (for "Less than"). SUM_AFTER_CONTACT_WORK_TIME Unit: Seconds Valid groupings
+ // contact/segmentAttributes/connect:Subtype PERCENT_TALK_TIME_CUSTOMER This metric
+ // is available only for contacts analyzed by Contact Lens conversational
+ // analytics. Unit: Percentage Valid groupings and filters: Queue, Channel, Routing
+ // Profile, Agent, Agent Hierarchy, contact/segmentAttributes/connect:Subtype
+ // SERVICE_LEVEL You can include up to 20 SERVICE_LEVEL metrics in a request. Unit:
+ // Percent Valid groupings and filters: Queue, Channel, Routing Profile Threshold:
+ // For ThresholdValue , enter any whole number from 1 to 604800 (inclusive), in
+ // seconds. For Comparison , you must enter LT (for "Less than").
+ // STEP_CONTACTS_QUEUED Unit: Count Valid groupings and filters: Queue,
+ // RoutingStepExpression SUM_AFTER_CONTACT_WORK_TIME Unit: Seconds Valid groupings
// and filters: Queue, Channel, Routing Profile, Agent, Agent Hierarchy
// SUM_CONNECTING_TIME_AGENT Unit: Seconds Valid metric filter key:
// INITIATION_METHOD . This metric only supports the following filter keys as
@@ -281,7 +288,8 @@ type GetMetricDataV2Input struct {
// is returned. Valid grouping keys: QUEUE | ROUTING_PROFILE | AGENT | CHANNEL |
// AGENT_HIERARCHY_LEVEL_ONE | AGENT_HIERARCHY_LEVEL_TWO |
// AGENT_HIERARCHY_LEVEL_THREE | AGENT_HIERARCHY_LEVEL_FOUR |
- // AGENT_HIERARCHY_LEVEL_FIVE , contact/segmentAttributes/connect:Subtype
+ // AGENT_HIERARCHY_LEVEL_FIVE , contact/segmentAttributes/connect:Subtype |
+ // ROUTING_STEP_EXPRESSION
Groupings []string
// The interval period and timezone to apply to returned metrics.
diff --git a/service/connect/api_op_MonitorContact.go b/service/connect/api_op_MonitorContact.go
index fcb85779198..2eae53f760e 100644
--- a/service/connect/api_op_MonitorContact.go
+++ b/service/connect/api_op_MonitorContact.go
@@ -50,6 +50,7 @@ type MonitorContactInput struct {
// Specify which monitoring actions the user is allowed to take. For example,
// whether the user is allowed to escalate from silent monitoring to barge.
+ // AllowedMonitorCapabilities is required if barge is enabled.
AllowedMonitorCapabilities []types.MonitorCapability
// A unique, case-sensitive identifier that you provide to ensure the idempotency
diff --git a/service/connect/go_module_metadata.go b/service/connect/go_module_metadata.go
index 1cc28df5c36..addc7b3a9be 100644
--- a/service/connect/go_module_metadata.go
+++ b/service/connect/go_module_metadata.go
@@ -3,4 +3,4 @@
package connect
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.88.1"
+const goModuleVersion = "1.89.0"
diff --git a/service/connect/types/enums.go b/service/connect/types/enums.go
index 4c80d1025d7..5ef32d15b61 100644
--- a/service/connect/types/enums.go
+++ b/service/connect/types/enums.go
@@ -769,6 +769,7 @@ const (
InstanceAttributeTypeMultiPartyConference InstanceAttributeType = "MULTI_PARTY_CONFERENCE"
InstanceAttributeTypeHighVolumeOutbound InstanceAttributeType = "HIGH_VOLUME_OUTBOUND"
InstanceAttributeTypeEnhancedContactMonitoring InstanceAttributeType = "ENHANCED_CONTACT_MONITORING"
+ InstanceAttributeTypeEnhancedChatMonitoring InstanceAttributeType = "ENHANCED_CHAT_MONITORING"
)
// Values returns all known values for InstanceAttributeType. Note that this can
@@ -786,6 +787,7 @@ func (InstanceAttributeType) Values() []InstanceAttributeType {
"MULTI_PARTY_CONFERENCE",
"HIGH_VOLUME_OUTBOUND",
"ENHANCED_CONTACT_MONITORING",
+ "ENHANCED_CHAT_MONITORING",
}
}
@@ -1039,10 +1041,11 @@ type ParticipantRole string
// Enum values for ParticipantRole
const (
- ParticipantRoleAgent ParticipantRole = "AGENT"
- ParticipantRoleCustomer ParticipantRole = "CUSTOMER"
- ParticipantRoleSystem ParticipantRole = "SYSTEM"
- ParticipantRoleCustomBot ParticipantRole = "CUSTOM_BOT"
+ ParticipantRoleAgent ParticipantRole = "AGENT"
+ ParticipantRoleCustomer ParticipantRole = "CUSTOMER"
+ ParticipantRoleSystem ParticipantRole = "SYSTEM"
+ ParticipantRoleCustomBot ParticipantRole = "CUSTOM_BOT"
+ ParticipantRoleSupervisor ParticipantRole = "SUPERVISOR"
)
// Values returns all known values for ParticipantRole. Note that this can be
@@ -1054,6 +1057,7 @@ func (ParticipantRole) Values() []ParticipantRole {
"CUSTOMER",
"SYSTEM",
"CUSTOM_BOT",
+ "SUPERVISOR",
}
}
diff --git a/service/connect/types/types.go b/service/connect/types/types.go
index fb9c54aab10..6e887dfa1d8 100644
--- a/service/connect/types/types.go
+++ b/service/connect/types/types.go
@@ -1700,7 +1700,11 @@ type EvaluationMetadata struct {
// Information about notes for a contact evaluation.
type EvaluationNote struct {
- // The note for an item (section or question) in a contact evaluation.
+ // The note for an item (section or question) in a contact evaluation. Even though
+ // a note in an evaluation can have up to 3072 chars, there is also a limit on the
+ // total number of chars for all the notes in the evaluation combined. Assuming
+ // there are N questions in the evaluation being submitted, then the max char limit
+ // for all notes combined is N x 1024.
Value *string
noSmithyDocumentSerde
diff --git a/service/connectcampaigns/CHANGELOG.md b/service/connectcampaigns/CHANGELOG.md
index 319447ea010..36940133d18 100644
--- a/service/connectcampaigns/CHANGELOG.md
+++ b/service/connectcampaigns/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.8.0 (2024-01-10)
+
+* **Feature**: Minor pattern updates for Campaign and Dial Request API fields.
+
# v1.7.6 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/connectcampaigns/endpoints.go b/service/connectcampaigns/endpoints.go
index ca0c64338ef..b75c0f944dc 100644
--- a/service/connectcampaigns/endpoints.go
+++ b/service/connectcampaigns/endpoints.go
@@ -366,7 +366,7 @@ func (r *resolver) ResolveEndpoint(
}
}
if _UseFIPS == true {
- if true == _PartitionResult.SupportsFIPS {
+ if _PartitionResult.SupportsFIPS == true {
uriString := func() string {
var out strings.Builder
out.WriteString("https://connect-campaigns-fips.")
diff --git a/service/connectcampaigns/go_module_metadata.go b/service/connectcampaigns/go_module_metadata.go
index 531a2dac123..99f4c1ae2dd 100644
--- a/service/connectcampaigns/go_module_metadata.go
+++ b/service/connectcampaigns/go_module_metadata.go
@@ -3,4 +3,4 @@
package connectcampaigns
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.7.6"
+const goModuleVersion = "1.8.0"
diff --git a/service/connectparticipant/CHANGELOG.md b/service/connectparticipant/CHANGELOG.md
index cf4471e0a5d..8075afc15cd 100644
--- a/service/connectparticipant/CHANGELOG.md
+++ b/service/connectparticipant/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.21.0 (2024-01-12)
+
+* **Feature**: Introduce new Supervisor participant role
+
# v1.20.6 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/connectparticipant/deserializers.go b/service/connectparticipant/deserializers.go
index 26d06af2186..1ee214c4193 100644
--- a/service/connectparticipant/deserializers.go
+++ b/service/connectparticipant/deserializers.go
@@ -972,6 +972,9 @@ func awsRestjson1_deserializeOpErrorSendEvent(response *smithyhttp.Response, met
case strings.EqualFold("AccessDeniedException", errorCode):
return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody)
+ case strings.EqualFold("ConflictException", errorCode):
+ return awsRestjson1_deserializeErrorConflictException(response, errorBody)
+
case strings.EqualFold("InternalServerException", errorCode):
return awsRestjson1_deserializeErrorInternalServerException(response, errorBody)
diff --git a/service/connectparticipant/endpoints.go b/service/connectparticipant/endpoints.go
index 02b270d86e0..e4c4874a2fd 100644
--- a/service/connectparticipant/endpoints.go
+++ b/service/connectparticipant/endpoints.go
@@ -366,8 +366,8 @@ func (r *resolver) ResolveEndpoint(
}
}
if _UseFIPS == true {
- if true == _PartitionResult.SupportsFIPS {
- if "aws-us-gov" == _PartitionResult.Name {
+ if _PartitionResult.SupportsFIPS == true {
+ if _PartitionResult.Name == "aws-us-gov" {
uriString := func() string {
var out strings.Builder
out.WriteString("https://participant.connect.")
diff --git a/service/connectparticipant/go_module_metadata.go b/service/connectparticipant/go_module_metadata.go
index 5f827836b99..d2b007b28a2 100644
--- a/service/connectparticipant/go_module_metadata.go
+++ b/service/connectparticipant/go_module_metadata.go
@@ -3,4 +3,4 @@
package connectparticipant
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.20.6"
+const goModuleVersion = "1.21.0"
diff --git a/service/connectparticipant/types/enums.go b/service/connectparticipant/types/enums.go
index 18ff5103be3..0dfe33575f1 100644
--- a/service/connectparticipant/types/enums.go
+++ b/service/connectparticipant/types/enums.go
@@ -82,10 +82,11 @@ type ParticipantRole string
// Enum values for ParticipantRole
const (
- ParticipantRoleAgent ParticipantRole = "AGENT"
- ParticipantRoleCustomer ParticipantRole = "CUSTOMER"
- ParticipantRoleSystem ParticipantRole = "SYSTEM"
- ParticipantRoleCustomBot ParticipantRole = "CUSTOM_BOT"
+ ParticipantRoleAgent ParticipantRole = "AGENT"
+ ParticipantRoleCustomer ParticipantRole = "CUSTOMER"
+ ParticipantRoleSystem ParticipantRole = "SYSTEM"
+ ParticipantRoleCustomBot ParticipantRole = "CUSTOM_BOT"
+ ParticipantRoleSupervisor ParticipantRole = "SUPERVISOR"
)
// Values returns all known values for ParticipantRole. Note that this can be
@@ -97,6 +98,7 @@ func (ParticipantRole) Values() []ParticipantRole {
"CUSTOMER",
"SYSTEM",
"CUSTOM_BOT",
+ "SUPERVISOR",
}
}
@@ -111,6 +113,7 @@ const (
ResourceTypeHierarchyLevel ResourceType = "HIERARCHY_LEVEL"
ResourceTypeHierarchyGroup ResourceType = "HIERARCHY_GROUP"
ResourceTypeUser ResourceType = "USER"
+ ResourceTypePhoneNumber ResourceType = "PHONE_NUMBER"
)
// Values returns all known values for ResourceType. Note that this can be
@@ -125,6 +128,7 @@ func (ResourceType) Values() []ResourceType {
"HIERARCHY_LEVEL",
"HIERARCHY_GROUP",
"USER",
+ "PHONE_NUMBER",
}
}
diff --git a/service/ec2/CHANGELOG.md b/service/ec2/CHANGELOG.md
index ec73313193f..a321d8339e5 100644
--- a/service/ec2/CHANGELOG.md
+++ b/service/ec2/CHANGELOG.md
@@ -1,3 +1,11 @@
+# v1.144.0 (2024-01-11)
+
+* **Feature**: This release adds support for adding an ElasticBlockStorage volume configurations in ECS RunTask/StartTask/CreateService/UpdateService APIs. The configuration allows for attaching EBS volumes to ECS Tasks.
+
+# v1.143.0 (2024-01-08)
+
+* **Feature**: Amazon EC2 R7iz bare metal instances are powered by custom 4th generation Intel Xeon Scalable processors.
+
# v1.142.1 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/ec2/api_op_AttachVolume.go b/service/ec2/api_op_AttachVolume.go
index 1da701021a8..87bb9b48be9 100644
--- a/service/ec2/api_op_AttachVolume.go
+++ b/service/ec2/api_op_AttachVolume.go
@@ -76,18 +76,28 @@ type AttachVolumeInput struct {
// Describes volume attachment details.
type AttachVolumeOutput struct {
+ // The ARN of the Amazon ECS or Fargate task to which the volume is attached.
+ AssociatedResource *string
+
// The time stamp when the attachment initiated.
AttachTime *time.Time
// Indicates whether the EBS volume is deleted on instance termination.
DeleteOnTermination *bool
- // The device name.
+ // The device name. If the volume is attached to a Fargate task, this parameter
+ // returns null .
Device *string
- // The ID of the instance.
+ // The ID of the instance. If the volume is attached to a Fargate task, this
+ // parameter returns null .
InstanceId *string
+ // The service principal of Amazon Web Services service that owns the underlying
+ // instance to which the volume is attached. This parameter is returned only for
+ // volumes that are attached to Fargate tasks.
+ InstanceOwningService *string
+
// The attachment state of the volume.
State types.VolumeAttachmentState
diff --git a/service/ec2/api_op_DescribeCapacityBlockOfferings.go b/service/ec2/api_op_DescribeCapacityBlockOfferings.go
index 9c41c214641..4ffaa4a8f8d 100644
--- a/service/ec2/api_op_DescribeCapacityBlockOfferings.go
+++ b/service/ec2/api_op_DescribeCapacityBlockOfferings.go
@@ -56,10 +56,10 @@ type DescribeCapacityBlockOfferingsInput struct {
// The latest end date for the Capacity Block offering.
EndDateRange *time.Time
- // The maximum number of results to return for the request in a single page. The
- // remaining results can be seen by sending another request with the returned
- // nextToken value. This value can be between 5 and 500. If maxResults is given a
- // larger value than 500, you receive an error.
+ // The maximum number of items to return for this request. To get the next page of
+ // items, make another request with the token returned in the output. For more
+ // information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination)
+ // .
MaxResults *int32
// The token to use to retrieve the next page of results.
@@ -176,10 +176,10 @@ var _ DescribeCapacityBlockOfferingsAPIClient = (*Client)(nil)
// DescribeCapacityBlockOfferingsPaginatorOptions is the paginator options for
// DescribeCapacityBlockOfferings
type DescribeCapacityBlockOfferingsPaginatorOptions struct {
- // The maximum number of results to return for the request in a single page. The
- // remaining results can be seen by sending another request with the returned
- // nextToken value. This value can be between 5 and 500. If maxResults is given a
- // larger value than 500, you receive an error.
+ // The maximum number of items to return for this request. To get the next page of
+ // items, make another request with the token returned in the output. For more
+ // information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination)
+ // .
Limit int32
// Set to true if pagination should stop if the service returns a pagination token
diff --git a/service/ec2/api_op_DescribeCapacityReservationFleets.go b/service/ec2/api_op_DescribeCapacityReservationFleets.go
index f90f09b0c66..73a8bda4bf4 100644
--- a/service/ec2/api_op_DescribeCapacityReservationFleets.go
+++ b/service/ec2/api_op_DescribeCapacityReservationFleets.go
@@ -49,10 +49,10 @@ type DescribeCapacityReservationFleetsInput struct {
// prioritized is supported.
Filters []types.Filter
- // The maximum number of results to return for the request in a single page. The
- // remaining results can be seen by sending another request with the returned
- // nextToken value. This value can be between 5 and 500. If maxResults is given a
- // larger value than 500, you receive an error.
+ // The maximum number of items to return for this request. To get the next page of
+ // items, make another request with the token returned in the output. For more
+ // information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination)
+ // .
MaxResults *int32
// The token to use to retrieve the next page of results.
@@ -163,10 +163,10 @@ var _ DescribeCapacityReservationFleetsAPIClient = (*Client)(nil)
// DescribeCapacityReservationFleetsPaginatorOptions is the paginator options for
// DescribeCapacityReservationFleets
type DescribeCapacityReservationFleetsPaginatorOptions struct {
- // The maximum number of results to return for the request in a single page. The
- // remaining results can be seen by sending another request with the returned
- // nextToken value. This value can be between 5 and 500. If maxResults is given a
- // larger value than 500, you receive an error.
+ // The maximum number of items to return for this request. To get the next page of
+ // items, make another request with the token returned in the output. For more
+ // information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination)
+ // .
Limit int32
// Set to true if pagination should stop if the service returns a pagination token
diff --git a/service/ec2/api_op_DescribeCapacityReservations.go b/service/ec2/api_op_DescribeCapacityReservations.go
index 3db3008608b..f39945cf1f7 100644
--- a/service/ec2/api_op_DescribeCapacityReservations.go
+++ b/service/ec2/api_op_DescribeCapacityReservations.go
@@ -97,10 +97,10 @@ type DescribeCapacityReservationsInput struct {
// Capacity Reservation was created.
Filters []types.Filter
- // The maximum number of results to return for the request in a single page. The
- // remaining results can be seen by sending another request with the returned
- // nextToken value. This value can be between 5 and 500. If maxResults is given a
- // larger value than 500, you receive an error.
+ // The maximum number of items to return for this request. To get the next page of
+ // items, make another request with the token returned in the output. For more
+ // information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination)
+ // .
MaxResults *int32
// The token to use to retrieve the next page of results.
@@ -211,10 +211,10 @@ var _ DescribeCapacityReservationsAPIClient = (*Client)(nil)
// DescribeCapacityReservationsPaginatorOptions is the paginator options for
// DescribeCapacityReservations
type DescribeCapacityReservationsPaginatorOptions struct {
- // The maximum number of results to return for the request in a single page. The
- // remaining results can be seen by sending another request with the returned
- // nextToken value. This value can be between 5 and 500. If maxResults is given a
- // larger value than 500, you receive an error.
+ // The maximum number of items to return for this request. To get the next page of
+ // items, make another request with the token returned in the output. For more
+ // information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination)
+ // .
Limit int32
// Set to true if pagination should stop if the service returns a pagination token
diff --git a/service/ec2/api_op_DetachVolume.go b/service/ec2/api_op_DetachVolume.go
index ee0ee178e0c..efe0aaba995 100644
--- a/service/ec2/api_op_DetachVolume.go
+++ b/service/ec2/api_op_DetachVolume.go
@@ -21,7 +21,10 @@ import (
// EBS volume is the root device of an instance, it can't be detached while the
// instance is running. To detach the root volume, stop the instance first. When a
// volume with an Amazon Web Services Marketplace product code is detached from an
-// instance, the product code is no longer associated with the instance. For more
+// instance, the product code is no longer associated with the instance. You can't
+// detach or force detach volumes that are attached to Amazon ECS or Fargate tasks.
+// Attempting to do this results in the UnsupportedOperationException exception
+// with the Unable to detach volume attached to ECS tasks error message. For more
// information, see Detach an Amazon EBS volume (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-detaching-volume.html)
// in the Amazon Elastic Compute Cloud User Guide.
func (c *Client) DetachVolume(ctx context.Context, params *DetachVolumeInput, optFns ...func(*Options)) (*DetachVolumeOutput, error) {
@@ -74,18 +77,28 @@ type DetachVolumeInput struct {
// Describes volume attachment details.
type DetachVolumeOutput struct {
+ // The ARN of the Amazon ECS or Fargate task to which the volume is attached.
+ AssociatedResource *string
+
// The time stamp when the attachment initiated.
AttachTime *time.Time
// Indicates whether the EBS volume is deleted on instance termination.
DeleteOnTermination *bool
- // The device name.
+ // The device name. If the volume is attached to a Fargate task, this parameter
+ // returns null .
Device *string
- // The ID of the instance.
+ // The ID of the instance. If the volume is attached to a Fargate task, this
+ // parameter returns null .
InstanceId *string
+ // The service principal of Amazon Web Services service that owns the underlying
+ // instance to which the volume is attached. This parameter is returned only for
+ // volumes that are attached to Fargate tasks.
+ InstanceOwningService *string
+
// The attachment state of the volume.
State types.VolumeAttachmentState
diff --git a/service/ec2/api_op_EnableSnapshotBlockPublicAccess.go b/service/ec2/api_op_EnableSnapshotBlockPublicAccess.go
index dc0d70da7a4..b451afeede2 100644
--- a/service/ec2/api_op_EnableSnapshotBlockPublicAccess.go
+++ b/service/ec2/api_op_EnableSnapshotBlockPublicAccess.go
@@ -55,6 +55,7 @@ type EnableSnapshotBlockPublicAccessInput struct {
// Region. Users in the account will no longer be able to request new public
// sharing. However, snapshots that are already publicly shared, remain publicly
// available.
+ // unblocked is not a valid value for EnableSnapshotBlockPublicAccess.
//
// This member is required.
State types.SnapshotBlockPublicAccessState
diff --git a/service/ec2/api_op_GetCapacityReservationUsage.go b/service/ec2/api_op_GetCapacityReservationUsage.go
index b5165f27bf5..99f00ea3cee 100644
--- a/service/ec2/api_op_GetCapacityReservationUsage.go
+++ b/service/ec2/api_op_GetCapacityReservationUsage.go
@@ -45,11 +45,10 @@ type GetCapacityReservationUsageInput struct {
// UnauthorizedOperation .
DryRun *bool
- // The maximum number of results to return for the request in a single page. The
- // remaining results can be seen by sending another request with the returned
- // nextToken value. This value can be between 5 and 500. If maxResults is given a
- // larger value than 500, you receive an error. Valid range: Minimum value of 1.
- // Maximum value of 1000.
+ // The maximum number of items to return for this request. To get the next page of
+ // items, make another request with the token returned in the output. For more
+ // information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination)
+ // .
MaxResults *int32
// The token to use to retrieve the next page of results.
diff --git a/service/ec2/api_op_GetGroupsForCapacityReservation.go b/service/ec2/api_op_GetGroupsForCapacityReservation.go
index 963b361d9c9..81d39b348ac 100644
--- a/service/ec2/api_op_GetGroupsForCapacityReservation.go
+++ b/service/ec2/api_op_GetGroupsForCapacityReservation.go
@@ -43,10 +43,10 @@ type GetGroupsForCapacityReservationInput struct {
// UnauthorizedOperation .
DryRun *bool
- // The maximum number of results to return for the request in a single page. The
- // remaining results can be seen by sending another request with the returned
- // nextToken value. This value can be between 5 and 500. If maxResults is given a
- // larger value than 500, you receive an error.
+ // The maximum number of items to return for this request. To get the next page of
+ // items, make another request with the token returned in the output. For more
+ // information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination)
+ // .
MaxResults *int32
// The token to use to retrieve the next page of results.
@@ -161,10 +161,10 @@ var _ GetGroupsForCapacityReservationAPIClient = (*Client)(nil)
// GetGroupsForCapacityReservationPaginatorOptions is the paginator options for
// GetGroupsForCapacityReservation
type GetGroupsForCapacityReservationPaginatorOptions struct {
- // The maximum number of results to return for the request in a single page. The
- // remaining results can be seen by sending another request with the returned
- // nextToken value. This value can be between 5 and 500. If maxResults is given a
- // larger value than 500, you receive an error.
+ // The maximum number of items to return for this request. To get the next page of
+ // items, make another request with the token returned in the output. For more
+ // information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination)
+ // .
Limit int32
// Set to true if pagination should stop if the service returns a pagination token
diff --git a/service/ec2/api_op_GetSpotPlacementScores.go b/service/ec2/api_op_GetSpotPlacementScores.go
index d54cb4328ad..16babe19035 100644
--- a/service/ec2/api_op_GetSpotPlacementScores.go
+++ b/service/ec2/api_op_GetSpotPlacementScores.go
@@ -79,8 +79,7 @@ type GetSpotPlacementScoresInput struct {
// into a single Availability Zone.
SingleAvailabilityZone *bool
- // The unit for the target capacity. Default: units (translates to number of
- // instances)
+ // The unit for the target capacity.
TargetCapacityUnitType types.TargetCapacityUnitType
noSmithyDocumentSerde
diff --git a/service/ec2/api_op_ModifyInstanceAttribute.go b/service/ec2/api_op_ModifyInstanceAttribute.go
index 0830b6806ed..eea2242ae6d 100644
--- a/service/ec2/api_op_ModifyInstanceAttribute.go
+++ b/service/ec2/api_op_ModifyInstanceAttribute.go
@@ -53,9 +53,10 @@ type ModifyInstanceAttributeInput struct {
// Modifies the DeleteOnTermination attribute for volumes that are currently
// attached. The volume must be owned by the caller. If no value is specified for
// DeleteOnTermination , the default is true and the volume is deleted when the
- // instance is terminated. To add instance store volumes to an Amazon EBS-backed
- // instance, you must add them when you launch the instance. For more information,
- // see Update the block device mapping when launching an instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html#Using_OverridingAMIBDM)
+ // instance is terminated. You can't modify the DeleteOnTermination attribute for
+ // volumes that are attached to Fargate tasks. To add instance store volumes to an
+ // Amazon EBS-backed instance, you must add them when you launch the instance. For
+ // more information, see Update the block device mapping when launching an instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html#Using_OverridingAMIBDM)
// in the Amazon EC2 User Guide.
BlockDeviceMappings []types.InstanceBlockDeviceMappingSpecification
diff --git a/service/ec2/api_op_ModifyInstanceMetadataOptions.go b/service/ec2/api_op_ModifyInstanceMetadataOptions.go
index 27744391051..6338d06326a 100644
--- a/service/ec2/api_op_ModifyInstanceMetadataOptions.go
+++ b/service/ec2/api_op_ModifyInstanceMetadataOptions.go
@@ -63,19 +63,18 @@ type ModifyInstanceMetadataOptionsInput struct {
// Integers from 1 to 64
HttpPutResponseHopLimit *int32
- // IMDSv2 uses token-backed sessions. Set the use of HTTP tokens to optional (in
- // other words, set the use of IMDSv2 to optional ) or required (in other words,
- // set the use of IMDSv2 to required ).
- // - optional - When IMDSv2 is optional, you can choose to retrieve instance
- // metadata with or without a session token in your request. If you retrieve the
- // IAM role credentials without a token, the IMDSv1 role credentials are returned.
- // If you retrieve the IAM role credentials using a valid session token, the IMDSv2
- // role credentials are returned.
- // - required - When IMDSv2 is required, you must send a session token with any
- // instance metadata retrieval requests. In this state, retrieving the IAM role
+ // Indicates whether IMDSv2 is required.
+ // - optional - IMDSv2 is optional. You can choose whether to send a session
+ // token in your instance metadata retrieval requests. If you retrieve IAM role
+ // credentials without a session token, you receive the IMDSv1 role credentials. If
+ // you retrieve IAM role credentials using a valid session token, you receive the
+ // IMDSv2 role credentials.
+ // - required - IMDSv2 is required. You must send a session token in your
+ // instance metadata retrieval requests. With this option, retrieving the IAM role
// credentials always returns IMDSv2 credentials; IMDSv1 credentials are not
// available.
- // Default: optional
+ // Default: If the value of ImdsSupport for the Amazon Machine Image (AMI) for
+ // your instance is v2.0 , the default is required .
HttpTokens types.HttpTokensState
// Set to enabled to allow access to instance tags from the instance metadata. Set
diff --git a/service/ec2/deserializers.go b/service/ec2/deserializers.go
index 1fef53f6990..aa486aff734 100644
--- a/service/ec2/deserializers.go
+++ b/service/ec2/deserializers.go
@@ -70591,6 +70591,19 @@ func awsEc2query_deserializeDocumentEbsInstanceBlockDevice(v **types.EbsInstance
originalDecoder := decoder
decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t)
switch {
+ case strings.EqualFold("associatedResource", t.Name.Local):
+ val, err := decoder.Value()
+ if err != nil {
+ return err
+ }
+ if val == nil {
+ break
+ }
+ {
+ xtv := string(val)
+ sv.AssociatedResource = ptr.String(xtv)
+ }
+
case strings.EqualFold("attachTime", t.Name.Local):
val, err := decoder.Value()
if err != nil {
@@ -70650,6 +70663,19 @@ func awsEc2query_deserializeDocumentEbsInstanceBlockDevice(v **types.EbsInstance
sv.VolumeId = ptr.String(xtv)
}
+ case strings.EqualFold("volumeOwnerId", t.Name.Local):
+ val, err := decoder.Value()
+ if err != nil {
+ return err
+ }
+ if val == nil {
+ break
+ }
+ {
+ xtv := string(val)
+ sv.VolumeOwnerId = ptr.String(xtv)
+ }
+
default:
// Do nothing and ignore the unexpected tag element
err = decoder.Decoder.Skip()
@@ -134108,6 +134134,19 @@ func awsEc2query_deserializeDocumentVolumeAttachment(v **types.VolumeAttachment,
originalDecoder := decoder
decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t)
switch {
+ case strings.EqualFold("associatedResource", t.Name.Local):
+ val, err := decoder.Value()
+ if err != nil {
+ return err
+ }
+ if val == nil {
+ break
+ }
+ {
+ xtv := string(val)
+ sv.AssociatedResource = ptr.String(xtv)
+ }
+
case strings.EqualFold("attachTime", t.Name.Local):
val, err := decoder.Value()
if err != nil {
@@ -134167,6 +134206,19 @@ func awsEc2query_deserializeDocumentVolumeAttachment(v **types.VolumeAttachment,
sv.InstanceId = ptr.String(xtv)
}
+ case strings.EqualFold("instanceOwningService", t.Name.Local):
+ val, err := decoder.Value()
+ if err != nil {
+ return err
+ }
+ if val == nil {
+ break
+ }
+ {
+ xtv := string(val)
+ sv.InstanceOwningService = ptr.String(xtv)
+ }
+
case strings.EqualFold("status", t.Name.Local):
val, err := decoder.Value()
if err != nil {
@@ -139998,6 +140050,19 @@ func awsEc2query_deserializeOpDocumentAttachVolumeOutput(v **AttachVolumeOutput,
originalDecoder := decoder
decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t)
switch {
+ case strings.EqualFold("associatedResource", t.Name.Local):
+ val, err := decoder.Value()
+ if err != nil {
+ return err
+ }
+ if val == nil {
+ break
+ }
+ {
+ xtv := string(val)
+ sv.AssociatedResource = ptr.String(xtv)
+ }
+
case strings.EqualFold("attachTime", t.Name.Local):
val, err := decoder.Value()
if err != nil {
@@ -140057,6 +140122,19 @@ func awsEc2query_deserializeOpDocumentAttachVolumeOutput(v **AttachVolumeOutput,
sv.InstanceId = ptr.String(xtv)
}
+ case strings.EqualFold("instanceOwningService", t.Name.Local):
+ val, err := decoder.Value()
+ if err != nil {
+ return err
+ }
+ if val == nil {
+ break
+ }
+ {
+ xtv := string(val)
+ sv.InstanceOwningService = ptr.String(xtv)
+ }
+
case strings.EqualFold("status", t.Name.Local):
val, err := decoder.Value()
if err != nil {
@@ -156384,6 +156462,19 @@ func awsEc2query_deserializeOpDocumentDetachVolumeOutput(v **DetachVolumeOutput,
originalDecoder := decoder
decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t)
switch {
+ case strings.EqualFold("associatedResource", t.Name.Local):
+ val, err := decoder.Value()
+ if err != nil {
+ return err
+ }
+ if val == nil {
+ break
+ }
+ {
+ xtv := string(val)
+ sv.AssociatedResource = ptr.String(xtv)
+ }
+
case strings.EqualFold("attachTime", t.Name.Local):
val, err := decoder.Value()
if err != nil {
@@ -156443,6 +156534,19 @@ func awsEc2query_deserializeOpDocumentDetachVolumeOutput(v **DetachVolumeOutput,
sv.InstanceId = ptr.String(xtv)
}
+ case strings.EqualFold("instanceOwningService", t.Name.Local):
+ val, err := decoder.Value()
+ if err != nil {
+ return err
+ }
+ if val == nil {
+ break
+ }
+ {
+ xtv := string(val)
+ sv.InstanceOwningService = ptr.String(xtv)
+ }
+
case strings.EqualFold("status", t.Name.Local):
val, err := decoder.Value()
if err != nil {
diff --git a/service/ec2/go_module_metadata.go b/service/ec2/go_module_metadata.go
index 36ee10ad705..d351c25f1be 100644
--- a/service/ec2/go_module_metadata.go
+++ b/service/ec2/go_module_metadata.go
@@ -3,4 +3,4 @@
package ec2
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.142.1"
+const goModuleVersion = "1.144.0"
diff --git a/service/ec2/types/enums.go b/service/ec2/types/enums.go
index f33365a792c..05f2e59d094 100644
--- a/service/ec2/types/enums.go
+++ b/service/ec2/types/enums.go
@@ -3697,6 +3697,8 @@ const (
InstanceTypeM7iMetal48xl InstanceType = "m7i.metal-48xl"
InstanceTypeR7iMetal24xl InstanceType = "r7i.metal-24xl"
InstanceTypeR7iMetal48xl InstanceType = "r7i.metal-48xl"
+ InstanceTypeR7izMetal16xl InstanceType = "r7iz.metal-16xl"
+ InstanceTypeR7izMetal32xl InstanceType = "r7iz.metal-32xl"
)
// Values returns all known values for InstanceType. Note that this can be
@@ -4485,6 +4487,8 @@ func (InstanceType) Values() []InstanceType {
"m7i.metal-48xl",
"r7i.metal-24xl",
"r7i.metal-48xl",
+ "r7iz.metal-16xl",
+ "r7iz.metal-32xl",
}
}
diff --git a/service/ec2/types/types.go b/service/ec2/types/types.go
index e09c20f486e..d96300bbb7d 100644
--- a/service/ec2/types/types.go
+++ b/service/ec2/types/types.go
@@ -3249,6 +3249,9 @@ type EbsInfo struct {
// Describes a parameter used to set up an EBS volume in a block device mapping.
type EbsInstanceBlockDevice struct {
+ // The ARN of the Amazon ECS or Fargate task to which the volume is attached.
+ AssociatedResource *string
+
// The time stamp when the attachment initiated.
AttachTime *time.Time
@@ -3261,6 +3264,10 @@ type EbsInstanceBlockDevice struct {
// The ID of the EBS volume.
VolumeId *string
+ // The ID of the Amazon Web Services account that owns the volume. This parameter
+ // is returned only for volumes that are attached to Fargate tasks.
+ VolumeOwnerId *string
+
noSmithyDocumentSerde
}
@@ -6251,19 +6258,18 @@ type InstanceMetadataOptionsRequest struct {
// Possible values: Integers from 1 to 64
HttpPutResponseHopLimit *int32
- // IMDSv2 uses token-backed sessions. Set the use of HTTP tokens to optional (in
- // other words, set the use of IMDSv2 to optional ) or required (in other words,
- // set the use of IMDSv2 to required ).
- // - optional - When IMDSv2 is optional, you can choose to retrieve instance
- // metadata with or without a session token in your request. If you retrieve the
- // IAM role credentials without a token, the IMDSv1 role credentials are returned.
- // If you retrieve the IAM role credentials using a valid session token, the IMDSv2
- // role credentials are returned.
- // - required - When IMDSv2 is required, you must send a session token with any
- // instance metadata retrieval requests. In this state, retrieving the IAM role
+ // Indicates whether IMDSv2 is required.
+ // - optional - IMDSv2 is optional. You can choose whether to send a session
+ // token in your instance metadata retrieval requests. If you retrieve IAM role
+ // credentials without a session token, you receive the IMDSv1 role credentials. If
+ // you retrieve IAM role credentials using a valid session token, you receive the
+ // IMDSv2 role credentials.
+ // - required - IMDSv2 is required. You must send a session token in your
+ // instance metadata retrieval requests. With this option, retrieving the IAM role
// credentials always returns IMDSv2 credentials; IMDSv1 credentials are not
// available.
- // Default: optional
+ // Default: If the value of ImdsSupport for the Amazon Machine Image (AMI) for
+ // your instance is v2.0 , the default is required .
HttpTokens HttpTokensState
// Set to enabled to allow access to instance tags from the instance metadata. Set
@@ -6291,19 +6297,16 @@ type InstanceMetadataOptionsResponse struct {
// Possible values: Integers from 1 to 64
HttpPutResponseHopLimit *int32
- // IMDSv2 uses token-backed sessions. Indicates whether the use of HTTP tokens is
- // optional (in other words, indicates whether the use of IMDSv2 is optional ) or
- // required (in other words, indicates whether the use of IMDSv2 is required ).
- // - optional - When IMDSv2 is optional, you can choose to retrieve instance
- // metadata with or without a session token in your request. If you retrieve the
- // IAM role credentials without a token, the IMDSv1 role credentials are returned.
- // If you retrieve the IAM role credentials using a valid session token, the IMDSv2
- // role credentials are returned.
- // - required - When IMDSv2 is required, you must send a session token with any
- // instance metadata retrieval requests. In this state, retrieving the IAM role
+ // Indicates whether IMDSv2 is required.
+ // - optional - IMDSv2 is optional. You can choose whether to send a session
+ // token in your instance metadata retrieval requests. If you retrieve IAM role
+ // credentials without a session token, you receive the IMDSv1 role credentials. If
+ // you retrieve IAM role credentials using a valid session token, you receive the
+ // IMDSv2 role credentials.
+ // - required - IMDSv2 is required. You must send a session token in your
+ // instance metadata retrieval requests. With this option, retrieving the IAM role
// credentials always returns IMDSv2 credentials; IMDSv1 credentials are not
// available.
- // Default: optional
HttpTokens HttpTokensState
// Indicates whether access to instance tags from the instance metadata is enabled
@@ -13596,7 +13599,11 @@ type ScheduledInstancesNetworkInterface struct {
// VPC. The public IPv4 address can only be assigned to a network interface for
// eth0, and can only be assigned to a new network interface, not an existing one.
// You cannot specify more than one network interface in the request. If launching
- // into a default subnet, the default value is true .
+ // into a default subnet, the default value is true . Starting on February 1, 2024,
+ // Amazon Web Services will charge for all public IPv4 addresses, including public
+ // IPv4 addresses associated with running instances and Elastic IP addresses. For
+ // more information, see the Public IPv4 Address tab on the Amazon VPC pricing page (http://aws.amazon.com/vpc/pricing/)
+ // .
AssociatePublicIpAddress *bool
// Indicates whether to delete the interface when the instance is terminated.
@@ -14679,8 +14686,8 @@ type SpotFleetRequestConfigData struct {
// .
TagSpecifications []TagSpecification
- // The unit for the target capacity. TargetCapacityUnitType can only be specified
- // when InstanceRequirements is specified. Default: units (translates to number of
+ // The unit for the target capacity. You can specify this parameter only when
+ // using attribute-based instance type selection. Default: units (the number of
// instances)
TargetCapacityUnitType TargetCapacityUnitType
@@ -15203,8 +15210,8 @@ type StateReason struct {
// - Server.SpotInstanceTermination : The instance was terminated because the
// number of Spot requests with a maximum price equal to or higher than the Spot
// price exceeded available capacity or because of an increase in the Spot price.
- // - Client.InstanceInitiatedShutdown : The instance was shut down using the
- // shutdown -h command from the instance.
+ // - Client.InstanceInitiatedShutdown : The instance was shut down from the
+ // operating system of the instance.
// - Client.InstanceTerminated : The instance was terminated or rebooted during
// AMI creation.
// - Client.InternalError : A client error caused the instance to terminate
@@ -15544,7 +15551,7 @@ type TagSpecification struct {
// .
type TargetCapacitySpecification struct {
- // The default TotalTargetCapacity , which is either Spot or On-Demand .
+ // The default target capacity type.
DefaultTargetCapacityType DefaultTargetCapacityType
// The number of On-Demand units to request. If you specify a target capacity for
@@ -15555,12 +15562,10 @@ type TargetCapacitySpecification struct {
// for On-Demand units, you cannot specify a target capacity for Spot units.
SpotTargetCapacity *int32
- // The unit for the target capacity. TargetCapacityUnitType can only be specified
- // when InstanceRequirements is specified. Default: units (translates to number of
- // instances)
+ // The unit for the target capacity.
TargetCapacityUnitType TargetCapacityUnitType
- // The number of units to request, filled using DefaultTargetCapacityType .
+ // The number of units to request, filled the default target capacity type.
TotalTargetCapacity *int32
noSmithyDocumentSerde
@@ -15576,18 +15581,18 @@ type TargetCapacitySpecification struct {
// set a maximum price per hour for the On-Demand Instances and Spot Instances in
// your request, EC2 Fleet will launch instances until it reaches the maximum
// amount that you're willing to pay. When the maximum amount you're willing to pay
-// is reached, the fleet stops launching instances even if it hasn’t met the target
+// is reached, the fleet stops launching instances even if it hasn't met the target
// capacity. The MaxTotalPrice parameters are located in OnDemandOptionsRequest (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_OnDemandOptionsRequest)
// and SpotOptionsRequest (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotOptionsRequest)
// .
type TargetCapacitySpecificationRequest struct {
- // The number of units to request, filled using DefaultTargetCapacityType .
+ // The number of units to request, filled using the default target capacity type.
//
// This member is required.
TotalTargetCapacity *int32
- // The default TotalTargetCapacity , which is either Spot or On-Demand .
+ // The default target capacity type.
DefaultTargetCapacityType DefaultTargetCapacityType
// The number of On-Demand units to request.
@@ -15596,8 +15601,8 @@ type TargetCapacitySpecificationRequest struct {
// The number of Spot units to request.
SpotTargetCapacity *int32
- // The unit for the target capacity. TargetCapacityUnitType can only be specified
- // when InstanceRequirements is specified. Default: units (translates to number of
+ // The unit for the target capacity. You can specify this parameter only when
+ // using attributed-based instance type selection. Default: units (the number of
// instances)
TargetCapacityUnitType TargetCapacityUnitType
@@ -17699,18 +17704,28 @@ type Volume struct {
// Describes volume attachment details.
type VolumeAttachment struct {
+ // The ARN of the Amazon ECS or Fargate task to which the volume is attached.
+ AssociatedResource *string
+
// The time stamp when the attachment initiated.
AttachTime *time.Time
// Indicates whether the EBS volume is deleted on instance termination.
DeleteOnTermination *bool
- // The device name.
+ // The device name. If the volume is attached to a Fargate task, this parameter
+ // returns null .
Device *string
- // The ID of the instance.
+ // The ID of the instance. If the volume is attached to a Fargate task, this
+ // parameter returns null .
InstanceId *string
+ // The service principal of Amazon Web Services service that owns the underlying
+ // instance to which the volume is attached. This parameter is returned only for
+ // volumes that are attached to Fargate tasks.
+ InstanceOwningService *string
+
// The attachment state of the volume.
State VolumeAttachmentState
diff --git a/service/ecs/CHANGELOG.md b/service/ecs/CHANGELOG.md
index 7a4fa6f9e56..6b55c65b7bd 100644
--- a/service/ecs/CHANGELOG.md
+++ b/service/ecs/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.37.0 (2024-01-11)
+
+* **Feature**: This release adds support for adding an ElasticBlockStorage volume configurations in ECS RunTask/StartTask/CreateService/UpdateService APIs. The configuration allows for attaching EBS volumes to ECS Tasks.
+
# v1.36.0 (2024-01-04)
* **Feature**: This release adds support for managed instance draining which facilitates graceful termination of Amazon ECS instances.
diff --git a/service/ecs/api_op_CreateService.go b/service/ecs/api_op_CreateService.go
index c13ab72e380..104b76de5c3 100644
--- a/service/ecs/api_op_CreateService.go
+++ b/service/ecs/api_op_CreateService.go
@@ -27,6 +27,10 @@ import (
// your service behind one or more load balancers. The load balancers distribute
// traffic across the tasks that are associated with the service. For more
// information, see Service load balancing (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-load-balancing.html)
+// in the Amazon Elastic Container Service Developer Guide. You can attach Amazon
+// EBS volumes to Amazon ECS tasks by configuring the volume when creating or
+// updating a service. volumeConfigurations is only supported for REPLICA service
+// and not DAEMON service. For more infomation, see Amazon EBS volumes (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-volumes.html#ebs-volume-types)
// in the Amazon Elastic Container Service Developer Guide. Tasks for services that
// don't use a load balancer are considered healthy if they're in the RUNNING
// state. Tasks for services that use a load balancer are considered healthy if
@@ -342,6 +346,11 @@ type CreateServiceInput struct {
// .
TaskDefinition *string
+ // The configuration for a volume specified in the task definition as a volume
+ // that is configured at launch time. Currently, the only supported volume type is
+ // an Amazon EBS volume.
+ VolumeConfigurations []types.ServiceVolumeConfiguration
+
noSmithyDocumentSerde
}
diff --git a/service/ecs/api_op_RunTask.go b/service/ecs/api_op_RunTask.go
index 4ddc2fc1a33..82414df73b5 100644
--- a/service/ecs/api_op_RunTask.go
+++ b/service/ecs/api_op_RunTask.go
@@ -25,12 +25,16 @@ import (
// instances with Amazon EI accelerators in Amazon SageMaker, Amazon ECS, or Amazon
// EC2. However, customers who have used Amazon EI at least once during the past
// 30-day period are considered current customers and will be able to continue
-// using the service. The Amazon ECS API follows an eventual consistency model.
-// This is because of the distributed nature of the system supporting the API. This
-// means that the result of an API command you run that affects your Amazon ECS
-// resources might not be immediately visible to all subsequent commands you run.
-// Keep this in mind when you carry out an API command that immediately follows a
-// previous API command. To manage eventual consistency, you can do the following:
+// using the service. You can attach Amazon EBS volumes to Amazon ECS tasks by
+// configuring the volume when creating or updating a service. For more infomation,
+// see Amazon EBS volumes (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-volumes.html#ebs-volume-types)
+// in the Amazon Elastic Container Service Developer Guide. The Amazon ECS API
+// follows an eventual consistency model. This is because of the distributed nature
+// of the system supporting the API. This means that the result of an API command
+// you run that affects your Amazon ECS resources might not be immediately visible
+// to all subsequent commands you run. Keep this in mind when you carry out an API
+// command that immediately follows a previous API command. To manage eventual
+// consistency, you can do the following:
// - Confirm the state of the resource before you run a command to modify it.
// Run the DescribeTasks command using an exponential backoff algorithm to ensure
// that you allow enough time for the previous command to propagate through the
@@ -204,6 +208,12 @@ type RunTaskInput struct {
// prefix do not count against your tags per resource limit.
Tags []types.Tag
+ // The details of the volume that was configuredAtLaunch . You can configure the
+ // size, volumeType, IOPS, throughput, snapshot and encryption in in
+ // TaskManagedEBSVolumeConfiguration (https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TaskManagedEBSVolumeConfiguration.html)
+ // . The name of the volume must match the name from the task definition.
+ VolumeConfigurations []types.TaskVolumeConfiguration
+
noSmithyDocumentSerde
}
diff --git a/service/ecs/api_op_StartTask.go b/service/ecs/api_op_StartTask.go
index c08be8885f4..7cd01847ffe 100644
--- a/service/ecs/api_op_StartTask.go
+++ b/service/ecs/api_op_StartTask.go
@@ -22,6 +22,9 @@ import (
// 30-day period are considered current customers and will be able to continue
// using the service. Alternatively, you can use RunTask to place tasks for you.
// For more information, see Scheduling Tasks (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/scheduling_tasks.html)
+// in the Amazon Elastic Container Service Developer Guide. You can attach Amazon
+// EBS volumes to Amazon ECS tasks by configuring the volume when creating or
+// updating a service. For more infomation, see Amazon EBS volumes (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-volumes.html#ebs-volume-types)
// in the Amazon Elastic Container Service Developer Guide.
func (c *Client) StartTask(ctx context.Context, params *StartTaskInput, optFns ...func(*Options)) (*StartTaskOutput, error) {
if params == nil {
@@ -121,6 +124,12 @@ type StartTaskInput struct {
// prefix do not count against your tags per resource limit.
Tags []types.Tag
+ // The details of the volume that was configuredAtLaunch . You can configure the
+ // size, volumeType, IOPS, throughput, snapshot and encryption in
+ // TaskManagedEBSVolumeConfiguration (https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TaskManagedEBSVolumeConfiguration.html)
+ // . The name of the volume must match the name from the task definition.
+ VolumeConfigurations []types.TaskVolumeConfiguration
+
noSmithyDocumentSerde
}
diff --git a/service/ecs/api_op_UpdateService.go b/service/ecs/api_op_UpdateService.go
index 547f225dd1b..fc47ba70079 100644
--- a/service/ecs/api_op_UpdateService.go
+++ b/service/ecs/api_op_UpdateService.go
@@ -17,13 +17,21 @@ import (
// configuration, load balancers, service registries, enable ECS managed tags
// option, propagate tags option, task placement constraints and strategies, and
// task definition. When you update any of these parameters, Amazon ECS starts new
-// tasks with the new configuration. For services using the blue/green ( CODE_DEPLOY
-// ) deployment controller, only the desired count, deployment configuration,
-// health check grace period, task placement constraints and strategies, enable ECS
-// managed tags option, and propagate tags can be updated using this API. If the
-// network configuration, platform version, task definition, or load balancer need
-// to be updated, create a new CodeDeploy deployment. For more information, see
-// CreateDeployment (https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_CreateDeployment.html)
+// tasks with the new configuration. You can attach Amazon EBS volumes to Amazon
+// ECS tasks by configuring the volume when starting or running a task, or when
+// creating or updating a service. For more infomation, see Amazon EBS volumes (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-volumes.html#ebs-volume-types)
+// in the Amazon Elastic Container Service Developer Guide. You can update your
+// volume configurations and trigger a new deployment. volumeConfigurations is
+// only supported for REPLICA service and not DAEMON service. If you leave
+// volumeConfigurations null , it doesn't trigger a new deployment. For more
+// infomation on volumes, see Amazon EBS volumes (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-volumes.html#ebs-volume-types)
+// in the Amazon Elastic Container Service Developer Guide. For services using the
+// blue/green ( CODE_DEPLOY ) deployment controller, only the desired count,
+// deployment configuration, health check grace period, task placement constraints
+// and strategies, enable ECS managed tags option, and propagate tags can be
+// updated using this API. If the network configuration, platform version, task
+// definition, or load balancer need to be updated, create a new CodeDeploy
+// deployment. For more information, see CreateDeployment (https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_CreateDeployment.html)
// in the CodeDeploy API Reference. For services using an external deployment
// controller, you can update only the desired count, task placement constraints
// and strategies, health check grace period, enable ECS managed tags option, and
@@ -32,19 +40,23 @@ import (
// create a new task set For more information, see CreateTaskSet . You can add to
// or subtract from the number of instantiations of a task definition in a service
// by specifying the cluster that the service is running in and a new desiredCount
-// parameter. If you have updated the Docker image of your application, you can
-// create a new task definition with that image and deploy it to your service. The
-// service scheduler uses the minimum healthy percent and maximum percent
-// parameters (in the service's deployment configuration) to determine the
-// deployment strategy. If your updated Docker image uses the same tag as what is
-// in the existing task definition for your service (for example, my_image:latest
-// ), you don't need to create a new revision of your task definition. You can
-// update the service using the forceNewDeployment option. The new tasks launched
-// by the deployment pull the current image/tag combination from your repository
-// when they start. You can also update the deployment configuration of a service.
-// When a deployment is triggered by updating the task definition of a service, the
-// service scheduler uses the deployment configuration parameters,
-// minimumHealthyPercent and maximumPercent , to determine the deployment strategy.
+// parameter. You can attach Amazon EBS volumes to Amazon ECS tasks by configuring
+// the volume when starting or running a task, or when creating or updating a
+// service. For more infomation, see Amazon EBS volumes (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-volumes.html#ebs-volume-types)
+// in the Amazon Elastic Container Service Developer Guide. If you have updated the
+// container image of your application, you can create a new task definition with
+// that image and deploy it to your service. The service scheduler uses the minimum
+// healthy percent and maximum percent parameters (in the service's deployment
+// configuration) to determine the deployment strategy. If your updated Docker
+// image uses the same tag as what is in the existing task definition for your
+// service (for example, my_image:latest ), you don't need to create a new revision
+// of your task definition. You can update the service using the forceNewDeployment
+// option. The new tasks launched by the deployment pull the current image/tag
+// combination from your repository when they start. You can also update the
+// deployment configuration of a service. When a deployment is triggered by
+// updating the task definition of a service, the service scheduler uses the
+// deployment configuration parameters, minimumHealthyPercent and maximumPercent ,
+// to determine the deployment strategy.
// - If minimumHealthyPercent is below 100%, the scheduler can ignore
// desiredCount temporarily during a deployment. For example, if desiredCount is
// four tasks, a minimum of 50% allows the scheduler to stop two existing tasks
@@ -265,6 +277,14 @@ type UpdateServiceInput struct {
// old task after the new version is running.
TaskDefinition *string
+ // The details of the volume that was configuredAtLaunch . You can configure the
+ // size, volumeType, IOPS, throughput, snapshot and encryption in
+ // ServiceManagedEBSVolumeConfiguration (https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ServiceManagedEBSVolumeConfiguration.html)
+ // . The name of the volume must match the name from the task definition. If set
+ // to null, no new deployment is triggered. Otherwise, if this configuration
+ // differs from the existing one, it triggers a new deployment.
+ VolumeConfigurations []types.ServiceVolumeConfiguration
+
noSmithyDocumentSerde
}
diff --git a/service/ecs/deserializers.go b/service/ecs/deserializers.go
index 3f1e9b1bb83..ad95f31c650 100644
--- a/service/ecs/deserializers.go
+++ b/service/ecs/deserializers.go
@@ -4996,6 +4996,9 @@ func awsAwsjson11_deserializeOpErrorStartTask(response *smithyhttp.Response, met
case strings.EqualFold("ServerException", errorCode):
return awsAwsjson11_deserializeErrorServerException(response, errorBody)
+ case strings.EqualFold("UnsupportedFeatureException", errorCode):
+ return awsAwsjson11_deserializeErrorUnsupportedFeatureException(response, errorBody)
+
default:
genericError := &smithy.GenericAPIError{
Code: errorCode,
@@ -6466,6 +6469,9 @@ func awsAwsjson11_deserializeOpErrorUpdateService(response *smithyhttp.Response,
case strings.EqualFold("ServiceNotFoundException", errorCode):
return awsAwsjson11_deserializeErrorServiceNotFoundException(response, errorBody)
+ case strings.EqualFold("UnsupportedFeatureException", errorCode):
+ return awsAwsjson11_deserializeErrorUnsupportedFeatureException(response, errorBody)
+
default:
genericError := &smithy.GenericAPIError{
Code: errorCode,
@@ -10335,6 +10341,11 @@ func awsAwsjson11_deserializeDocumentDeployment(v **types.Deployment, value inte
}
}
+ case "volumeConfigurations":
+ if err := awsAwsjson11_deserializeDocumentServiceVolumeConfigurations(&sv.VolumeConfigurations, value); err != nil {
+ return err
+ }
+
default:
_, _ = key, value
@@ -10816,6 +10827,94 @@ func awsAwsjson11_deserializeDocumentDockerVolumeConfiguration(v **types.DockerV
return nil
}
+func awsAwsjson11_deserializeDocumentEBSTagSpecification(v **types.EBSTagSpecification, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.(map[string]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var sv *types.EBSTagSpecification
+ if *v == nil {
+ sv = &types.EBSTagSpecification{}
+ } else {
+ sv = *v
+ }
+
+ for key, value := range shape {
+ switch key {
+ case "propagateTags":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected PropagateTags to be of type string, got %T instead", value)
+ }
+ sv.PropagateTags = types.PropagateTags(jtv)
+ }
+
+ case "resourceType":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected EBSResourceType to be of type string, got %T instead", value)
+ }
+ sv.ResourceType = types.EBSResourceType(jtv)
+ }
+
+ case "tags":
+ if err := awsAwsjson11_deserializeDocumentTags(&sv.Tags, value); err != nil {
+ return err
+ }
+
+ default:
+ _, _ = key, value
+
+ }
+ }
+ *v = sv
+ return nil
+}
+
+func awsAwsjson11_deserializeDocumentEBSTagSpecifications(v *[]types.EBSTagSpecification, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.([]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var cv []types.EBSTagSpecification
+ if *v == nil {
+ cv = []types.EBSTagSpecification{}
+ } else {
+ cv = *v
+ }
+
+ for _, value := range shape {
+ var col types.EBSTagSpecification
+ destAddr := &col
+ if err := awsAwsjson11_deserializeDocumentEBSTagSpecification(&destAddr, value); err != nil {
+ return err
+ }
+ col = *destAddr
+ cv = append(cv, col)
+
+ }
+ *v = cv
+ return nil
+}
+
func awsAwsjson11_deserializeDocumentEFSAuthorizationConfig(v **types.EFSAuthorizationConfig, value interface{}) error {
if v == nil {
return fmt.Errorf("unexpected nil of type %T", v)
@@ -15099,6 +15198,135 @@ func awsAwsjson11_deserializeDocumentServiceEvents(v *[]types.ServiceEvent, valu
return nil
}
+func awsAwsjson11_deserializeDocumentServiceManagedEBSVolumeConfiguration(v **types.ServiceManagedEBSVolumeConfiguration, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.(map[string]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var sv *types.ServiceManagedEBSVolumeConfiguration
+ if *v == nil {
+ sv = &types.ServiceManagedEBSVolumeConfiguration{}
+ } else {
+ sv = *v
+ }
+
+ for key, value := range shape {
+ switch key {
+ case "encrypted":
+ if value != nil {
+ jtv, ok := value.(bool)
+ if !ok {
+ return fmt.Errorf("expected BoxedBoolean to be of type *bool, got %T instead", value)
+ }
+ sv.Encrypted = ptr.Bool(jtv)
+ }
+
+ case "filesystemType":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected TaskFilesystemType to be of type string, got %T instead", value)
+ }
+ sv.FilesystemType = types.TaskFilesystemType(jtv)
+ }
+
+ case "iops":
+ if value != nil {
+ jtv, ok := value.(json.Number)
+ if !ok {
+ return fmt.Errorf("expected BoxedInteger to be json.Number, got %T instead", value)
+ }
+ i64, err := jtv.Int64()
+ if err != nil {
+ return err
+ }
+ sv.Iops = ptr.Int32(int32(i64))
+ }
+
+ case "kmsKeyId":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected EBSKMSKeyId to be of type string, got %T instead", value)
+ }
+ sv.KmsKeyId = ptr.String(jtv)
+ }
+
+ case "roleArn":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected IAMRoleArn to be of type string, got %T instead", value)
+ }
+ sv.RoleArn = ptr.String(jtv)
+ }
+
+ case "sizeInGiB":
+ if value != nil {
+ jtv, ok := value.(json.Number)
+ if !ok {
+ return fmt.Errorf("expected BoxedInteger to be json.Number, got %T instead", value)
+ }
+ i64, err := jtv.Int64()
+ if err != nil {
+ return err
+ }
+ sv.SizeInGiB = ptr.Int32(int32(i64))
+ }
+
+ case "snapshotId":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected EBSSnapshotId to be of type string, got %T instead", value)
+ }
+ sv.SnapshotId = ptr.String(jtv)
+ }
+
+ case "tagSpecifications":
+ if err := awsAwsjson11_deserializeDocumentEBSTagSpecifications(&sv.TagSpecifications, value); err != nil {
+ return err
+ }
+
+ case "throughput":
+ if value != nil {
+ jtv, ok := value.(json.Number)
+ if !ok {
+ return fmt.Errorf("expected BoxedInteger to be json.Number, got %T instead", value)
+ }
+ i64, err := jtv.Int64()
+ if err != nil {
+ return err
+ }
+ sv.Throughput = ptr.Int32(int32(i64))
+ }
+
+ case "volumeType":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected EBSVolumeType to be of type string, got %T instead", value)
+ }
+ sv.VolumeType = ptr.String(jtv)
+ }
+
+ default:
+ _, _ = key, value
+
+ }
+ }
+ *v = sv
+ return nil
+}
+
func awsAwsjson11_deserializeDocumentServiceNotActiveException(v **types.ServiceNotActiveException, value interface{}) error {
if v == nil {
return fmt.Errorf("unexpected nil of type %T", v)
@@ -15322,6 +15550,85 @@ func awsAwsjson11_deserializeDocumentServices(v *[]types.Service, value interfac
return nil
}
+func awsAwsjson11_deserializeDocumentServiceVolumeConfiguration(v **types.ServiceVolumeConfiguration, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.(map[string]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var sv *types.ServiceVolumeConfiguration
+ if *v == nil {
+ sv = &types.ServiceVolumeConfiguration{}
+ } else {
+ sv = *v
+ }
+
+ for key, value := range shape {
+ switch key {
+ case "managedEBSVolume":
+ if err := awsAwsjson11_deserializeDocumentServiceManagedEBSVolumeConfiguration(&sv.ManagedEBSVolume, value); err != nil {
+ return err
+ }
+
+ case "name":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected ECSVolumeName to be of type string, got %T instead", value)
+ }
+ sv.Name = ptr.String(jtv)
+ }
+
+ default:
+ _, _ = key, value
+
+ }
+ }
+ *v = sv
+ return nil
+}
+
+func awsAwsjson11_deserializeDocumentServiceVolumeConfigurations(v *[]types.ServiceVolumeConfiguration, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.([]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var cv []types.ServiceVolumeConfiguration
+ if *v == nil {
+ cv = []types.ServiceVolumeConfiguration{}
+ } else {
+ cv = *v
+ }
+
+ for _, value := range shape {
+ var col types.ServiceVolumeConfiguration
+ destAddr := &col
+ if err := awsAwsjson11_deserializeDocumentServiceVolumeConfiguration(&destAddr, value); err != nil {
+ return err
+ }
+ col = *destAddr
+ cv = append(cv, col)
+
+ }
+ *v = cv
+ return nil
+}
+
func awsAwsjson11_deserializeDocumentSession(v **types.Session, value interface{}) error {
if v == nil {
return fmt.Errorf("unexpected nil of type %T", v)
@@ -17360,6 +17667,15 @@ func awsAwsjson11_deserializeDocumentVolume(v **types.Volume, value interface{})
for key, value := range shape {
switch key {
+ case "configuredAtLaunch":
+ if value != nil {
+ jtv, ok := value.(bool)
+ if !ok {
+ return fmt.Errorf("expected BoxedBoolean to be of type *bool, got %T instead", value)
+ }
+ sv.ConfiguredAtLaunch = ptr.Bool(jtv)
+ }
+
case "dockerVolumeConfiguration":
if err := awsAwsjson11_deserializeDocumentDockerVolumeConfiguration(&sv.DockerVolumeConfiguration, value); err != nil {
return err
diff --git a/service/ecs/go_module_metadata.go b/service/ecs/go_module_metadata.go
index 260de63e2b1..acd7f98bca1 100644
--- a/service/ecs/go_module_metadata.go
+++ b/service/ecs/go_module_metadata.go
@@ -3,4 +3,4 @@
package ecs
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.36.0"
+const goModuleVersion = "1.37.0"
diff --git a/service/ecs/serializers.go b/service/ecs/serializers.go
index e835813498e..8fc7be4dfea 100644
--- a/service/ecs/serializers.go
+++ b/service/ecs/serializers.go
@@ -3982,6 +3982,43 @@ func awsAwsjson11_serializeDocumentDockerVolumeConfiguration(v *types.DockerVolu
return nil
}
+func awsAwsjson11_serializeDocumentEBSTagSpecification(v *types.EBSTagSpecification, value smithyjson.Value) error {
+ object := value.Object()
+ defer object.Close()
+
+ if len(v.PropagateTags) > 0 {
+ ok := object.Key("propagateTags")
+ ok.String(string(v.PropagateTags))
+ }
+
+ if len(v.ResourceType) > 0 {
+ ok := object.Key("resourceType")
+ ok.String(string(v.ResourceType))
+ }
+
+ if v.Tags != nil {
+ ok := object.Key("tags")
+ if err := awsAwsjson11_serializeDocumentTags(v.Tags, ok); err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
+func awsAwsjson11_serializeDocumentEBSTagSpecifications(v []types.EBSTagSpecification, value smithyjson.Value) error {
+ array := value.Array()
+ defer array.Close()
+
+ for i := range v {
+ av := array.Value()
+ if err := awsAwsjson11_serializeDocumentEBSTagSpecification(&v[i], av); err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
func awsAwsjson11_serializeDocumentEFSAuthorizationConfig(v *types.EFSAuthorizationConfig, value smithyjson.Value) error {
object := value.Object()
defer object.Close()
@@ -5160,6 +5197,65 @@ func awsAwsjson11_serializeDocumentServiceFieldList(v []types.ServiceField, valu
return nil
}
+func awsAwsjson11_serializeDocumentServiceManagedEBSVolumeConfiguration(v *types.ServiceManagedEBSVolumeConfiguration, value smithyjson.Value) error {
+ object := value.Object()
+ defer object.Close()
+
+ if v.Encrypted != nil {
+ ok := object.Key("encrypted")
+ ok.Boolean(*v.Encrypted)
+ }
+
+ if len(v.FilesystemType) > 0 {
+ ok := object.Key("filesystemType")
+ ok.String(string(v.FilesystemType))
+ }
+
+ if v.Iops != nil {
+ ok := object.Key("iops")
+ ok.Integer(*v.Iops)
+ }
+
+ if v.KmsKeyId != nil {
+ ok := object.Key("kmsKeyId")
+ ok.String(*v.KmsKeyId)
+ }
+
+ if v.RoleArn != nil {
+ ok := object.Key("roleArn")
+ ok.String(*v.RoleArn)
+ }
+
+ if v.SizeInGiB != nil {
+ ok := object.Key("sizeInGiB")
+ ok.Integer(*v.SizeInGiB)
+ }
+
+ if v.SnapshotId != nil {
+ ok := object.Key("snapshotId")
+ ok.String(*v.SnapshotId)
+ }
+
+ if v.TagSpecifications != nil {
+ ok := object.Key("tagSpecifications")
+ if err := awsAwsjson11_serializeDocumentEBSTagSpecifications(v.TagSpecifications, ok); err != nil {
+ return err
+ }
+ }
+
+ if v.Throughput != nil {
+ ok := object.Key("throughput")
+ ok.Integer(*v.Throughput)
+ }
+
+ if v.VolumeType != nil {
+ ok := object.Key("volumeType")
+ ok.String(*v.VolumeType)
+ }
+
+ return nil
+}
+
func awsAwsjson11_serializeDocumentServiceRegistries(v []types.ServiceRegistry, value smithyjson.Value) error {
array := value.Array()
defer array.Close()
@@ -5200,6 +5296,38 @@ func awsAwsjson11_serializeDocumentServiceRegistry(v *types.ServiceRegistry, val
return nil
}
+func awsAwsjson11_serializeDocumentServiceVolumeConfiguration(v *types.ServiceVolumeConfiguration, value smithyjson.Value) error {
+ object := value.Object()
+ defer object.Close()
+
+ if v.ManagedEBSVolume != nil {
+ ok := object.Key("managedEBSVolume")
+ if err := awsAwsjson11_serializeDocumentServiceManagedEBSVolumeConfiguration(v.ManagedEBSVolume, ok); err != nil {
+ return err
+ }
+ }
+
+ if v.Name != nil {
+ ok := object.Key("name")
+ ok.String(*v.Name)
+ }
+
+ return nil
+}
+
+func awsAwsjson11_serializeDocumentServiceVolumeConfigurations(v []types.ServiceVolumeConfiguration, value smithyjson.Value) error {
+ array := value.Array()
+ defer array.Close()
+
+ for i := range v {
+ av := array.Value()
+ if err := awsAwsjson11_serializeDocumentServiceVolumeConfiguration(&v[i], av); err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
func awsAwsjson11_serializeDocumentStringList(v []string, value smithyjson.Value) error {
array := value.Array()
defer array.Close()
@@ -5345,6 +5473,84 @@ func awsAwsjson11_serializeDocumentTaskFieldList(v []types.TaskField, value smit
return nil
}
+func awsAwsjson11_serializeDocumentTaskManagedEBSVolumeConfiguration(v *types.TaskManagedEBSVolumeConfiguration, value smithyjson.Value) error {
+ object := value.Object()
+ defer object.Close()
+
+ if v.Encrypted != nil {
+ ok := object.Key("encrypted")
+ ok.Boolean(*v.Encrypted)
+ }
+
+ if len(v.FilesystemType) > 0 {
+ ok := object.Key("filesystemType")
+ ok.String(string(v.FilesystemType))
+ }
+
+ if v.Iops != nil {
+ ok := object.Key("iops")
+ ok.Integer(*v.Iops)
+ }
+
+ if v.KmsKeyId != nil {
+ ok := object.Key("kmsKeyId")
+ ok.String(*v.KmsKeyId)
+ }
+
+ if v.RoleArn != nil {
+ ok := object.Key("roleArn")
+ ok.String(*v.RoleArn)
+ }
+
+ if v.SizeInGiB != nil {
+ ok := object.Key("sizeInGiB")
+ ok.Integer(*v.SizeInGiB)
+ }
+
+ if v.SnapshotId != nil {
+ ok := object.Key("snapshotId")
+ ok.String(*v.SnapshotId)
+ }
+
+ if v.TagSpecifications != nil {
+ ok := object.Key("tagSpecifications")
+ if err := awsAwsjson11_serializeDocumentEBSTagSpecifications(v.TagSpecifications, ok); err != nil {
+ return err
+ }
+ }
+
+ if v.TerminationPolicy != nil {
+ ok := object.Key("terminationPolicy")
+ if err := awsAwsjson11_serializeDocumentTaskManagedEBSVolumeTerminationPolicy(v.TerminationPolicy, ok); err != nil {
+ return err
+ }
+ }
+
+ if v.Throughput != nil {
+ ok := object.Key("throughput")
+ ok.Integer(*v.Throughput)
+ }
+
+ if v.VolumeType != nil {
+ ok := object.Key("volumeType")
+ ok.String(*v.VolumeType)
+ }
+
+ return nil
+}
+
+func awsAwsjson11_serializeDocumentTaskManagedEBSVolumeTerminationPolicy(v *types.TaskManagedEBSVolumeTerminationPolicy, value smithyjson.Value) error {
+ object := value.Object()
+ defer object.Close()
+
+ if v.DeleteOnTermination != nil {
+ ok := object.Key("deleteOnTermination")
+ ok.Boolean(*v.DeleteOnTermination)
+ }
+
+ return nil
+}
+
func awsAwsjson11_serializeDocumentTaskOverride(v *types.TaskOverride, value smithyjson.Value) error {
object := value.Object()
defer object.Close()
@@ -5404,6 +5610,38 @@ func awsAwsjson11_serializeDocumentTaskSetFieldList(v []types.TaskSetField, valu
return nil
}
+func awsAwsjson11_serializeDocumentTaskVolumeConfiguration(v *types.TaskVolumeConfiguration, value smithyjson.Value) error {
+ object := value.Object()
+ defer object.Close()
+
+ if v.ManagedEBSVolume != nil {
+ ok := object.Key("managedEBSVolume")
+ if err := awsAwsjson11_serializeDocumentTaskManagedEBSVolumeConfiguration(v.ManagedEBSVolume, ok); err != nil {
+ return err
+ }
+ }
+
+ if v.Name != nil {
+ ok := object.Key("name")
+ ok.String(*v.Name)
+ }
+
+ return nil
+}
+
+func awsAwsjson11_serializeDocumentTaskVolumeConfigurations(v []types.TaskVolumeConfiguration, value smithyjson.Value) error {
+ array := value.Array()
+ defer array.Close()
+
+ for i := range v {
+ av := array.Value()
+ if err := awsAwsjson11_serializeDocumentTaskVolumeConfiguration(&v[i], av); err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
func awsAwsjson11_serializeDocumentTmpfs(v *types.Tmpfs, value smithyjson.Value) error {
object := value.Object()
defer object.Close()
@@ -5502,6 +5740,11 @@ func awsAwsjson11_serializeDocumentVolume(v *types.Volume, value smithyjson.Valu
object := value.Object()
defer object.Close()
+ if v.ConfiguredAtLaunch != nil {
+ ok := object.Key("configuredAtLaunch")
+ ok.Boolean(*v.ConfiguredAtLaunch)
+ }
+
if v.DockerVolumeConfiguration != nil {
ok := object.Key("dockerVolumeConfiguration")
if err := awsAwsjson11_serializeDocumentDockerVolumeConfiguration(v.DockerVolumeConfiguration, ok); err != nil {
@@ -5800,6 +6043,13 @@ func awsAwsjson11_serializeOpDocumentCreateServiceInput(v *CreateServiceInput, v
ok.String(*v.TaskDefinition)
}
+ if v.VolumeConfigurations != nil {
+ ok := object.Key("volumeConfigurations")
+ if err := awsAwsjson11_serializeDocumentServiceVolumeConfigurations(v.VolumeConfigurations, ok); err != nil {
+ return err
+ }
+ }
+
return nil
}
@@ -6954,6 +7204,13 @@ func awsAwsjson11_serializeOpDocumentRunTaskInput(v *RunTaskInput, value smithyj
ok.String(*v.TaskDefinition)
}
+ if v.VolumeConfigurations != nil {
+ ok := object.Key("volumeConfigurations")
+ if err := awsAwsjson11_serializeDocumentTaskVolumeConfigurations(v.VolumeConfigurations, ok); err != nil {
+ return err
+ }
+ }
+
return nil
}
@@ -7029,6 +7286,13 @@ func awsAwsjson11_serializeOpDocumentStartTaskInput(v *StartTaskInput, value smi
ok.String(*v.TaskDefinition)
}
+ if v.VolumeConfigurations != nil {
+ ok := object.Key("volumeConfigurations")
+ if err := awsAwsjson11_serializeDocumentTaskVolumeConfigurations(v.VolumeConfigurations, ok); err != nil {
+ return err
+ }
+ }
+
return nil
}
@@ -7445,6 +7709,13 @@ func awsAwsjson11_serializeOpDocumentUpdateServiceInput(v *UpdateServiceInput, v
ok.String(*v.TaskDefinition)
}
+ if v.VolumeConfigurations != nil {
+ ok := object.Key("volumeConfigurations")
+ if err := awsAwsjson11_serializeDocumentServiceVolumeConfigurations(v.VolumeConfigurations, ok); err != nil {
+ return err
+ }
+ }
+
return nil
}
diff --git a/service/ecs/types/enums.go b/service/ecs/types/enums.go
index 6e95ae68efb..a94b14e6523 100644
--- a/service/ecs/types/enums.go
+++ b/service/ecs/types/enums.go
@@ -367,6 +367,22 @@ func (DeviceCgroupPermission) Values() []DeviceCgroupPermission {
}
}
+type EBSResourceType string
+
+// Enum values for EBSResourceType
+const (
+ EBSResourceTypeVolume EBSResourceType = "volume"
+)
+
+// Values returns all known values for EBSResourceType. Note that this can be
+// expanded in the future, and so it is only as up to date as the client. The
+// ordering of this slice is not guaranteed to be stable across updates.
+func (EBSResourceType) Values() []EBSResourceType {
+ return []EBSResourceType{
+ "volume",
+ }
+}
+
type EFSAuthorizationConfigIAM string
// Enum values for EFSAuthorizationConfigIAM
@@ -1093,6 +1109,26 @@ func (TaskField) Values() []TaskField {
}
}
+type TaskFilesystemType string
+
+// Enum values for TaskFilesystemType
+const (
+ TaskFilesystemTypeExt3 TaskFilesystemType = "ext3"
+ TaskFilesystemTypeExt4 TaskFilesystemType = "ext4"
+ TaskFilesystemTypeXfs TaskFilesystemType = "xfs"
+)
+
+// Values returns all known values for TaskFilesystemType. Note that this can be
+// expanded in the future, and so it is only as up to date as the client. The
+// ordering of this slice is not guaranteed to be stable across updates.
+func (TaskFilesystemType) Values() []TaskFilesystemType {
+ return []TaskFilesystemType{
+ "ext3",
+ "ext4",
+ "xfs",
+ }
+}
+
type TaskSetField string
// Enum values for TaskSetField
diff --git a/service/ecs/types/types.go b/service/ecs/types/types.go
index 7787f6d3672..0eee7ecc882 100644
--- a/service/ecs/types/types.go
+++ b/service/ecs/types/types.go
@@ -12,7 +12,10 @@ type Attachment struct {
// Details of the attachment. For elastic network interfaces, this includes the
// network interface ID, the MAC address, the subnet ID, and the private IPv4
- // address.
+ // address. For Service Connect services, this includes portName , clientAliases ,
+ // discoveryName , and ingressPortOverride . For elastic block storage, this
+ // includes roleArn , encrypted , filesystemType , iops , kmsKeyId , sizeInGiB ,
+ // snapshotId , tagSpecifications , throughput , and volumeType .
Details []KeyValuePair
// The unique identifier for the attachment.
@@ -22,7 +25,8 @@ type Attachment struct {
// , ATTACHED , DETACHING , DETACHED , DELETED , and FAILED .
Status *string
- // The type of the attachment, such as ElasticNetworkInterface .
+ // The type of the attachment, such as ElasticNetworkInterface , Service Connect ,
+ // and AmazonElasticBlockStorage .
Type *string
noSmithyDocumentSerde
@@ -85,8 +89,7 @@ type AutoScalingGroupProvider struct {
// The managed draining option for the Auto Scaling group capacity provider. When
// you enable this, Amazon ECS manages and gracefully drains the EC2 container
- // instances that are in the Auto Scaling group capacity provider. The default is
- // ENABLED .
+ // instances that are in the Auto Scaling group capacity provider.
ManagedDraining ManagedDraining
// The managed scaling settings for the Auto Scaling group capacity provider.
@@ -114,8 +117,7 @@ type AutoScalingGroupProviderUpdate struct {
// The managed draining option for the Auto Scaling group capacity provider. When
// you enable this, Amazon ECS manages and gracefully drains the EC2 container
- // instances that are in the Auto Scaling group capacity provider. The default is
- // ENABLED .
+ // instances that are in the Auto Scaling group capacity provider.
ManagedDraining ManagedDraining
// The managed scaling settings for the Auto Scaling group capacity provider.
@@ -1425,6 +1427,12 @@ type Deployment struct {
// The Unix timestamp for the time when the service deployment was last updated.
UpdatedAt *time.Time
+ // The details of the volume that was configuredAtLaunch . You can configure
+ // different settings like the size, throughput, volumeType, and ecryption in
+ // ServiceManagedEBSVolumeConfiguration (https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ServiceManagedEBSVolumeConfiguration.html)
+ // . The name of the volume must match the name from the task definition.
+ VolumeConfigurations []ServiceVolumeConfiguration
+
noSmithyDocumentSerde
}
@@ -1653,6 +1661,27 @@ type DockerVolumeConfiguration struct {
noSmithyDocumentSerde
}
+// The tag specifications of an Amazon EBS volume.
+type EBSTagSpecification struct {
+
+ // The type of volume resource.
+ //
+ // This member is required.
+ ResourceType EBSResourceType
+
+ // Determines whether to propagate the tags from the task definition to 
the
+ // Amazon EBS volume. Tags can only propagate to a SERVICE specified in
+ // ServiceVolumeConfiguration . If no value is specified, the tags aren't
+ // 
propagated.
+ PropagateTags PropagateTags
+
+ // The tags applied to this Amazon EBS volume. AmazonECSCreated and
+ // AmazonECSManaged are reserved tags that can't be used.
+ Tags []Tag
+
+ noSmithyDocumentSerde
+}
+
// The authorization configuration details for the Amazon EFS file system.
type EFSAuthorizationConfig struct {
@@ -3282,6 +3311,108 @@ type ServiceEvent struct {
noSmithyDocumentSerde
}
+// The configuration for the Amazon EBS volume that Amazon ECS creates and manages
+// on your behalf. These settings are used to create each Amazon EBS volume, with
+// one volume created for each task in the service. Many of these parameters map
+// 1:1 with the Amazon EBS CreateVolume API request parameters.
+type ServiceManagedEBSVolumeConfiguration struct {
+
+ // The ARN of the IAM role to associate with this volume. This is the Amazon ECS
+ // infrastructure IAM role that is used to manage your Amazon Web Services
+ // infrastructure. We recommend using the Amazon ECS-managed
+ // AmazonECSInfrastructureRolePolicyForVolumes IAM policy with this role. For more
+ // information, see Amazon ECS infrastructure IAM role (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/infrastructure_IAM_role.html)
+ // in the Amazon ECS Developer Guide.
+ //
+ // This member is required.
+ RoleArn *string
+
+ // Indicates whether the volume should be encrypted. If no value is specified,
+ // encryption is turned on by default. This parameter maps 1:1 with the Encrypted
+ // parameter of the CreateVolume API (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html)
+ // in the Amazon EC2 API Reference.
+ Encrypted *bool
+
+ // The Linux filesystem type for the volume. For volumes created from a snapshot,
+ // you must specify the same filesystem type that the volume was using when the
+ // snapshot was created. If there is a filesystem type mismatch, the task will fail
+ // to start. The available filesystem types are
 ext3 , ext4 , and xfs . If no
+ // value is specified, the xfs filesystem type is used by default.
+ FilesystemType TaskFilesystemType
+
+ // The number of I/O operations per second (IOPS). For gp3 , io1 , and io2
+ // volumes, this represents the number of IOPS that are provisioned for the volume.
+ // For gp2 volumes, this represents the baseline performance of the volume and the
+ // rate at which the volume accumulates I/O credits for bursting. The following are
+ // the supported values for each volume type.
+ // - gp3 : 3,000 - 16,000 IOPS
+ // - io1 : 100 - 64,000 IOPS
+ // - io2 : 100 - 256,000 IOPS
+ // This parameter is required for io1 and io2 volume types. The default for gp3
+ // volumes is 3,000 IOPS . This parameter is not supported for st1 , sc1 , or
+ // standard volume types. This parameter maps 1:1 with the Iops parameter of the
+ // CreateVolume API (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html)
+ // in the Amazon EC2 API Reference.
+ Iops *int32
+
+ // The Amazon Resource Name (ARN) identifier of the Amazon Web Services Key
+ // Management Service key to use for Amazon EBS encryption. When encryption is
+ // turned on and no Amazon Web Services Key Management Service key is specified,
+ // the default Amazon Web Services managed key for Amazon EBS volumes is used. This
+ // parameter maps 1:1 with the KmsKeyId parameter of the CreateVolume API (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html)
+ // in the Amazon EC2 API Reference. Amazon Web Services authenticates the Amazon
+ // Web Services Key Management Service key asynchronously. Therefore, if you
+ // specify an ID, alias, or ARN that is invalid, the action can appear to complete,
+ // but eventually fails.
+ KmsKeyId *string
+
+ // The size of the volume in GiB. You must specify either a volume size or a
+ // snapshot ID. If you specify a snapshot ID, the snapshot size is used for the
+ // volume size by default. You can optionally specify a volume size greater than or
+ // equal to the snapshot size. This parameter maps 1:1 with the Size parameter of
+ // the CreateVolume API (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html)
+ // in the Amazon EC2 API Reference. The following are the supported volume size
+ // values for each volume type.
+ // - gp2 and gp3 : 1-16,384
+ // - io1 and io2 : 4-16,384
+ // - st1 and sc1 : 125-16,384
+ // - standard : 1-1,024
+ SizeInGiB *int32
+
+ // The snapshot that Amazon ECS uses to create the volume. You must specify either
+ // a snapshot ID or a volume size. This parameter maps 1:1 with the SnapshotId
+ // parameter of the CreateVolume API (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html)
+ // in the Amazon EC2 API Reference.
+ SnapshotId *string
+
+ // The tags to apply to the volume. Amazon ECS applies service-managed tags by
+ // default. This parameter maps 1:1 with the TagSpecifications.N parameter of the
+ // CreateVolume API (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html)
+ // in the Amazon EC2 API Reference.
+ TagSpecifications []EBSTagSpecification
+
+ // The throughput to provision for a volume, in MiB/s, with a maximum of 1,000
+ // MiB/s. This parameter maps 1:1 with the Throughput parameter of the
+ // CreateVolume API (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html)
+ // in the Amazon EC2 API Reference. This parameter is only supported for the gp3
+ // volume type.
+ Throughput *int32
+
+ // The volume type. This parameter maps 1:1 with the VolumeType parameter of the
+ // CreateVolume API (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html)
+ // in the Amazon EC2 API Reference. For more information, see Amazon EBS volume
+ // types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html)
+ // in the Amazon EC2 User Guide. The following are the supported volume types.
+ // - General Purpose SSD: gp2 | gp3
+ // - Provisioned IOPS SSD: io1 | io2
+ // - Throughput Optimized HDD: st1
+ // - Cold HDD: sc1
+ // - Magnetic: standard The magnetic volume type is not supported on Fargate.
+ VolumeType *string
+
+ noSmithyDocumentSerde
+}
+
// The details for the service registry. Each service may be associated with one
// service registry. Multiple service registries for each service are not
// supported. When you add, update, or remove the service registries configuration,
@@ -3320,6 +3451,26 @@ type ServiceRegistry struct {
noSmithyDocumentSerde
}
+// The configuration for a volume specified in the task definition as a volume
+// that is configured at launch time. Currently, the only supported volume type is
+// an Amazon EBS volume.
+type ServiceVolumeConfiguration struct {
+
+ // The name of the volume. This value must match the volume name from the Volume
+ // object in the task definition.
+ //
+ // This member is required.
+ Name *string
+
+ // The configuration for the Amazon EBS volume that Amazon ECS creates and manages
+ // on your behalf. These settings are used to create each Amazon EBS volume, with
+ // one volume created for each task in the service. The Amazon EBS volumes are
+ // visible in your account in the Amazon EC2 console once they are created.
+ ManagedEBSVolume *ServiceManagedEBSVolumeConfiguration
+
+ noSmithyDocumentSerde
+}
+
// The details for the execute command session.
type Session struct {
@@ -3883,6 +4034,129 @@ type TaskDefinitionPlacementConstraint struct {
noSmithyDocumentSerde
}
+// The configuration for the Amazon EBS volume that Amazon ECS creates and manages
+// on your behalf. These settings are used to create each Amazon EBS volume, with
+// one volume created for each task.
+type TaskManagedEBSVolumeConfiguration struct {
+
+ // The ARN of the IAM role to associate with this volume. This is the Amazon ECS
+ // infrastructure IAM role that is used to manage your Amazon Web Services
+ // infrastructure. We recommend using the Amazon ECS-managed
+ // AmazonECSInfrastructureRolePolicyForVolumes IAM policy with this role. For more
+ // information, see Amazon ECS infrastructure IAM role (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/infrastructure_IAM_role.html)
+ // in the Amazon ECS Developer Guide.
+ //
+ // This member is required.
+ RoleArn *string
+
+ // Indicates whether the volume should be encrypted. If no value is specified,
+ // encryption is turned on by default. This parameter maps 1:1 with the Encrypted
+ // parameter of the CreateVolume API (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html)
+ // in the Amazon EC2 API Reference.
+ Encrypted *bool
+
+ // The Linux filesystem type for the volume. For volumes created from a snapshot,
+ // you must specify the same filesystem type that the volume was using when the
+ // snapshot was created. If there is a filesystem type mismatch, the task will fail
+ // to start. The available filesystem types are
 ext3 , ext4 , and xfs . If no
+ // value is specified, the xfs filesystem type is used by default.
+ FilesystemType TaskFilesystemType
+
+ // The number of I/O operations per second (IOPS). For gp3 , io1 , and io2
+ // volumes, this represents the number of IOPS that are provisioned for the volume.
+ // For gp2 volumes, this represents the baseline performance of the volume and the
+ // rate at which the volume accumulates I/O credits for bursting. The following are
+ // the supported values for each volume type.
+ // - gp3 : 3,000 - 16,000 IOPS
+ // - io1 : 100 - 64,000 IOPS
+ // - io2 : 100 - 256,000 IOPS
+ // This parameter is required for io1 and io2 volume types. The default for gp3
+ // volumes is 3,000 IOPS . This parameter is not supported for st1 , sc1 , or
+ // standard volume types. This parameter maps 1:1 with the Iops parameter of the
+ // CreateVolume API (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html)
+ // in the Amazon EC2 API Reference.
+ Iops *int32
+
+ // The Amazon Resource Name (ARN) identifier of the Amazon Web Services Key
+ // Management Service key to use for Amazon EBS encryption. When encryption is
+ // turned on and no Amazon Web Services Key Management Service key is specified,
+ // the default Amazon Web Services managed key for Amazon EBS volumes is used. This
+ // parameter maps 1:1 with the KmsKeyId parameter of the CreateVolume API (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html)
+ // in the Amazon EC2 API Reference. Amazon Web Services authenticates the Amazon
+ // Web Services Key Management Service key asynchronously. Therefore, if you
+ // specify an ID, alias, or ARN that is invalid, the action can appear to complete,
+ // but eventually fails.
+ KmsKeyId *string
+
+ // The size of the volume in GiB. You must specify either a volume size or a
+ // snapshot ID. If you specify a snapshot ID, the snapshot size is used for the
+ // volume size by default. You can optionally specify a volume size greater than or
+ // equal to the snapshot size. This parameter maps 1:1 with the Size parameter of
+ // the CreateVolume API (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html)
+ // in the Amazon EC2 API Reference. The following are the supported volume size
+ // values for each volume type.
+ // - gp2 and gp3 : 1-16,384
+ // - io1 and io2 : 4-16,384
+ // - st1 and sc1 : 125-16,384
+ // - standard : 1-1,024
+ SizeInGiB *int32
+
+ // The snapshot that Amazon ECS uses to create the volume. You must specify either
+ // a snapshot ID or a volume size. This parameter maps 1:1 with the SnapshotId
+ // parameter of the CreateVolume API (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html)
+ // in the Amazon EC2 API Reference.
+ SnapshotId *string
+
+ // The tags to apply to the volume. Amazon ECS applies service-managed tags by
+ // default. This parameter maps 1:1 with the TagSpecifications.N parameter of the
+ // CreateVolume API (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html)
+ // in the Amazon EC2 API Reference.
+ TagSpecifications []EBSTagSpecification
+
+ // The termination policy for the volume when the task exits. This provides a way
+ // to control whether Amazon ECS terminates the Amazon EBS volume when the task
+ // stops.
+ TerminationPolicy *TaskManagedEBSVolumeTerminationPolicy
+
+ // The throughput to provision for a volume, in MiB/s, with a maximum of 1,000
+ // MiB/s. This parameter maps 1:1 with the Throughput parameter of the
+ // CreateVolume API (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html)
+ // in the Amazon EC2 API Reference. This parameter is only supported for the gp3
+ // volume type.
+ Throughput *int32
+
+ // The volume type. This parameter maps 1:1 with the VolumeType parameter of the
+ // CreateVolume API (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html)
+ // in the Amazon EC2 API Reference. For more information, see Amazon EBS volume
+ // types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html)
+ // in the Amazon EC2 User Guide. The following are the supported volume types.
+ // - General Purpose SSD: gp2 | gp3
+ // - Provisioned IOPS SSD: io1 | io2
+ // - Throughput Optimized HDD: st1
+ // - Cold HDD: sc1
+ // - Magnetic: standard The magnetic volume type is not supported on Fargate.
+ VolumeType *string
+
+ noSmithyDocumentSerde
+}
+
+// The termination policy for the Amazon EBS volume when the task exits. For more
+// information, see Amazon ECS volume termination policy (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-volumes.html#ebs-volume-types)
+// .
+type TaskManagedEBSVolumeTerminationPolicy struct {
+
+ // Indicates whether the volume should be deleted on when the task stops. If a
+ // value of true is specified, 
Amazon ECS deletes the Amazon EBS volume on your
+ // behalf when the task goes into the STOPPED state. If no value is specified, the
+ // 
default value is true is used. When set to false , Amazon ECS leaves the volume
+ // in your 
account.
+ //
+ // This member is required.
+ DeleteOnTermination *bool
+
+ noSmithyDocumentSerde
+}
+
// The overrides that are associated with a task.
type TaskOverride struct {
@@ -4051,6 +4325,25 @@ type TaskSet struct {
noSmithyDocumentSerde
}
+// Configuration settings for the task volume that was configuredAtLaunch that
+// weren't set during RegisterTaskDef .
+type TaskVolumeConfiguration struct {
+
+ // The name of the volume. This value must match the volume name from the Volume
+ // object in the task definition.
+ //
+ // This member is required.
+ Name *string
+
+ // The configuration for the Amazon EBS volume that Amazon ECS creates and manages
+ // on your behalf. These settings are used to create each Amazon EBS volume, with
+ // one volume created for each task. The Amazon EBS volumes are visible in your
+ // account in the Amazon EC2 console once they are created.
+ ManagedEBSVolume *TaskManagedEBSVolumeConfiguration
+
+ noSmithyDocumentSerde
+}
+
// The container path, mount options, and size of the tmpfs mount.
type Tmpfs struct {
@@ -4121,16 +4414,25 @@ type VersionInfo struct {
noSmithyDocumentSerde
}
-// A data volume that's used in a task definition. For tasks that use the Amazon
-// Elastic File System (Amazon EFS), specify an efsVolumeConfiguration . For
-// Windows tasks that use Amazon FSx for Windows File Server file system, specify a
-// fsxWindowsFileServerVolumeConfiguration . For tasks that use a Docker volume,
-// specify a DockerVolumeConfiguration . For tasks that use a bind mount host
-// volume, specify a host and optional sourcePath . For more information, see
-// Using Data Volumes in Tasks (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html)
+// The data volume configuration for tasks launched using this task definition.
+// Specifying a volume configuration in a task definition is optional. The volume
+// configuration may contain multiple volumes but only one volume configured at
+// launch is supported. Each volume defined in the volume configuration may only
+// specify a name and one of either configuredAtLaunch , dockerVolumeConfiguration
+// , efsVolumeConfiguration , fsxWindowsFileServerVolumeConfiguration , or host .
+// If an empty volume configuration is specified, by default Amazon ECS uses a host
+// volume. For more information, see Using data volumes in tasks (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html)
// .
type Volume struct {
+ // Indicates whether the volume should be configured at launch time. This is used
+ // to create Amazon EBS volumes for standalone tasks or tasks created as part of a
+ // service. Each task definition revision may only have one volume configured at
+ // launch in the volume configuration. To configure a volume at launch time, use
+ // this task definition revision and specify a volumeConfigurations object when
+ // calling the CreateService , UpdateService , RunTask or StartTask APIs.
+ ConfiguredAtLaunch *bool
+
// This parameter is specified when you use Docker volumes. Windows containers
// only support the use of the local driver. To use bind mounts, specify the host
// parameter instead. Docker volumes aren't supported by tasks run on Fargate.
@@ -4157,9 +4459,13 @@ type Volume struct {
Host *HostVolumeProperties
// The name of the volume. Up to 255 letters (uppercase and lowercase), numbers,
- // underscores, and hyphens are allowed. This name is referenced in the
- // sourceVolume parameter of container definition mountPoints . This is required
- // wwhen you use an Amazon EFS volume.
+ // underscores, and hyphens are allowed. When using a volume configured at launch,
+ // the name is required and must also be specified as the volume name in the
+ // ServiceVolumeConfiguration or TaskVolumeConfiguration parameter when creating
+ // your service or standalone task. For all other types of volumes, this name is
+ // referenced in the sourceVolume parameter of the mountPoints object in the
+ // container definition. When a volume is using the efsVolumeConfiguration , the
+ // name is required.
Name *string
noSmithyDocumentSerde
diff --git a/service/ecs/validators.go b/service/ecs/validators.go
index 1d97872953c..7cdbf49ff99 100644
--- a/service/ecs/validators.go
+++ b/service/ecs/validators.go
@@ -1488,6 +1488,38 @@ func validateDevicesList(v []types.Device) error {
}
}
+func validateEBSTagSpecification(v *types.EBSTagSpecification) error {
+ if v == nil {
+ return nil
+ }
+ invalidParams := smithy.InvalidParamsError{Context: "EBSTagSpecification"}
+ if len(v.ResourceType) == 0 {
+ invalidParams.Add(smithy.NewErrParamRequired("ResourceType"))
+ }
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ } else {
+ return nil
+ }
+}
+
+func validateEBSTagSpecifications(v []types.EBSTagSpecification) error {
+ if v == nil {
+ return nil
+ }
+ invalidParams := smithy.InvalidParamsError{Context: "EBSTagSpecifications"}
+ for i := range v {
+ if err := validateEBSTagSpecification(&v[i]); err != nil {
+ invalidParams.AddNested(fmt.Sprintf("[%d]", i), err.(smithy.InvalidParamsError))
+ }
+ }
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ } else {
+ return nil
+ }
+}
+
func validateEFSVolumeConfiguration(v *types.EFSVolumeConfiguration) error {
if v == nil {
return nil
@@ -2016,6 +2048,103 @@ func validateServiceConnectServiceList(v []types.ServiceConnectService) error {
}
}
+func validateServiceManagedEBSVolumeConfiguration(v *types.ServiceManagedEBSVolumeConfiguration) error {
+ if v == nil {
+ return nil
+ }
+ invalidParams := smithy.InvalidParamsError{Context: "ServiceManagedEBSVolumeConfiguration"}
+ if v.TagSpecifications != nil {
+ if err := validateEBSTagSpecifications(v.TagSpecifications); err != nil {
+ invalidParams.AddNested("TagSpecifications", err.(smithy.InvalidParamsError))
+ }
+ }
+ if v.RoleArn == nil {
+ invalidParams.Add(smithy.NewErrParamRequired("RoleArn"))
+ }
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ } else {
+ return nil
+ }
+}
+
+func validateServiceVolumeConfiguration(v *types.ServiceVolumeConfiguration) error {
+ if v == nil {
+ return nil
+ }
+ invalidParams := smithy.InvalidParamsError{Context: "ServiceVolumeConfiguration"}
+ if v.Name == nil {
+ invalidParams.Add(smithy.NewErrParamRequired("Name"))
+ }
+ if v.ManagedEBSVolume != nil {
+ if err := validateServiceManagedEBSVolumeConfiguration(v.ManagedEBSVolume); err != nil {
+ invalidParams.AddNested("ManagedEBSVolume", err.(smithy.InvalidParamsError))
+ }
+ }
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ } else {
+ return nil
+ }
+}
+
+func validateServiceVolumeConfigurations(v []types.ServiceVolumeConfiguration) error {
+ if v == nil {
+ return nil
+ }
+ invalidParams := smithy.InvalidParamsError{Context: "ServiceVolumeConfigurations"}
+ for i := range v {
+ if err := validateServiceVolumeConfiguration(&v[i]); err != nil {
+ invalidParams.AddNested(fmt.Sprintf("[%d]", i), err.(smithy.InvalidParamsError))
+ }
+ }
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ } else {
+ return nil
+ }
+}
+
+func validateTaskManagedEBSVolumeConfiguration(v *types.TaskManagedEBSVolumeConfiguration) error {
+ if v == nil {
+ return nil
+ }
+ invalidParams := smithy.InvalidParamsError{Context: "TaskManagedEBSVolumeConfiguration"}
+ if v.TagSpecifications != nil {
+ if err := validateEBSTagSpecifications(v.TagSpecifications); err != nil {
+ invalidParams.AddNested("TagSpecifications", err.(smithy.InvalidParamsError))
+ }
+ }
+ if v.RoleArn == nil {
+ invalidParams.Add(smithy.NewErrParamRequired("RoleArn"))
+ }
+ if v.TerminationPolicy != nil {
+ if err := validateTaskManagedEBSVolumeTerminationPolicy(v.TerminationPolicy); err != nil {
+ invalidParams.AddNested("TerminationPolicy", err.(smithy.InvalidParamsError))
+ }
+ }
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ } else {
+ return nil
+ }
+}
+
+func validateTaskManagedEBSVolumeTerminationPolicy(v *types.TaskManagedEBSVolumeTerminationPolicy) error {
+ if v == nil {
+ return nil
+ }
+ invalidParams := smithy.InvalidParamsError{Context: "TaskManagedEBSVolumeTerminationPolicy"}
+ if v.DeleteOnTermination == nil {
+ invalidParams.Add(smithy.NewErrParamRequired("DeleteOnTermination"))
+ }
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ } else {
+ return nil
+ }
+}
+
func validateTaskOverride(v *types.TaskOverride) error {
if v == nil {
return nil
@@ -2038,6 +2167,43 @@ func validateTaskOverride(v *types.TaskOverride) error {
}
}
+func validateTaskVolumeConfiguration(v *types.TaskVolumeConfiguration) error {
+ if v == nil {
+ return nil
+ }
+ invalidParams := smithy.InvalidParamsError{Context: "TaskVolumeConfiguration"}
+ if v.Name == nil {
+ invalidParams.Add(smithy.NewErrParamRequired("Name"))
+ }
+ if v.ManagedEBSVolume != nil {
+ if err := validateTaskManagedEBSVolumeConfiguration(v.ManagedEBSVolume); err != nil {
+ invalidParams.AddNested("ManagedEBSVolume", err.(smithy.InvalidParamsError))
+ }
+ }
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ } else {
+ return nil
+ }
+}
+
+func validateTaskVolumeConfigurations(v []types.TaskVolumeConfiguration) error {
+ if v == nil {
+ return nil
+ }
+ invalidParams := smithy.InvalidParamsError{Context: "TaskVolumeConfigurations"}
+ for i := range v {
+ if err := validateTaskVolumeConfiguration(&v[i]); err != nil {
+ invalidParams.AddNested(fmt.Sprintf("[%d]", i), err.(smithy.InvalidParamsError))
+ }
+ }
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ } else {
+ return nil
+ }
+}
+
func validateTmpfs(v *types.Tmpfs) error {
if v == nil {
return nil
@@ -2218,6 +2384,11 @@ func validateOpCreateServiceInput(v *CreateServiceInput) error {
invalidParams.AddNested("ServiceConnectConfiguration", err.(smithy.InvalidParamsError))
}
}
+ if v.VolumeConfigurations != nil {
+ if err := validateServiceVolumeConfigurations(v.VolumeConfigurations); err != nil {
+ invalidParams.AddNested("VolumeConfigurations", err.(smithy.InvalidParamsError))
+ }
+ }
if invalidParams.Len() > 0 {
return invalidParams
} else {
@@ -2724,6 +2895,11 @@ func validateOpRunTaskInput(v *RunTaskInput) error {
if v.TaskDefinition == nil {
invalidParams.Add(smithy.NewErrParamRequired("TaskDefinition"))
}
+ if v.VolumeConfigurations != nil {
+ if err := validateTaskVolumeConfigurations(v.VolumeConfigurations); err != nil {
+ invalidParams.AddNested("VolumeConfigurations", err.(smithy.InvalidParamsError))
+ }
+ }
if invalidParams.Len() > 0 {
return invalidParams
} else {
@@ -2752,6 +2928,11 @@ func validateOpStartTaskInput(v *StartTaskInput) error {
if v.TaskDefinition == nil {
invalidParams.Add(smithy.NewErrParamRequired("TaskDefinition"))
}
+ if v.VolumeConfigurations != nil {
+ if err := validateTaskVolumeConfigurations(v.VolumeConfigurations); err != nil {
+ invalidParams.AddNested("VolumeConfigurations", err.(smithy.InvalidParamsError))
+ }
+ }
if invalidParams.Len() > 0 {
return invalidParams
} else {
@@ -2968,6 +3149,11 @@ func validateOpUpdateServiceInput(v *UpdateServiceInput) error {
invalidParams.AddNested("ServiceConnectConfiguration", err.(smithy.InvalidParamsError))
}
}
+ if v.VolumeConfigurations != nil {
+ if err := validateServiceVolumeConfigurations(v.VolumeConfigurations); err != nil {
+ invalidParams.AddNested("VolumeConfigurations", err.(smithy.InvalidParamsError))
+ }
+ }
if invalidParams.Len() > 0 {
return invalidParams
} else {
diff --git a/service/eventbridge/CHANGELOG.md b/service/eventbridge/CHANGELOG.md
index 6b4387c21ab..1f6a6e3d8ab 100644
--- a/service/eventbridge/CHANGELOG.md
+++ b/service/eventbridge/CHANGELOG.md
@@ -1,3 +1,11 @@
+# v1.28.0 (2024-01-11)
+
+* **Feature**: Adding AppSync as an EventBridge Target
+
+# v1.27.0 (2024-01-05)
+
+* **Feature**: Support smithy sigv4a trait for codegen.
+
# v1.26.7 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/eventbridge/api_op_PutRule.go b/service/eventbridge/api_op_PutRule.go
index 95655c21a0a..9d52a00b085 100644
--- a/service/eventbridge/api_op_PutRule.go
+++ b/service/eventbridge/api_op_PutRule.go
@@ -99,24 +99,7 @@ type PutRuleInput struct {
// minutes)".
ScheduleExpression *string
- // The state of the rule. Valid values include:
- // - DISABLED : The rule is disabled. EventBridge does not match any events
- // against the rule.
- // - ENABLED : The rule is enabled. EventBridge matches events against the rule,
- // except for Amazon Web Services management events delivered through CloudTrail.
- // - ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS : The rule is enabled for all
- // events, including Amazon Web Services management events delivered through
- // CloudTrail. Management events provide visibility into management operations that
- // are performed on resources in your Amazon Web Services account. These are also
- // known as control plane operations. For more information, see Logging
- // management events (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html#logging-management-events)
- // in the CloudTrail User Guide, and Filtering management events from Amazon Web
- // Services services (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-cloudtrail)
- // in the Amazon EventBridge User Guide. This value is only valid for rules on the
- // default (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is-how-it-works-concepts.html#eb-bus-concepts-buses)
- // event bus or custom event buses (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-event-bus.html)
- // . It does not apply to partner event buses (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-saas.html)
- // .
+ // Indicates whether the rule is enabled or disabled.
State types.RuleState
// The list of key-value pairs to associate with the rule.
diff --git a/service/eventbridge/auth.go b/service/eventbridge/auth.go
index 10df85af4f0..5623cfb524d 100644
--- a/service/eventbridge/auth.go
+++ b/service/eventbridge/auth.go
@@ -140,7 +140,15 @@ func serviceAuthOptions(params *AuthResolverParameters) []*smithyauth.Option {
}(),
},
- {SchemeID: smithyauth.SchemeIDSigV4A},
+ {
+ SchemeID: smithyauth.SchemeIDSigV4A,
+ SignerProperties: func() smithy.Properties {
+ var props smithy.Properties
+ smithyhttp.SetSigV4ASigningName(&props, "events")
+ smithyhttp.SetSigV4ASigningRegions(&props, []string{params.Region})
+ return props
+ }(),
+ },
}
}
diff --git a/service/eventbridge/deserializers.go b/service/eventbridge/deserializers.go
index 3a28b1e40ab..68fa037de65 100644
--- a/service/eventbridge/deserializers.go
+++ b/service/eventbridge/deserializers.go
@@ -6944,6 +6944,46 @@ func awsAwsjson11_deserializeDocumentApiDestinationResponseList(v *[]types.ApiDe
return nil
}
+func awsAwsjson11_deserializeDocumentAppSyncParameters(v **types.AppSyncParameters, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.(map[string]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var sv *types.AppSyncParameters
+ if *v == nil {
+ sv = &types.AppSyncParameters{}
+ } else {
+ sv = *v
+ }
+
+ for key, value := range shape {
+ switch key {
+ case "GraphQLOperation":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected GraphQLOperation to be of type string, got %T instead", value)
+ }
+ sv.GraphQLOperation = ptr.String(jtv)
+ }
+
+ default:
+ _, _ = key, value
+
+ }
+ }
+ *v = sv
+ return nil
+}
+
func awsAwsjson11_deserializeDocumentArchive(v **types.Archive, value interface{}) error {
if v == nil {
return fmt.Errorf("unexpected nil of type %T", v)
@@ -11493,6 +11533,11 @@ func awsAwsjson11_deserializeDocumentTarget(v **types.Target, value interface{})
for key, value := range shape {
switch key {
+ case "AppSyncParameters":
+ if err := awsAwsjson11_deserializeDocumentAppSyncParameters(&sv.AppSyncParameters, value); err != nil {
+ return err
+ }
+
case "Arn":
if value != nil {
jtv, ok := value.(string)
diff --git a/service/eventbridge/go_module_metadata.go b/service/eventbridge/go_module_metadata.go
index b6b7fa75e00..e87babd8cc4 100644
--- a/service/eventbridge/go_module_metadata.go
+++ b/service/eventbridge/go_module_metadata.go
@@ -3,4 +3,4 @@
package eventbridge
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.26.7"
+const goModuleVersion = "1.28.0"
diff --git a/service/eventbridge/serializers.go b/service/eventbridge/serializers.go
index b3a943d629a..a1b572c24c8 100644
--- a/service/eventbridge/serializers.go
+++ b/service/eventbridge/serializers.go
@@ -3095,6 +3095,18 @@ func (m *awsAwsjson11_serializeOpUpdateEndpoint) HandleSerialize(ctx context.Con
return next.HandleSerialize(ctx, in)
}
+func awsAwsjson11_serializeDocumentAppSyncParameters(v *types.AppSyncParameters, value smithyjson.Value) error {
+ object := value.Object()
+ defer object.Close()
+
+ if v.GraphQLOperation != nil {
+ ok := object.Key("GraphQLOperation")
+ ok.String(*v.GraphQLOperation)
+ }
+
+ return nil
+}
+
func awsAwsjson11_serializeDocumentAwsVpcConfiguration(v *types.AwsVpcConfiguration, value smithyjson.Value) error {
object := value.Object()
defer object.Close()
@@ -4230,6 +4242,13 @@ func awsAwsjson11_serializeDocumentTarget(v *types.Target, value smithyjson.Valu
object := value.Object()
defer object.Close()
+ if v.AppSyncParameters != nil {
+ ok := object.Key("AppSyncParameters")
+ if err := awsAwsjson11_serializeDocumentAppSyncParameters(v.AppSyncParameters, ok); err != nil {
+ return err
+ }
+ }
+
if v.Arn != nil {
ok := object.Key("Arn")
ok.String(*v.Arn)
diff --git a/service/eventbridge/types/types.go b/service/eventbridge/types/types.go
index e2fdacd77e8..3f0f6608c51 100644
--- a/service/eventbridge/types/types.go
+++ b/service/eventbridge/types/types.go
@@ -40,6 +40,18 @@ type ApiDestination struct {
noSmithyDocumentSerde
}
+// Contains the GraphQL operation to be parsed and executed, if the event target
+// is an AppSync API.
+type AppSyncParameters struct {
+
+ // The GraphQL operation; that is, the query, mutation, or subscription to be
+ // parsed and executed by the GraphQL service. For more information, see Operations (https://docs.aws.amazon.com/appsync/latest/devguide/graphql-architecture.html#graphql-operations)
+ // in the AppSync User Guide.
+ GraphQLOperation *string
+
+ noSmithyDocumentSerde
+}
+
// An Archive object that contains details about an archive.
type Archive struct {
@@ -1226,24 +1238,7 @@ type Rule struct {
// .
ScheduleExpression *string
- // The state of the rule. Valid values include:
- // - DISABLED : The rule is disabled. EventBridge does not match any events
- // against the rule.
- // - ENABLED : The rule is enabled. EventBridge matches events against the rule,
- // except for Amazon Web Services management events delivered through CloudTrail.
- // - ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS : The rule is enabled for all
- // events, including Amazon Web Services management events delivered through
- // CloudTrail. Management events provide visibility into management operations that
- // are performed on resources in your Amazon Web Services account. These are also
- // known as control plane operations. For more information, see Logging
- // management events (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html#logging-management-events)
- // in the CloudTrail User Guide, and Filtering management events from Amazon Web
- // Services services (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-cloudtrail)
- // in the Amazon EventBridge User Guide. This value is only valid for rules on the
- // default (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is-how-it-works-concepts.html#eb-bus-concepts-buses)
- // event bus or custom event buses (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-event-bus.html)
- // . It does not apply to partner event buses (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-saas.html)
- // .
+ // The state of the rule.
State RuleState
noSmithyDocumentSerde
@@ -1371,6 +1366,10 @@ type Target struct {
// This member is required.
Id *string
+ // Contains the GraphQL operation to be parsed and executed, if the event target
+ // is an AppSync API.
+ AppSyncParameters *AppSyncParameters
+
// If the event target is an Batch job, this contains the job definition, job
// name, and other parameters. For more information, see Jobs (https://docs.aws.amazon.com/batch/latest/userguide/jobs.html)
// in the Batch User Guide.
diff --git a/service/guardduty/CHANGELOG.md b/service/guardduty/CHANGELOG.md
index e7252054553..08791bb7c5f 100644
--- a/service/guardduty/CHANGELOG.md
+++ b/service/guardduty/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.36.2 (2024-01-11)
+
+* No change notes available for this release.
+
# v1.36.1 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/guardduty/go_module_metadata.go b/service/guardduty/go_module_metadata.go
index 8cfd6dc3ae9..925911adee4 100644
--- a/service/guardduty/go_module_metadata.go
+++ b/service/guardduty/go_module_metadata.go
@@ -3,4 +3,4 @@
package guardduty
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.36.1"
+const goModuleVersion = "1.36.2"
diff --git a/service/guardduty/internal/endpoints/endpoints.go b/service/guardduty/internal/endpoints/endpoints.go
index acaa30350ee..dc84b3ca892 100644
--- a/service/guardduty/internal/endpoints/endpoints.go
+++ b/service/guardduty/internal/endpoints/endpoints.go
@@ -348,6 +348,11 @@ var defaultPartitions = endpoints.Partitions{
},
RegionRegex: partitionRegexp.AwsIso,
IsRegionalized: true,
+ Endpoints: endpoints.Endpoints{
+ endpoints.EndpointKey{
+ Region: "us-iso-east-1",
+ }: endpoints.Endpoint{},
+ },
},
{
ID: "aws-iso-b",
diff --git a/service/internal/benchmark/go.mod b/service/internal/benchmark/go.mod
index cfdb66d6975..fd3ee58fa8f 100644
--- a/service/internal/benchmark/go.mod
+++ b/service/internal/benchmark/go.mod
@@ -7,7 +7,7 @@ require (
github.com/aws/aws-sdk-go-v2 v1.24.1
github.com/aws/aws-sdk-go-v2/service/dynamodb v1.26.8
github.com/aws/aws-sdk-go-v2/service/lexruntimeservice v1.18.6
- github.com/aws/aws-sdk-go-v2/service/s3 v1.47.8
+ github.com/aws/aws-sdk-go-v2/service/s3 v1.48.0
github.com/aws/aws-sdk-go-v2/service/schemas v1.21.6
github.com/aws/smithy-go v1.19.0
)
diff --git a/service/internal/eventstreamtesting/CHANGELOG.md b/service/internal/eventstreamtesting/CHANGELOG.md
index 3b415268d04..7258079ad57 100644
--- a/service/internal/eventstreamtesting/CHANGELOG.md
+++ b/service/internal/eventstreamtesting/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.2.18 (2024-01-16)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
# v1.2.17 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/internal/eventstreamtesting/go.mod b/service/internal/eventstreamtesting/go.mod
index 6f8c8a9125d..5c12d25d0ae 100644
--- a/service/internal/eventstreamtesting/go.mod
+++ b/service/internal/eventstreamtesting/go.mod
@@ -5,7 +5,7 @@ go 1.19
require (
github.com/aws/aws-sdk-go-v2 v1.24.1
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.4
- github.com/aws/aws-sdk-go-v2/credentials v1.16.14
+ github.com/aws/aws-sdk-go-v2/credentials v1.16.15
golang.org/x/net v0.19.0
)
diff --git a/service/internal/eventstreamtesting/go_module_metadata.go b/service/internal/eventstreamtesting/go_module_metadata.go
index ea418226a37..86ff4c898fb 100644
--- a/service/internal/eventstreamtesting/go_module_metadata.go
+++ b/service/internal/eventstreamtesting/go_module_metadata.go
@@ -3,4 +3,4 @@
package eventstreamtesting
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.2.17"
+const goModuleVersion = "1.2.18"
diff --git a/service/internal/integrationtest/go.mod b/service/internal/integrationtest/go.mod
index 508bab9f172..18f334ece6c 100644
--- a/service/internal/integrationtest/go.mod
+++ b/service/internal/integrationtest/go.mod
@@ -2,8 +2,8 @@ module github.com/aws/aws-sdk-go-v2/service/internal/integrationtest
require (
github.com/aws/aws-sdk-go-v2 v1.24.1
- github.com/aws/aws-sdk-go-v2/config v1.26.3
- github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.15.10
+ github.com/aws/aws-sdk-go-v2/config v1.26.4
+ github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.15.12
github.com/aws/aws-sdk-go-v2/service/acm v1.22.7
github.com/aws/aws-sdk-go-v2/service/apigateway v1.21.7
github.com/aws/aws-sdk-go-v2/service/applicationautoscaling v1.25.7
@@ -18,7 +18,7 @@ require (
github.com/aws/aws-sdk-go-v2/service/cloudsearch v1.20.6
github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.35.7
github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.32.2
- github.com/aws/aws-sdk-go-v2/service/codebuild v1.26.6
+ github.com/aws/aws-sdk-go-v2/service/codebuild v1.27.0
github.com/aws/aws-sdk-go-v2/service/codecommit v1.20.1
github.com/aws/aws-sdk-go-v2/service/codedeploy v1.22.3
github.com/aws/aws-sdk-go-v2/service/codepipeline v1.22.6
@@ -32,9 +32,9 @@ require (
github.com/aws/aws-sdk-go-v2/service/directoryservice v1.22.8
github.com/aws/aws-sdk-go-v2/service/docdb v1.30.0
github.com/aws/aws-sdk-go-v2/service/dynamodb v1.26.8
- github.com/aws/aws-sdk-go-v2/service/ec2 v1.142.1
+ github.com/aws/aws-sdk-go-v2/service/ec2 v1.144.0
github.com/aws/aws-sdk-go-v2/service/ecr v1.24.7
- github.com/aws/aws-sdk-go-v2/service/ecs v1.36.0
+ github.com/aws/aws-sdk-go-v2/service/ecs v1.37.0
github.com/aws/aws-sdk-go-v2/service/efs v1.26.6
github.com/aws/aws-sdk-go-v2/service/elasticache v1.34.7
github.com/aws/aws-sdk-go-v2/service/elasticbeanstalk v1.20.6
@@ -43,7 +43,7 @@ require (
github.com/aws/aws-sdk-go-v2/service/elasticsearchservice v1.25.0
github.com/aws/aws-sdk-go-v2/service/elastictranscoder v1.19.6
github.com/aws/aws-sdk-go-v2/service/emr v1.36.1
- github.com/aws/aws-sdk-go-v2/service/eventbridge v1.26.7
+ github.com/aws/aws-sdk-go-v2/service/eventbridge v1.28.0
github.com/aws/aws-sdk-go-v2/service/firehose v1.23.2
github.com/aws/aws-sdk-go-v2/service/gamelift v1.28.1
github.com/aws/aws-sdk-go-v2/service/glacier v1.19.6
@@ -51,9 +51,9 @@ require (
github.com/aws/aws-sdk-go-v2/service/health v1.22.6
github.com/aws/aws-sdk-go-v2/service/iam v1.28.7
github.com/aws/aws-sdk-go-v2/service/inspector v1.19.6
- github.com/aws/aws-sdk-go-v2/service/iot v1.47.1
+ github.com/aws/aws-sdk-go-v2/service/iot v1.49.0
github.com/aws/aws-sdk-go-v2/service/kinesis v1.24.7
- github.com/aws/aws-sdk-go-v2/service/kms v1.27.8
+ github.com/aws/aws-sdk-go-v2/service/kms v1.27.9
github.com/aws/aws-sdk-go-v2/service/lambda v1.49.7
github.com/aws/aws-sdk-go-v2/service/lightsail v1.33.0
github.com/aws/aws-sdk-go-v2/service/marketplacecommerceanalytics v1.18.6
@@ -63,13 +63,13 @@ require (
github.com/aws/aws-sdk-go-v2/service/polly v1.36.6
github.com/aws/aws-sdk-go-v2/service/rds v1.66.2
github.com/aws/aws-sdk-go-v2/service/redshift v1.39.8
- github.com/aws/aws-sdk-go-v2/service/rekognition v1.35.6
- github.com/aws/aws-sdk-go-v2/service/route53 v1.36.1
+ github.com/aws/aws-sdk-go-v2/service/rekognition v1.36.0
+ github.com/aws/aws-sdk-go-v2/service/route53 v1.37.0
github.com/aws/aws-sdk-go-v2/service/route53domains v1.20.6
- github.com/aws/aws-sdk-go-v2/service/route53resolver v1.24.2
- github.com/aws/aws-sdk-go-v2/service/s3 v1.47.8
- github.com/aws/aws-sdk-go-v2/service/s3control v1.41.8
- github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.26.1
+ github.com/aws/aws-sdk-go-v2/service/route53resolver v1.25.0
+ github.com/aws/aws-sdk-go-v2/service/s3 v1.48.0
+ github.com/aws/aws-sdk-go-v2/service/s3control v1.42.0
+ github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.26.2
github.com/aws/aws-sdk-go-v2/service/servicecatalog v1.26.0
github.com/aws/aws-sdk-go-v2/service/ses v1.19.6
github.com/aws/aws-sdk-go-v2/service/sfn v1.24.7
@@ -85,14 +85,14 @@ require (
github.com/aws/aws-sdk-go-v2/service/waf v1.18.6
github.com/aws/aws-sdk-go-v2/service/wafregional v1.19.6
github.com/aws/aws-sdk-go-v2/service/wafv2 v1.43.6
- github.com/aws/aws-sdk-go-v2/service/workspaces v1.35.7
+ github.com/aws/aws-sdk-go-v2/service/workspaces v1.35.8
github.com/aws/smithy-go v1.19.0
github.com/google/go-cmp v0.5.8
)
require (
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.4 // indirect
- github.com/aws/aws-sdk-go-v2/credentials v1.16.14 // indirect
+ github.com/aws/aws-sdk-go-v2/credentials v1.16.15 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 // indirect
@@ -104,7 +104,7 @@ require (
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.10 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.18.6 // indirect
- github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.6 // indirect
+ github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 // indirect
github.com/jmespath/go-jmespath v0.4.0 // indirect
)
diff --git a/service/iot/CHANGELOG.md b/service/iot/CHANGELOG.md
index f1bbf059f96..a51be10f2f5 100644
--- a/service/iot/CHANGELOG.md
+++ b/service/iot/CHANGELOG.md
@@ -1,3 +1,11 @@
+# v1.49.0 (2024-01-16)
+
+* **Feature**: Revert release of LogTargetTypes
+
+# v1.48.0 (2024-01-11)
+
+* **Feature**: Add ConflictException to Update APIs of AWS IoT Software Package Catalog
+
# v1.47.1 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/iot/api_op_CreateJob.go b/service/iot/api_op_CreateJob.go
index de446e5e1e3..ab259dff777 100644
--- a/service/iot/api_op_CreateJob.go
+++ b/service/iot/api_op_CreateJob.go
@@ -50,8 +50,11 @@ type CreateJobInput struct {
Description *string
// The package version Amazon Resource Names (ARNs) that are installed on the
- // device when the job successfully completes. Note:The following Length
- // Constraints relates to a single ARN. Up to 25 package version ARNs are allowed.
+ // device when the job successfully completes. The package version must be in
+ // either the Published or Deprecated state when the job deploys. For more
+ // information, see Package version lifecycle (https://docs.aws.amazon.com/iot/latest/developerguide/preparing-to-use-software-package-catalog.html#package-version-lifecycle)
+ // . Note:The following Length Constraints relates to a single ARN. Up to 25
+ // package version ARNs are allowed.
DestinationPackageVersions []string
// The job document. Required if you don't specify a value for documentSource .
diff --git a/service/iot/api_op_CreateJobTemplate.go b/service/iot/api_op_CreateJobTemplate.go
index 6efb37e0a1d..7d5f92caea6 100644
--- a/service/iot/api_op_CreateJobTemplate.go
+++ b/service/iot/api_op_CreateJobTemplate.go
@@ -46,8 +46,11 @@ type CreateJobTemplateInput struct {
AbortConfig *types.AbortConfig
// The package version Amazon Resource Names (ARNs) that are installed on the
- // device when the job successfully completes. Note:The following Length
- // Constraints relates to a single ARN. Up to 25 package version ARNs are allowed.
+ // device when the job successfully completes. The package version must be in
+ // either the Published or Deprecated state when the job deploys. For more
+ // information, see Package version lifecycle (https://docs.aws.amazon.com/iot/latest/developerguide/preparing-to-use-software-package-catalog.html#package-version-lifecycle)
+ // . Note:The following Length Constraints relates to a single ARN. Up to 25
+ // package version ARNs are allowed.
DestinationPackageVersions []string
// The job document. Required if you don't specify a value for documentSource .
diff --git a/service/iot/api_op_CreateProvisioningTemplate.go b/service/iot/api_op_CreateProvisioningTemplate.go
index eefe6c4ef28..4292a1179c0 100644
--- a/service/iot/api_op_CreateProvisioningTemplate.go
+++ b/service/iot/api_op_CreateProvisioningTemplate.go
@@ -52,7 +52,7 @@ type CreateProvisioningTemplateInput struct {
Description *string
// True to enable the provisioning template, otherwise false.
- Enabled bool
+ Enabled *bool
// Creates a pre-provisioning hook template. Only supports template of type
// FLEET_PROVISIONING . For more information about provisioning template types, see
diff --git a/service/iot/api_op_DescribeJobTemplate.go b/service/iot/api_op_DescribeJobTemplate.go
index d4b3604097f..f5896405993 100644
--- a/service/iot/api_op_DescribeJobTemplate.go
+++ b/service/iot/api_op_DescribeJobTemplate.go
@@ -51,8 +51,11 @@ type DescribeJobTemplateOutput struct {
Description *string
// The package version Amazon Resource Names (ARNs) that are installed on the
- // device when the job successfully completes. Note:The following Length
- // Constraints relates to a single ARN. Up to 25 package version ARNs are allowed.
+ // device when the job successfully completes. The package version must be in
+ // either the Published or Deprecated state when the job deploys. For more
+ // information, see Package version lifecycle (https://docs.aws.amazon.com/iot/latest/developerguide/preparing-to-use-software-package-catalog.html#package-version-lifecycle)
+ // . Note:The following Length Constraints relates to a single ARN. Up to 25
+ // package version ARNs are allowed.
DestinationPackageVersions []string
// The job document.
diff --git a/service/iot/api_op_DescribeProvisioningTemplate.go b/service/iot/api_op_DescribeProvisioningTemplate.go
index 898d133dcd0..44eb1684f74 100644
--- a/service/iot/api_op_DescribeProvisioningTemplate.go
+++ b/service/iot/api_op_DescribeProvisioningTemplate.go
@@ -53,7 +53,7 @@ type DescribeProvisioningTemplateOutput struct {
Description *string
// True if the provisioning template is enabled, otherwise false.
- Enabled bool
+ Enabled *bool
// The date when the provisioning template was last modified.
LastModifiedDate *time.Time
diff --git a/service/iot/api_op_UpdateProvisioningTemplate.go b/service/iot/api_op_UpdateProvisioningTemplate.go
index 0887cbaf9b1..f4eede1e4b5 100644
--- a/service/iot/api_op_UpdateProvisioningTemplate.go
+++ b/service/iot/api_op_UpdateProvisioningTemplate.go
@@ -44,7 +44,7 @@ type UpdateProvisioningTemplateInput struct {
Description *string
// True to enable the provisioning template, otherwise false.
- Enabled bool
+ Enabled *bool
// Updates the pre-provisioning hook template. Only supports template of type
// FLEET_PROVISIONING . For more information about provisioning template types, see
diff --git a/service/iot/deserializers.go b/service/iot/deserializers.go
index 16669b151db..80a24d38072 100644
--- a/service/iot/deserializers.go
+++ b/service/iot/deserializers.go
@@ -15587,9 +15587,9 @@ func awsRestjson1_deserializeOpDocumentDescribeProvisioningTemplateOutput(v **De
if value != nil {
jtv, ok := value.(bool)
if !ok {
- return fmt.Errorf("expected Enabled to be of type *bool, got %T instead", value)
+ return fmt.Errorf("expected Enabled2 to be of type *bool, got %T instead", value)
}
- sv.Enabled = jtv
+ sv.Enabled = ptr.Bool(jtv)
}
case "lastModifiedDate":
@@ -37341,6 +37341,9 @@ func awsRestjson1_deserializeOpErrorUpdatePackage(response *smithyhttp.Response,
}
switch {
+ case strings.EqualFold("ConflictException", errorCode):
+ return awsRestjson1_deserializeErrorConflictException(response, errorBody)
+
case strings.EqualFold("InternalServerException", errorCode):
return awsRestjson1_deserializeErrorInternalServerException(response, errorBody)
@@ -37433,6 +37436,9 @@ func awsRestjson1_deserializeOpErrorUpdatePackageConfiguration(response *smithyh
}
switch {
+ case strings.EqualFold("ConflictException", errorCode):
+ return awsRestjson1_deserializeErrorConflictException(response, errorBody)
+
case strings.EqualFold("InternalServerException", errorCode):
return awsRestjson1_deserializeErrorInternalServerException(response, errorBody)
@@ -37522,6 +37528,9 @@ func awsRestjson1_deserializeOpErrorUpdatePackageVersion(response *smithyhttp.Re
}
switch {
+ case strings.EqualFold("ConflictException", errorCode):
+ return awsRestjson1_deserializeErrorConflictException(response, errorBody)
+
case strings.EqualFold("InternalServerException", errorCode):
return awsRestjson1_deserializeErrorInternalServerException(response, errorBody)
@@ -52813,9 +52822,9 @@ func awsRestjson1_deserializeDocumentProvisioningTemplateSummary(v **types.Provi
if value != nil {
jtv, ok := value.(bool)
if !ok {
- return fmt.Errorf("expected Enabled to be of type *bool, got %T instead", value)
+ return fmt.Errorf("expected Enabled2 to be of type *bool, got %T instead", value)
}
- sv.Enabled = jtv
+ sv.Enabled = ptr.Bool(jtv)
}
case "lastModifiedDate":
@@ -56944,7 +56953,7 @@ func awsRestjson1_deserializeDocumentThingConnectivity(v **types.ThingConnectivi
if !ok {
return fmt.Errorf("expected Boolean to be of type *bool, got %T instead", value)
}
- sv.Connected = jtv
+ sv.Connected = ptr.Bool(jtv)
}
case "disconnectReason":
@@ -57720,7 +57729,7 @@ func awsRestjson1_deserializeDocumentThingTypeMetadata(v **types.ThingTypeMetada
if value != nil {
jtv, ok := value.(bool)
if !ok {
- return fmt.Errorf("expected Boolean to be of type *bool, got %T instead", value)
+ return fmt.Errorf("expected Boolean2 to be of type *bool, got %T instead", value)
}
sv.Deprecated = jtv
}
diff --git a/service/iot/go_module_metadata.go b/service/iot/go_module_metadata.go
index 78a6841c62c..39e0d456ebd 100644
--- a/service/iot/go_module_metadata.go
+++ b/service/iot/go_module_metadata.go
@@ -3,4 +3,4 @@
package iot
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.47.1"
+const goModuleVersion = "1.49.0"
diff --git a/service/iot/serializers.go b/service/iot/serializers.go
index ac39fc648e3..85106a094ca 100644
--- a/service/iot/serializers.go
+++ b/service/iot/serializers.go
@@ -3544,9 +3544,9 @@ func awsRestjson1_serializeOpDocumentCreateProvisioningTemplateInput(v *CreatePr
ok.String(*v.Description)
}
- if v.Enabled {
+ if v.Enabled != nil {
ok := object.Key("enabled")
- ok.Boolean(v.Enabled)
+ ok.Boolean(*v.Enabled)
}
if v.PreProvisioningHook != nil {
@@ -19543,9 +19543,9 @@ func awsRestjson1_serializeOpDocumentUpdateProvisioningTemplateInput(v *UpdatePr
ok.String(*v.Description)
}
- if v.Enabled {
+ if v.Enabled != nil {
ok := object.Key("enabled")
- ok.Boolean(v.Enabled)
+ ok.Boolean(*v.Enabled)
}
if v.PreProvisioningHook != nil {
diff --git a/service/iot/types/enums.go b/service/iot/types/enums.go
index ced46a38a5a..6b99df94409 100644
--- a/service/iot/types/enums.go
+++ b/service/iot/types/enums.go
@@ -1056,13 +1056,11 @@ type LogTargetType string
// Enum values for LogTargetType
const (
- LogTargetTypeDefault LogTargetType = "DEFAULT"
- LogTargetTypeThingGroup LogTargetType = "THING_GROUP"
- LogTargetTypeClientId LogTargetType = "CLIENT_ID"
- LogTargetTypeSourceIp LogTargetType = "SOURCE_IP"
- LogTargetTypePrincipalId LogTargetType = "PRINCIPAL_ID"
- LogTargetTypeEventType LogTargetType = "EVENT_TYPE"
- LogTargetTypeDeviceDefender LogTargetType = "DEVICE_DEFENDER"
+ LogTargetTypeDefault LogTargetType = "DEFAULT"
+ LogTargetTypeThingGroup LogTargetType = "THING_GROUP"
+ LogTargetTypeClientId LogTargetType = "CLIENT_ID"
+ LogTargetTypeSourceIp LogTargetType = "SOURCE_IP"
+ LogTargetTypePrincipalId LogTargetType = "PRINCIPAL_ID"
)
// Values returns all known values for LogTargetType. Note that this can be
@@ -1075,8 +1073,6 @@ func (LogTargetType) Values() []LogTargetType {
"CLIENT_ID",
"SOURCE_IP",
"PRINCIPAL_ID",
- "EVENT_TYPE",
- "DEVICE_DEFENDER",
}
}
diff --git a/service/iot/types/types.go b/service/iot/types/types.go
index 3bc7c8af000..2846e699429 100644
--- a/service/iot/types/types.go
+++ b/service/iot/types/types.go
@@ -1942,8 +1942,13 @@ type Job struct {
Description *string
// The package version Amazon Resource Names (ARNs) that are installed on the
- // device when the job successfully completes. Note:The following Length
- // Constraints relates to a single ARN. Up to 25 package version ARNs are allowed.
+ // device when the job successfully completes. The package version must be in
+ // either the Published or Deprecated state when the job deploys. For more
+ // information, see Package version lifecycle (https://docs.aws.amazon.com/iot/latest/developerguide/preparing-to-use-software-package-catalog.html#package-version-lifecycle)
+ // .The package version must be in either the Published or Deprecated state when
+ // the job deploys. For more information, see Package version lifecycle (https://docs.aws.amazon.com/iot/latest/developerguide/preparing-to-use-software-package-catalog.html#package-version-lifecycle)
+ // . Note:The following Length Constraints relates to a single ARN. Up to 25
+ // package version ARNs are allowed.
DestinationPackageVersions []string
// A key-value map that pairs the patterns that need to be replaced in a managed
@@ -3037,7 +3042,7 @@ type ProvisioningTemplateSummary struct {
Description *string
// True if the fleet provision template is enabled, otherwise false.
- Enabled bool
+ Enabled *bool
// The date when the provisioning template summary was last modified.
LastModifiedDate *time.Time
@@ -3834,7 +3839,7 @@ type ThingConnectivity struct {
// True if the thing is connected to the Amazon Web Services IoT Core service;
// false if it is not connected.
- Connected bool
+ Connected *bool
// The reason why the client is disconnected. If the thing has been disconnected
// for approximately an hour, the disconnectReason value might be missing.
diff --git a/service/iotfleetwise/CHANGELOG.md b/service/iotfleetwise/CHANGELOG.md
index bcdd6ef2d71..78c25c94fd4 100644
--- a/service/iotfleetwise/CHANGELOG.md
+++ b/service/iotfleetwise/CHANGELOG.md
@@ -1,3 +1,11 @@
+# v1.12.0 (2024-01-16)
+
+* **Feature**: Updated APIs: SignalNodeType query parameter has been added to ListSignalCatalogNodesRequest and ListVehiclesResponse has been extended with attributes field.
+
+# v1.11.0 (2024-01-11)
+
+* **Feature**: The following dataTypes have been removed: CUSTOMER_DECODED_INTERFACE in NetworkInterfaceType; CUSTOMER_DECODED_SIGNAL_INFO_IS_NULL in SignalDecoderFailureReason; CUSTOMER_DECODED_SIGNAL_NETWORK_INTERFACE_INFO_IS_NULL in NetworkInterfaceFailureReason; CUSTOMER_DECODED_SIGNAL in SignalDecoderType
+
# v1.10.6 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/iotfleetwise/api_op_ListSignalCatalogNodes.go b/service/iotfleetwise/api_op_ListSignalCatalogNodes.go
index 8a53e9ba666..1ba790168ac 100644
--- a/service/iotfleetwise/api_op_ListSignalCatalogNodes.go
+++ b/service/iotfleetwise/api_op_ListSignalCatalogNodes.go
@@ -47,6 +47,9 @@ type ListSignalCatalogNodesInput struct {
// returned, the response does not contain a pagination token value.
NextToken *string
+ // The type of node in the signal catalog.
+ SignalNodeType types.SignalNodeType
+
noSmithyDocumentSerde
}
diff --git a/service/iotfleetwise/deserializers.go b/service/iotfleetwise/deserializers.go
index 5d7c71cdc46..ca6d631106c 100644
--- a/service/iotfleetwise/deserializers.go
+++ b/service/iotfleetwise/deserializers.go
@@ -12130,6 +12130,11 @@ func awsAwsjson10_deserializeDocumentVehicleSummary(v **types.VehicleSummary, va
sv.Arn = ptr.String(jtv)
}
+ case "attributes":
+ if err := awsAwsjson10_deserializeDocumentAttributesMap(&sv.Attributes, value); err != nil {
+ return err
+ }
+
case "creationTime":
if value != nil {
switch jtv := value.(type) {
diff --git a/service/iotfleetwise/go_module_metadata.go b/service/iotfleetwise/go_module_metadata.go
index 1ec2505e123..2b33953c89c 100644
--- a/service/iotfleetwise/go_module_metadata.go
+++ b/service/iotfleetwise/go_module_metadata.go
@@ -3,4 +3,4 @@
package iotfleetwise
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.10.6"
+const goModuleVersion = "1.12.0"
diff --git a/service/iotfleetwise/serializers.go b/service/iotfleetwise/serializers.go
index 64a4e797ffe..af79f349b45 100644
--- a/service/iotfleetwise/serializers.go
+++ b/service/iotfleetwise/serializers.go
@@ -5124,6 +5124,11 @@ func awsAwsjson10_serializeOpDocumentListSignalCatalogNodesInput(v *ListSignalCa
ok.String(*v.NextToken)
}
+ if len(v.SignalNodeType) > 0 {
+ ok := object.Key("signalNodeType")
+ ok.String(string(v.SignalNodeType))
+ }
+
return nil
}
diff --git a/service/iotfleetwise/types/enums.go b/service/iotfleetwise/types/enums.go
index 18b8341c87f..11266739922 100644
--- a/service/iotfleetwise/types/enums.go
+++ b/service/iotfleetwise/types/enums.go
@@ -160,14 +160,13 @@ type NetworkInterfaceFailureReason string
// Enum values for NetworkInterfaceFailureReason
const (
- NetworkInterfaceFailureReasonDuplicateInterface NetworkInterfaceFailureReason = "DUPLICATE_NETWORK_INTERFACE"
- NetworkInterfaceFailureReasonConflictingNetworkInterface NetworkInterfaceFailureReason = "CONFLICTING_NETWORK_INTERFACE"
- NetworkInterfaceFailureReasonNetworkInterfaceToAddAlreadyExists NetworkInterfaceFailureReason = "NETWORK_INTERFACE_TO_ADD_ALREADY_EXISTS"
- NetworkInterfaceFailureReasonCanNetworkInterfaceInfoIsNull NetworkInterfaceFailureReason = "CAN_NETWORK_INTERFACE_INFO_IS_NULL"
- NetworkInterfaceFailureReasonObdNetworkInterfaceInfoIsNull NetworkInterfaceFailureReason = "OBD_NETWORK_INTERFACE_INFO_IS_NULL"
- NetworkInterfaceFailureReasonNetworkInterfaceToRemoveAssociatedWithSignals NetworkInterfaceFailureReason = "NETWORK_INTERFACE_TO_REMOVE_ASSOCIATED_WITH_SIGNALS"
- NetworkInterfaceFailureReasonVehicleMiddlewareNetworkInterfaceInfoIsNull NetworkInterfaceFailureReason = "VEHICLE_MIDDLEWARE_NETWORK_INTERFACE_INFO_IS_NULL"
- NetworkInterfaceFailureReasonCustomerDecodedSignalNetworkInterfaceInfoIsNull NetworkInterfaceFailureReason = "CUSTOMER_DECODED_SIGNAL_NETWORK_INTERFACE_INFO_IS_NULL"
+ NetworkInterfaceFailureReasonDuplicateInterface NetworkInterfaceFailureReason = "DUPLICATE_NETWORK_INTERFACE"
+ NetworkInterfaceFailureReasonConflictingNetworkInterface NetworkInterfaceFailureReason = "CONFLICTING_NETWORK_INTERFACE"
+ NetworkInterfaceFailureReasonNetworkInterfaceToAddAlreadyExists NetworkInterfaceFailureReason = "NETWORK_INTERFACE_TO_ADD_ALREADY_EXISTS"
+ NetworkInterfaceFailureReasonCanNetworkInterfaceInfoIsNull NetworkInterfaceFailureReason = "CAN_NETWORK_INTERFACE_INFO_IS_NULL"
+ NetworkInterfaceFailureReasonObdNetworkInterfaceInfoIsNull NetworkInterfaceFailureReason = "OBD_NETWORK_INTERFACE_INFO_IS_NULL"
+ NetworkInterfaceFailureReasonNetworkInterfaceToRemoveAssociatedWithSignals NetworkInterfaceFailureReason = "NETWORK_INTERFACE_TO_REMOVE_ASSOCIATED_WITH_SIGNALS"
+ NetworkInterfaceFailureReasonVehicleMiddlewareNetworkInterfaceInfoIsNull NetworkInterfaceFailureReason = "VEHICLE_MIDDLEWARE_NETWORK_INTERFACE_INFO_IS_NULL"
)
// Values returns all known values for NetworkInterfaceFailureReason. Note that
@@ -183,7 +182,6 @@ func (NetworkInterfaceFailureReason) Values() []NetworkInterfaceFailureReason {
"OBD_NETWORK_INTERFACE_INFO_IS_NULL",
"NETWORK_INTERFACE_TO_REMOVE_ASSOCIATED_WITH_SIGNALS",
"VEHICLE_MIDDLEWARE_NETWORK_INTERFACE_INFO_IS_NULL",
- "CUSTOMER_DECODED_SIGNAL_NETWORK_INTERFACE_INFO_IS_NULL",
}
}
@@ -191,10 +189,9 @@ type NetworkInterfaceType string
// Enum values for NetworkInterfaceType
const (
- NetworkInterfaceTypeCanInterface NetworkInterfaceType = "CAN_INTERFACE"
- NetworkInterfaceTypeObdInterface NetworkInterfaceType = "OBD_INTERFACE"
- NetworkInterfaceTypeVehicleMiddleware NetworkInterfaceType = "VEHICLE_MIDDLEWARE"
- NetworkInterfaceTypeCustomerDecodedInterface NetworkInterfaceType = "CUSTOMER_DECODED_INTERFACE"
+ NetworkInterfaceTypeCanInterface NetworkInterfaceType = "CAN_INTERFACE"
+ NetworkInterfaceTypeObdInterface NetworkInterfaceType = "OBD_INTERFACE"
+ NetworkInterfaceTypeVehicleMiddleware NetworkInterfaceType = "VEHICLE_MIDDLEWARE"
)
// Values returns all known values for NetworkInterfaceType. Note that this can be
@@ -205,7 +202,6 @@ func (NetworkInterfaceType) Values() []NetworkInterfaceType {
"CAN_INTERFACE",
"OBD_INTERFACE",
"VEHICLE_MIDDLEWARE",
- "CUSTOMER_DECODED_INTERFACE",
}
}
@@ -382,7 +378,6 @@ const (
SignalDecoderFailureReasonNoSignalInCatalogForDecoderSignal SignalDecoderFailureReason = "NO_SIGNAL_IN_CATALOG_FOR_DECODER_SIGNAL"
SignalDecoderFailureReasonSignalDecoderIncompatibleWithSignalCatalog SignalDecoderFailureReason = "SIGNAL_DECODER_INCOMPATIBLE_WITH_SIGNAL_CATALOG"
SignalDecoderFailureReasonEmptyMessageSignal SignalDecoderFailureReason = "EMPTY_MESSAGE_SIGNAL"
- SignalDecoderFailureReasonCustomerDecodedSignalInfoIsNull SignalDecoderFailureReason = "CUSTOMER_DECODED_SIGNAL_INFO_IS_NULL"
)
// Values returns all known values for SignalDecoderFailureReason. Note that this
@@ -405,7 +400,6 @@ func (SignalDecoderFailureReason) Values() []SignalDecoderFailureReason {
"NO_SIGNAL_IN_CATALOG_FOR_DECODER_SIGNAL",
"SIGNAL_DECODER_INCOMPATIBLE_WITH_SIGNAL_CATALOG",
"EMPTY_MESSAGE_SIGNAL",
- "CUSTOMER_DECODED_SIGNAL_INFO_IS_NULL",
}
}
@@ -413,10 +407,9 @@ type SignalDecoderType string
// Enum values for SignalDecoderType
const (
- SignalDecoderTypeCanSignal SignalDecoderType = "CAN_SIGNAL"
- SignalDecoderTypeObdSignal SignalDecoderType = "OBD_SIGNAL"
- SignalDecoderTypeMessageSignal SignalDecoderType = "MESSAGE_SIGNAL"
- SignalDecoderTypeCustomerDecodedSignal SignalDecoderType = "CUSTOMER_DECODED_SIGNAL"
+ SignalDecoderTypeCanSignal SignalDecoderType = "CAN_SIGNAL"
+ SignalDecoderTypeObdSignal SignalDecoderType = "OBD_SIGNAL"
+ SignalDecoderTypeMessageSignal SignalDecoderType = "MESSAGE_SIGNAL"
)
// Values returns all known values for SignalDecoderType. Note that this can be
@@ -427,7 +420,32 @@ func (SignalDecoderType) Values() []SignalDecoderType {
"CAN_SIGNAL",
"OBD_SIGNAL",
"MESSAGE_SIGNAL",
- "CUSTOMER_DECODED_SIGNAL",
+ }
+}
+
+type SignalNodeType string
+
+// Enum values for SignalNodeType
+const (
+ SignalNodeTypeSensor SignalNodeType = "SENSOR"
+ SignalNodeTypeActuator SignalNodeType = "ACTUATOR"
+ SignalNodeTypeAttribute SignalNodeType = "ATTRIBUTE"
+ SignalNodeTypeBranch SignalNodeType = "BRANCH"
+ SignalNodeTypeCustomStruct SignalNodeType = "CUSTOM_STRUCT"
+ SignalNodeTypeCustomProperty SignalNodeType = "CUSTOM_PROPERTY"
+)
+
+// Values returns all known values for SignalNodeType. Note that this can be
+// expanded in the future, and so it is only as up to date as the client. The
+// ordering of this slice is not guaranteed to be stable across updates.
+func (SignalNodeType) Values() []SignalNodeType {
+ return []SignalNodeType{
+ "SENSOR",
+ "ACTUATOR",
+ "ATTRIBUTE",
+ "BRANCH",
+ "CUSTOM_STRUCT",
+ "CUSTOM_PROPERTY",
}
}
diff --git a/service/iotfleetwise/types/types.go b/service/iotfleetwise/types/types.go
index 40367835807..69017e0665b 100644
--- a/service/iotfleetwise/types/types.go
+++ b/service/iotfleetwise/types/types.go
@@ -307,7 +307,7 @@ func (*CollectionSchemeMemberTimeBasedCollectionScheme) isCollectionScheme() {}
type ConditionBasedCollectionScheme struct {
// The logical expression used to recognize what data to collect. For example,
- // $variable.Vehicle.OutsideAirTemperature >= 105.0 .
+ // $variable.`Vehicle.OutsideAirTemperature` >= 105.0 .
//
// This member is required.
Expression *string
@@ -1476,6 +1476,10 @@ type VehicleSummary struct {
// This member is required.
VehicleName *string
+ // Static information about a vehicle in a key-value pair. For example:
+ // "engineType" : "1.3 L R2"
+ Attributes map[string]string
+
noSmithyDocumentSerde
}
diff --git a/service/iottwinmaker/CHANGELOG.md b/service/iottwinmaker/CHANGELOG.md
index 32aad86bc21..4a643f128c5 100644
--- a/service/iottwinmaker/CHANGELOG.md
+++ b/service/iottwinmaker/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.17.7 (2024-01-12)
+
+* No change notes available for this release.
+
# v1.17.6 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/iottwinmaker/go_module_metadata.go b/service/iottwinmaker/go_module_metadata.go
index 4be7cf6b02e..194331254d0 100644
--- a/service/iottwinmaker/go_module_metadata.go
+++ b/service/iottwinmaker/go_module_metadata.go
@@ -3,4 +3,4 @@
package iottwinmaker
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.17.6"
+const goModuleVersion = "1.17.7"
diff --git a/service/iottwinmaker/internal/endpoints/endpoints.go b/service/iottwinmaker/internal/endpoints/endpoints.go
index c2d15ae2022..aed4ffd8967 100644
--- a/service/iottwinmaker/internal/endpoints/endpoints.go
+++ b/service/iottwinmaker/internal/endpoints/endpoints.go
@@ -408,6 +408,27 @@ var defaultPartitions = endpoints.Partitions{
},
RegionRegex: partitionRegexp.AwsCn,
IsRegionalized: true,
+ Endpoints: endpoints.Endpoints{
+ endpoints.EndpointKey{
+ Region: "api-cn-north-1",
+ }: endpoints.Endpoint{
+ Hostname: "api.iottwinmaker.cn-north-1.amazonaws.com.cn",
+ CredentialScope: endpoints.CredentialScope{
+ Region: "cn-north-1",
+ },
+ },
+ endpoints.EndpointKey{
+ Region: "cn-north-1",
+ }: endpoints.Endpoint{},
+ endpoints.EndpointKey{
+ Region: "data-cn-north-1",
+ }: endpoints.Endpoint{
+ Hostname: "data.iottwinmaker.cn-north-1.amazonaws.com.cn",
+ CredentialScope: endpoints.CredentialScope{
+ Region: "cn-north-1",
+ },
+ },
+ },
},
{
ID: "aws-iso",
diff --git a/service/kinesis/internal/testing/go.mod b/service/kinesis/internal/testing/go.mod
index 45e2bae658b..1e09c8fb48e 100644
--- a/service/kinesis/internal/testing/go.mod
+++ b/service/kinesis/internal/testing/go.mod
@@ -5,14 +5,14 @@ go 1.19
require (
github.com/aws/aws-sdk-go-v2 v1.24.1
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.4
- github.com/aws/aws-sdk-go-v2/service/internal/eventstreamtesting v1.2.17
+ github.com/aws/aws-sdk-go-v2/service/internal/eventstreamtesting v1.2.18
github.com/aws/aws-sdk-go-v2/service/kinesis v1.24.7
github.com/aws/smithy-go v1.19.0
github.com/google/go-cmp v0.5.8
)
require (
- github.com/aws/aws-sdk-go-v2/credentials v1.16.14 // indirect
+ github.com/aws/aws-sdk-go-v2/credentials v1.16.15 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 // indirect
github.com/jmespath/go-jmespath v0.4.0 // indirect
diff --git a/service/kms/CHANGELOG.md b/service/kms/CHANGELOG.md
index 71dbb7972cb..c009fa7e4cc 100644
--- a/service/kms/CHANGELOG.md
+++ b/service/kms/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.27.9 (2024-01-05)
+
+* **Documentation**: Documentation updates for AWS Key Management Service (KMS).
+
# v1.27.8 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/kms/api_op_CreateCustomKeyStore.go b/service/kms/api_op_CreateCustomKeyStore.go
index 1fdda176dde..d41424e619f 100644
--- a/service/kms/api_op_CreateCustomKeyStore.go
+++ b/service/kms/api_op_CreateCustomKeyStore.go
@@ -181,7 +181,7 @@ type CreateCustomKeyStoreInput struct {
// in the Amazon Web Services account and Region.
// - An external key store with PUBLIC_ENDPOINT connectivity cannot use the same
// XksProxyUriEndpoint value as an external key store with VPC_ENDPOINT_SERVICE
- // connectivity in the same Amazon Web Services Region.
+ // connectivity in this Amazon Web Services Region.
// - Each external key store with VPC_ENDPOINT_SERVICE connectivity must have its
// own private DNS name. The XksProxyUriEndpoint value for external key stores
// with VPC_ENDPOINT_SERVICE connectivity (private DNS name) must be unique in
diff --git a/service/kms/go_module_metadata.go b/service/kms/go_module_metadata.go
index 4a54d05f03b..3da21cbffd1 100644
--- a/service/kms/go_module_metadata.go
+++ b/service/kms/go_module_metadata.go
@@ -3,4 +3,4 @@
package kms
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.27.8"
+const goModuleVersion = "1.27.9"
diff --git a/service/kms/types/errors.go b/service/kms/types/errors.go
index 0bc4b4318e9..3421fe7cb64 100644
--- a/service/kms/types/errors.go
+++ b/service/kms/types/errors.go
@@ -1041,9 +1041,9 @@ func (e *UnsupportedOperationException) ErrorCode() string {
}
func (e *UnsupportedOperationException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient }
-// The request was rejected because the ( XksKeyId ) is already associated with a
-// KMS key in this external key store. Each KMS key in an external key store must
-// be associated with a different external key.
+// The request was rejected because the ( XksKeyId ) is already associated with
+// another KMS key in this external key store. Each KMS key in an external key
+// store must be associated with a different external key.
type XksKeyAlreadyInUseException struct {
Message *string
@@ -1164,9 +1164,9 @@ func (e *XksProxyIncorrectAuthenticationCredentialException) ErrorFault() smithy
return smithy.FaultClient
}
-// The request was rejected because the Amazon VPC endpoint service configuration
-// does not fulfill the requirements for an external key store proxy. For details,
-// see the exception message.
+// The request was rejected because the external key store proxy is not configured
+// correctly. To identify the cause, see the error message that accompanies the
+// exception.
type XksProxyInvalidConfigurationException struct {
Message *string
@@ -1223,10 +1223,9 @@ func (e *XksProxyInvalidResponseException) ErrorCode() string {
}
func (e *XksProxyInvalidResponseException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient }
-// The request was rejected because the concatenation of the XksProxyUriEndpoint
-// is already associated with an external key store in the Amazon Web Services
-// account and Region. Each external key store in an account and Region must use a
-// unique external key store proxy address.
+// The request was rejected because the XksProxyUriEndpoint is already associated
+// with another external key store in this Amazon Web Services Region. To identify
+// the cause, see the error message that accompanies the exception.
type XksProxyUriEndpointInUseException struct {
Message *string
@@ -1253,9 +1252,9 @@ func (e *XksProxyUriEndpointInUseException) ErrorCode() string {
func (e *XksProxyUriEndpointInUseException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient }
// The request was rejected because the concatenation of the XksProxyUriEndpoint
-// and XksProxyUriPath is already associated with an external key store in the
-// Amazon Web Services account and Region. Each external key store in an account
-// and Region must use a unique external key store proxy API address.
+// and XksProxyUriPath is already associated with another external key store in
+// this Amazon Web Services Region. Each external key store in a Region must use a
+// unique external key store proxy API address.
type XksProxyUriInUseException struct {
Message *string
@@ -1312,9 +1311,9 @@ func (e *XksProxyUriUnreachableException) ErrorCode() string {
func (e *XksProxyUriUnreachableException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient }
// The request was rejected because the specified Amazon VPC endpoint service is
-// already associated with an external key store in the Amazon Web Services account
-// and Region. Each external key store in an Amazon Web Services account and Region
-// must use a different Amazon VPC endpoint service.
+// already associated with another external key store in this Amazon Web Services
+// Region. Each external key store in a Region must use a different Amazon VPC
+// endpoint service.
type XksProxyVpcEndpointServiceInUseException struct {
Message *string
@@ -1343,8 +1342,9 @@ func (e *XksProxyVpcEndpointServiceInUseException) ErrorFault() smithy.ErrorFaul
}
// The request was rejected because the Amazon VPC endpoint service configuration
-// does not fulfill the requirements for an external key store proxy. For details,
-// see the exception message and review the requirements (https://docs.aws.amazon.com/kms/latest/developerguide/vpc-connectivity.html#xks-vpc-requirements)
+// does not fulfill the requirements for an external key store. To identify the
+// cause, see the error message that accompanies the exception and review the
+// requirements (https://docs.aws.amazon.com/kms/latest/developerguide/vpc-connectivity.html#xks-vpc-requirements)
// for Amazon VPC endpoint service connectivity for an external key store.
type XksProxyVpcEndpointServiceInvalidConfigurationException struct {
Message *string
diff --git a/service/location/CHANGELOG.md b/service/location/CHANGELOG.md
index 64b9a491bf2..c5f762b9087 100644
--- a/service/location/CHANGELOG.md
+++ b/service/location/CHANGELOG.md
@@ -1,3 +1,11 @@
+# v1.35.1 (2024-01-12)
+
+* **Documentation**: Location SDK documentation update. Added missing fonts to the MapConfiguration data type. Updated note for the SubMunicipality property in the place data type.
+
+# v1.35.0 (2024-01-10)
+
+* **Feature**: This release adds API support for custom layers for the maps service APIs: CreateMap, UpdateMap, DescribeMap.
+
# v1.34.1 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/location/api_op_GetMapGlyphs.go b/service/location/api_op_GetMapGlyphs.go
index b08ed78e529..d64ade374c4 100644
--- a/service/location/api_op_GetMapGlyphs.go
+++ b/service/location/api_op_GetMapGlyphs.go
@@ -39,7 +39,8 @@ type GetMapGlyphsInput struct {
// - VectorEsriTopographic – Noto Sans Italic | Noto Sans Regular | Noto Sans
// Bold | Noto Serif Regular | Roboto Condensed Light Italic
// - VectorEsriStreets – Arial Regular | Arial Italic | Arial Bold
- // - VectorEsriNavigation – Arial Regular | Arial Italic | Arial Bold
+ // - VectorEsriNavigation – Arial Regular | Arial Italic | Arial Bold | Arial
+ // Unicode MS Bold | Arial Unicode MS Regular
// Valid font stacks for HERE Technologies (https://docs.aws.amazon.com/location/latest/developerguide/HERE.html)
// styles:
// - VectorHereContrast – Fira GO Regular | Fira GO Bold
diff --git a/service/location/api_op_GetPlace.go b/service/location/api_op_GetPlace.go
index 7c761d973ce..f1c52f400b4 100644
--- a/service/location/api_op_GetPlace.go
+++ b/service/location/api_op_GetPlace.go
@@ -40,7 +40,29 @@ type GetPlaceInput struct {
// This member is required.
IndexName *string
- // The identifier of the place to find.
+ // The identifier of the place to find. While you can use PlaceID in subsequent
+ // requests, PlaceID is not intended to be a permanent identifier and the ID can
+ // change between consecutive API calls. Please see the following PlaceID behaviour
+ // for each data provider:
+ // - Esri: Place IDs will change every quarter at a minimum. The typical time
+ // period for these changes would be March, June, September, and December. Place
+ // IDs might also change between the typical quarterly change but that will be much
+ // less frequent.
+ // - HERE: We recommend that you cache data for no longer than a week to keep
+ // your data data fresh. You can assume that less than 1% ID shifts will release
+ // over release which is approximately 1 - 2 times per week.
+ // - Grab: Place IDs can expire or become invalid in the following situations.
+ // - Data operations: The POI may be removed from Grab POI database by Grab Map
+ // Ops based on the ground-truth, such as being closed in the real world, being
+ // detected as a duplicate POI, or having incorrect information. Grab will
+ // synchronize data to the Waypoint environment on weekly basis.
+ // - Interpolated POI: Interpolated POI is a temporary POI generated in real
+ // time when serving a request, and it will be marked as derived in the
+ // place.result_type field in the response. The information of interpolated POIs
+ // will be retained for at least 30 days, which means that within 30 days, you are
+ // able to obtain POI details by Place ID from Place Details API. After 30 days,
+ // the interpolated POIs(both Place ID and details) may expire and inaccessible
+ // from the Places Details API.
//
// This member is required.
PlaceId *string
diff --git a/service/location/deserializers.go b/service/location/deserializers.go
index e7387f7bbbc..30f0ab142bc 100644
--- a/service/location/deserializers.go
+++ b/service/location/deserializers.go
@@ -11094,6 +11094,42 @@ func awsRestjson1_deserializeDocumentCountryCodeList(v *[]string, value interfac
return nil
}
+func awsRestjson1_deserializeDocumentCustomLayerList(v *[]string, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.([]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var cv []string
+ if *v == nil {
+ cv = []string{}
+ } else {
+ cv = *v
+ }
+
+ for _, value := range shape {
+ var col string
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected CustomLayer to be of type string, got %T instead", value)
+ }
+ col = jtv
+ }
+ cv = append(cv, col)
+
+ }
+ *v = cv
+ return nil
+}
+
func awsRestjson1_deserializeDocumentDataSourceConfiguration(v **types.DataSourceConfiguration, value interface{}) error {
if v == nil {
return fmt.Errorf("unexpected nil of type %T", v)
@@ -12692,6 +12728,11 @@ func awsRestjson1_deserializeDocumentMapConfiguration(v **types.MapConfiguration
for key, value := range shape {
switch key {
+ case "CustomLayers":
+ if err := awsRestjson1_deserializeDocumentCustomLayerList(&sv.CustomLayers, value); err != nil {
+ return err
+ }
+
case "PoliticalView":
if value != nil {
jtv, ok := value.(string)
diff --git a/service/location/go_module_metadata.go b/service/location/go_module_metadata.go
index d10748d7617..9fea24faa8c 100644
--- a/service/location/go_module_metadata.go
+++ b/service/location/go_module_metadata.go
@@ -3,4 +3,4 @@
package location
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.34.1"
+const goModuleVersion = "1.35.1"
diff --git a/service/location/serializers.go b/service/location/serializers.go
index bd6235a68e1..253245c01f7 100644
--- a/service/location/serializers.go
+++ b/service/location/serializers.go
@@ -5377,6 +5377,17 @@ func awsRestjson1_serializeDocumentCountryCodeList(v []string, value smithyjson.
return nil
}
+func awsRestjson1_serializeDocumentCustomLayerList(v []string, value smithyjson.Value) error {
+ array := value.Array()
+ defer array.Close()
+
+ for i := range v {
+ av := array.Value()
+ av.String(v[i])
+ }
+ return nil
+}
+
func awsRestjson1_serializeDocumentDataSourceConfiguration(v *types.DataSourceConfiguration, value smithyjson.Value) error {
object := value.Object()
defer object.Close()
@@ -5541,6 +5552,13 @@ func awsRestjson1_serializeDocumentMapConfiguration(v *types.MapConfiguration, v
object := value.Object()
defer object.Close()
+ if v.CustomLayers != nil {
+ ok := object.Key("CustomLayers")
+ if err := awsRestjson1_serializeDocumentCustomLayerList(v.CustomLayers, ok); err != nil {
+ return err
+ }
+ }
+
if v.PoliticalView != nil {
ok := object.Key("PoliticalView")
ok.String(*v.PoliticalView)
@@ -5558,6 +5576,13 @@ func awsRestjson1_serializeDocumentMapConfigurationUpdate(v *types.MapConfigurat
object := value.Object()
defer object.Close()
+ if v.CustomLayers != nil {
+ ok := object.Key("CustomLayers")
+ if err := awsRestjson1_serializeDocumentCustomLayerList(v.CustomLayers, ok); err != nil {
+ return err
+ }
+ }
+
if v.PoliticalView != nil {
ok := object.Key("PoliticalView")
ok.String(*v.PoliticalView)
diff --git a/service/location/types/types.go b/service/location/types/types.go
index ef3b138d9b4..02b7bab8f77 100644
--- a/service/location/types/types.go
+++ b/service/location/types/types.go
@@ -905,9 +905,12 @@ type MapConfiguration struct {
// Specifies the map style selected from an available data provider. Valid Esri
// map styles (https://docs.aws.amazon.com/location/latest/developerguide/esri.html)
// :
- // - VectorEsriDarkGrayCanvas – The Esri Dark Gray Canvas map style. A vector
- // basemap with a dark gray, neutral background with minimal colors, labels, and
- // features that's designed to draw attention to your thematic content.
+ // - VectorEsriNavigation – The Esri Navigation map style, which provides a
+ // detailed basemap for the world symbolized with a custom navigation map style
+ // that's designed for use during the day in mobile devices. It also includes a
+ // richer set of places, such as shops, services, restaurants, attractions, and
+ // other points of interest. Enable the POI layer by setting it in CustomLayers
+ // to leverage the additional places data.
// - RasterEsriImagery – The Esri Imagery map style. A raster basemap that
// provides one meter or better satellite and aerial imagery in many parts of the
// world and lower resolution satellite imagery worldwide.
@@ -921,23 +924,14 @@ type MapConfiguration struct {
// vector basemap for the world symbolized with a classic Esri street map style.
// The vector tile layer is similar in content and style to the World Street Map
// raster map.
- // - VectorEsriNavigation – The Esri Navigation map style, which provides a
- // detailed basemap for the world symbolized with a custom navigation map style
- // that's designed for use during the day in mobile devices.
+ // - VectorEsriDarkGrayCanvas – The Esri Dark Gray Canvas map style. A vector
+ // basemap with a dark gray, neutral background with minimal colors, labels, and
+ // features that's designed to draw attention to your thematic content.
// Valid HERE Technologies map styles (https://docs.aws.amazon.com/location/latest/developerguide/HERE.html)
// :
- // - VectorHereContrast – The HERE Contrast (Berlin) map style is a high contrast
- // detailed base map of the world that blends 3D and 2D rendering. The
- // VectorHereContrast style has been renamed from VectorHereBerlin .
- // VectorHereBerlin has been deprecated, but will continue to work in
- // applications that use it.
// - VectorHereExplore – A default HERE map style containing a neutral, global
// map and its features including roads, buildings, landmarks, and water features.
// It also now includes a fully designed map of Japan.
- // - VectorHereExploreTruck – A global map containing truck restrictions and
- // attributes (e.g. width / height / HAZMAT) symbolized with highlighted segments
- // and icons on top of HERE Explore to support use cases within transport and
- // logistics.
// - RasterHereExploreSatellite – A global map containing high resolution
// satellite imagery.
// - HybridHereExploreSatellite – A global map displaying the road network,
@@ -947,6 +941,15 @@ type MapConfiguration struct {
// when rendering the map that you see. This means that more tiles are retrieved
// than when using either vector or raster tiles alone. Your charges will include
// all tiles retrieved.
+ // - VectorHereContrast – The HERE Contrast (Berlin) map style is a high contrast
+ // detailed base map of the world that blends 3D and 2D rendering. The
+ // VectorHereContrast style has been renamed from VectorHereBerlin .
+ // VectorHereBerlin has been deprecated, but will continue to work in
+ // applications that use it.
+ // - VectorHereExploreTruck – A global map containing truck restrictions and
+ // attributes (e.g. width / height / HAZMAT) symbolized with highlighted segments
+ // and icons on top of HERE Explore to support use cases within transport and
+ // logistics.
// Valid GrabMaps map styles (https://docs.aws.amazon.com/location/latest/developerguide/grab.html)
// :
// - VectorGrabStandardLight – The Grab Standard Light map style provides a
@@ -979,6 +982,14 @@ type MapConfiguration struct {
// This member is required.
Style *string
+ // Specifies the custom layers for the style. Leave unset to not enable any custom
+ // layer, or, for styles that support custom layers, you can enable layer(s), such
+ // as POI layer for the VectorEsriNavigation style. Default is unset . Currenlty
+ // only VectorEsriNavigation supports CustomLayers. For more information, see
+ // Custom Layers (https://docs.aws.amazon.com/location/latest/developerguide/map-concepts.html#map-custom-layers)
+ // .
+ CustomLayers []string
+
// Specifies the political view for the style. Leave unset to not use a political
// view, or, for styles that support specific political views, you can choose a
// view, such as IND for the Indian view. Default is unset. Not all map resources
@@ -992,6 +1003,14 @@ type MapConfiguration struct {
// Specifies the political view for the style.
type MapConfigurationUpdate struct {
+ // Specifies the custom layers for the style. Leave unset to not enable any custom
+ // layer, or, for styles that support custom layers, you can enable layer(s), such
+ // as POI layer for the VectorEsriNavigation style. Default is unset . Currenlty
+ // only VectorEsriNavigation supports CustomLayers. For more information, see
+ // Custom Layers (https://docs.aws.amazon.com/location/latest/developerguide/map-concepts.html#map-custom-layers)
+ // .
+ CustomLayers []string
+
// Specifies the political view for the style. Set to an empty string to not use a
// political view, or, for styles that support specific political views, you can
// choose a view, such as IND for the Indian view. Not all map resources or styles
@@ -1055,10 +1074,12 @@ type Place struct {
// .
Street *string
- // An area that's part of a larger municipality. For example, Blissville is a
- // submunicipality in the Queen County in New York. This property supported by Esri
- // and OpenData. The Esri property is district , and the OpenData property is
- // borough .
+ // An area that's part of a larger municipality. For example, Blissville is a
+ // submunicipality in the Queen County in New York. This property is only returned
+ // for a place index that uses Esri as a data provider. The property is represented
+ // as a district . For more information about data providers, see Amazon Location
+ // Service data providers (https://docs.aws.amazon.com/location/latest/developerguide/what-is-data-provider.html)
+ // .
SubMunicipality *string
// A county, or an area that's part of a larger region. For example, Metro
@@ -1074,13 +1095,14 @@ type Place struct {
TimeZone *TimeZone
// For addresses with multiple units, the unit identifier. Can include numbers and
- // letters, for example 3B or Unit 123 . Returned only for a place index that uses
- // Esri or Grab as a data provider. Is not returned for SearchPlaceIndexForPosition
- // .
+ // letters, for example 3B or Unit 123 . This property is returned only for a place
+ // index that uses Esri or Grab as a data provider. It is not returned for
+ // SearchPlaceIndexForPosition .
UnitNumber *string
// For addresses with a UnitNumber , the type of unit. For example, Apartment .
- // Returned only for a place index that uses Esri as a data provider.
+ // This property is returned only for a place index that uses Esri as a data
+ // provider.
UnitType *string
noSmithyDocumentSerde
@@ -1205,7 +1227,29 @@ type SearchForSuggestionsResult struct {
// Place. The GetPlace request must use the same PlaceIndex resource as the
// SearchPlaceIndexForSuggestions that generated the Place ID. For
// SearchPlaceIndexForSuggestions operations, the PlaceId is returned by place
- // indexes that use Esri, Grab, or HERE as data providers.
+ // indexes that use Esri, Grab, or HERE as data providers. While you can use
+ // PlaceID in subsequent requests, PlaceID is not intended to be a permanent
+ // identifier and the ID can change between consecutive API calls. Please see the
+ // following PlaceID behaviour for each data provider:
+ // - Esri: Place IDs will change every quarter at a minimum. The typical time
+ // period for these changes would be March, June, September, and December. Place
+ // IDs might also change between the typical quarterly change but that will be much
+ // less frequent.
+ // - HERE: We recommend that you cache data for no longer than a week to keep
+ // your data data fresh. You can assume that less than 1% ID shifts will release
+ // over release which is approximately 1 - 2 times per week.
+ // - Grab: Place IDs can expire or become invalid in the following situations.
+ // - Data operations: The POI may be removed from Grab POI database by Grab Map
+ // Ops based on the ground-truth, such as being closed in the real world, being
+ // detected as a duplicate POI, or having incorrect information. Grab will
+ // synchronize data to the Waypoint environment on weekly basis.
+ // - Interpolated POI: Interpolated POI is a temporary POI generated in real
+ // time when serving a request, and it will be marked as derived in the
+ // place.result_type field in the response. The information of interpolated POIs
+ // will be retained for at least 30 days, which means that within 30 days, you are
+ // able to obtain POI details by Place ID from Place Details API. After 30 days,
+ // the interpolated POIs(both Place ID and details) may expire and inaccessible
+ // from the Places Details API.
PlaceId *string
// Categories from the data provider that describe the Place that are not mapped
diff --git a/service/macie2/CHANGELOG.md b/service/macie2/CHANGELOG.md
index 9ceee4976ca..00e434b6eaa 100644
--- a/service/macie2/CHANGELOG.md
+++ b/service/macie2/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.35.0 (2024-01-16)
+
+* **Feature**: This release adds support for analyzing Amazon S3 objects that are encrypted using dual-layer server-side encryption with AWS KMS keys (DSSE-KMS). It also adds support for reporting DSSE-KMS details in statistics and metadata about encryption settings for S3 buckets and objects.
+
# v1.34.6 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/macie2/api_op_GetSensitiveDataOccurrencesAvailability.go b/service/macie2/api_op_GetSensitiveDataOccurrencesAvailability.go
index ee9379380a1..79ab028b793 100644
--- a/service/macie2/api_op_GetSensitiveDataOccurrencesAvailability.go
+++ b/service/macie2/api_op_GetSensitiveDataOccurrencesAvailability.go
@@ -54,18 +54,18 @@ type GetSensitiveDataOccurrencesAvailabilityOutput struct {
// object by using Macie.
// - INVALID_CLASSIFICATION_RESULT - There isn't a corresponding sensitive data
// discovery result for the finding. Or the corresponding sensitive data discovery
- // result isn't available, is malformed or corrupted, or uses an unsupported
- // storage format. Macie can't verify the location of the sensitive data to
- // retrieve.
+ // result isn't available in the current Amazon Web Services Region, is malformed
+ // or corrupted, or uses an unsupported storage format. Macie can't verify the
+ // location of the sensitive data to retrieve.
// - INVALID_RESULT_SIGNATURE - The corresponding sensitive data discovery
// result is stored in an S3 object that wasn't signed by Macie. Macie can't verify
// the integrity and authenticity of the sensitive data discovery result.
// Therefore, Macie can't verify the location of the sensitive data to retrieve.
- // - MEMBER_ROLE_TOO_PERMISSIVE - The affected member account is configured to
- // retrieve occurrences of sensitive data by using an IAM role whose trust or
- // permissions policy doesn't meet Macie requirements for restricting access to the
- // role. Or the role's trust policy doesn't specify the correct external ID. Macie
- // can't assume the role to retrieve the sensitive data.
+ // - MEMBER_ROLE_TOO_PERMISSIVE - The trust or permissions policy for the IAM
+ // role in the affected member account doesn't meet Macie requirements for
+ // restricting access to the role. Or the role's trust policy doesn't specify the
+ // correct external ID for your organization. Macie can't assume the role to
+ // retrieve the sensitive data.
// - MISSING_GET_MEMBER_PERMISSION - You're not allowed to retrieve information
// about the association between your account and the affected account. Macie can't
// determine whether you’re allowed to access the affected S3 object as the
@@ -74,8 +74,8 @@ type GetSensitiveDataOccurrencesAvailabilityOutput struct {
// exceeds the size quota for retrieving occurrences of sensitive data from this
// type of file.
// - OBJECT_UNAVAILABLE - The affected S3 object isn't available. The object was
- // renamed, moved, or deleted. Or the object was changed after Macie created the
- // finding.
+ // renamed, moved, deleted, or changed after Macie created the finding. Or the
+ // object is encrypted with an KMS key that's currently disabled.
// - RESULT_NOT_SIGNED - The corresponding sensitive data discovery result is
// stored in an S3 object that hasn't been signed. Macie can't verify the integrity
// and authenticity of the sensitive data discovery result. Therefore, Macie can't
diff --git a/service/macie2/api_op_UpdateRevealConfiguration.go b/service/macie2/api_op_UpdateRevealConfiguration.go
index e39f60eef97..bb44f3f14de 100644
--- a/service/macie2/api_op_UpdateRevealConfiguration.go
+++ b/service/macie2/api_op_UpdateRevealConfiguration.go
@@ -37,7 +37,7 @@ type UpdateRevealConfigurationInput struct {
// This member is required.
Configuration *types.RevealConfiguration
- // The access method and settings to use to retrieve the sensitive data.
+ // The access method and settings to use when retrieving the sensitive data.
RetrievalConfiguration *types.UpdateRetrievalConfiguration
noSmithyDocumentSerde
@@ -49,7 +49,7 @@ type UpdateRevealConfigurationOutput struct {
// configuration for the Amazon Macie account.
Configuration *types.RevealConfiguration
- // The access method and settings to use to retrieve the sensitive data.
+ // The access method and settings to use when retrieving the sensitive data.
RetrievalConfiguration *types.RetrievalConfiguration
// Metadata pertaining to the operation's result.
diff --git a/service/macie2/go_module_metadata.go b/service/macie2/go_module_metadata.go
index 6a12e24ceef..42047432ee3 100644
--- a/service/macie2/go_module_metadata.go
+++ b/service/macie2/go_module_metadata.go
@@ -3,4 +3,4 @@
package macie2
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.34.6"
+const goModuleVersion = "1.35.0"
diff --git a/service/macie2/types/enums.go b/service/macie2/types/enums.go
index a524537379c..1245faa1b3d 100644
--- a/service/macie2/types/enums.go
+++ b/service/macie2/types/enums.go
@@ -250,10 +250,11 @@ type EncryptionType string
// Enum values for EncryptionType
const (
- EncryptionTypeNone EncryptionType = "NONE"
- EncryptionTypeAes256 EncryptionType = "AES256"
- EncryptionTypeAwsKms EncryptionType = "aws:kms"
- EncryptionTypeUnknown EncryptionType = "UNKNOWN"
+ EncryptionTypeNone EncryptionType = "NONE"
+ EncryptionTypeAes256 EncryptionType = "AES256"
+ EncryptionTypeAwsKms EncryptionType = "aws:kms"
+ EncryptionTypeUnknown EncryptionType = "UNKNOWN"
+ EncryptionTypeAwsKmsDsse EncryptionType = "aws:kms:dsse"
)
// Values returns all known values for EncryptionType. Note that this can be
@@ -265,6 +266,7 @@ func (EncryptionType) Values() []EncryptionType {
"AES256",
"aws:kms",
"UNKNOWN",
+ "aws:kms:dsse",
}
}
@@ -1022,9 +1024,10 @@ type Type string
// Enum values for Type
const (
- TypeNone Type = "NONE"
- TypeAes256 Type = "AES256"
- TypeAwsKms Type = "aws:kms"
+ TypeNone Type = "NONE"
+ TypeAes256 Type = "AES256"
+ TypeAwsKms Type = "aws:kms"
+ TypeAwsKmsDsse Type = "aws:kms:dsse"
)
// Values returns all known values for Type. Note that this can be expanded in the
@@ -1035,6 +1038,7 @@ func (Type) Values() []Type {
"NONE",
"AES256",
"aws:kms",
+ "aws:kms:dsse",
}
}
diff --git a/service/macie2/types/types.go b/service/macie2/types/types.go
index f69ba530690..69adf7ddc87 100644
--- a/service/macie2/types/types.go
+++ b/service/macie2/types/types.go
@@ -307,9 +307,9 @@ type BucketCountByEffectivePermission struct {
type BucketCountByEncryptionType struct {
// The total number of buckets whose default encryption settings are configured to
- // encrypt new objects with an Amazon Web Services managed KMS key or a customer
- // managed KMS key. By default, these buckets encrypt new objects automatically
- // using SSE-KMS encryption.
+ // encrypt new objects with an KMS key, either an Amazon Web Services managed key
+ // or a customer managed key. By default, these buckets encrypt new objects
+ // automatically using DSSE-KMS or SSE-KMS encryption.
KmsManaged *int64
// The total number of buckets whose default encryption settings are configured to
@@ -660,11 +660,14 @@ type BucketServerSideEncryption struct {
// The server-side encryption algorithm that's used by default to encrypt objects
// that are added to the bucket. Possible values are:
- // - AES256 - New objects are encrypted with an Amazon S3 managed key. They use
- // SSE-S3 encryption.
- // - aws:kms - New objects are encrypted with an KMS key (kmsMasterKeyId),
- // either an Amazon Web Services managed key or a customer managed key. They use
- // SSE-KMS encryption.
+ // - AES256 - New objects use SSE-S3 encryption. They're encrypted with an
+ // Amazon S3 managed key.
+ // - aws:kms - New objects use SSE-KMS encryption. They're encrypted with an KMS
+ // key (kmsMasterKeyId), either an Amazon Web Services managed key or a customer
+ // managed key.
+ // - aws:kms:dsse - New objects use DSSE-KMS encryption. They're encrypted with
+ // an KMS key (kmsMasterKeyId), either an Amazon Web Services managed key or a
+ // customer managed key.
// - NONE - The bucket's default encryption settings don't specify server-side
// encryption behavior for new objects.
Type Type
@@ -1863,17 +1866,18 @@ type MonthlySchedule struct {
// aren't encrypted.
type ObjectCountByEncryptionType struct {
- // The total number of objects that are encrypted with a customer-provided key.
- // The objects use customer-provided server-side encryption (SSE-C).
+ // The total number of objects that are encrypted with customer-provided keys. The
+ // objects use server-side encryption with customer-provided keys (SSE-C).
CustomerManaged *int64
- // The total number of objects that are encrypted with an KMS key, either an
- // Amazon Web Services managed key or a customer managed key. The objects use KMS
- // encryption (SSE-KMS).
+ // The total number of objects that are encrypted with KMS keys, either Amazon Web
+ // Services managed keys or customer managed keys. The objects use dual-layer
+ // server-side encryption or server-side encryption with KMS keys (DSSE-KMS or
+ // SSE-KMS).
KmsManaged *int64
- // The total number of objects that are encrypted with an Amazon S3 managed key.
- // The objects use Amazon S3 managed encryption (SSE-S3).
+ // The total number of objects that are encrypted with Amazon S3 managed keys. The
+ // objects use server-side encryption with Amazon S3 managed keys (SSE-S3).
S3Managed *int64
// The total number of objects that use client-side encryption or aren't encrypted.
@@ -2150,7 +2154,7 @@ type ResourceStatistics struct {
// retrieve occurrences of sensitive data reported by findings.
type RetrievalConfiguration struct {
- // The access method that's used when retrieving sensitive data from affected S3
+ // The access method that's used to retrieve sensitive data from affected S3
// objects. Valid values are: ASSUME_ROLE, assume an IAM role that is in the
// affected Amazon Web Services account and delegates access to Amazon Macie
// (roleName); and, CALLER_CREDENTIALS, use the credentials of the IAM user who
@@ -2160,11 +2164,13 @@ type RetrievalConfiguration struct {
RetrievalMode RetrievalMode
// The external ID to specify in the trust policy for the IAM role to assume when
- // retrieving sensitive data from affected S3 objects (roleName). The trust policy
- // must include an sts:ExternalId condition that requires this ID. This ID is a
- // unique alphanumeric string that Amazon Macie generates automatically after you
- // configure it to assume a role. This value is null if the value for retrievalMode
- // is CALLER_CREDENTIALS.
+ // retrieving sensitive data from affected S3 objects (roleName). This value is
+ // null if the value for retrievalMode is CALLER_CREDENTIALS. This ID is a unique
+ // alphanumeric string that Amazon Macie generates automatically after you
+ // configure it to assume an IAM role. For a Macie administrator to retrieve
+ // sensitive data from an affected S3 object for a member account, the trust policy
+ // for the role in the member account must include an sts:ExternalId condition that
+ // requires this ID.
ExternalId *string
// The name of the IAM role that is in the affected Amazon Web Services account
@@ -2183,11 +2189,16 @@ type RetrievalConfiguration struct {
// key. Otherwise, an error occurs.
type RevealConfiguration struct {
- // The status of the configuration for the Amazon Macie account. In a request,
- // valid values are: ENABLED, enable the configuration for the account; and,
- // DISABLED, disable the configuration for the account. In a response, possible
- // values are: ENABLED, the configuration is currently enabled for the account;
- // and, DISABLED, the configuration is currently disabled for the account.
+ // The status of the configuration for the Amazon Macie account. In a response,
+ // possible values are: ENABLED, the configuration is currently enabled for the
+ // account; and, DISABLED, the configuration is currently disabled for the account.
+ // In a request, valid values are: ENABLED, enable the configuration for the
+ // account; and, DISABLED, disable the configuration for the account. If you
+ // disable the configuration, you also permanently delete current settings that
+ // specify how to access affected S3 objects. If your current access method is
+ // ASSUME_ROLE, Macie also deletes the external ID and role name currently
+ // specified for the configuration. These settings can't be recovered after they're
+ // deleted.
//
// This member is required.
Status RevealStatus
@@ -3079,11 +3090,10 @@ type UnprocessedAccount struct {
// Specifies the access method and settings to use when retrieving occurrences of
// sensitive data reported by findings. If your request specifies an Identity and
-// Access Management (IAM) role to assume when retrieving the sensitive data,
-// Amazon Macie verifies that the role exists and the attached policies are
-// configured correctly. If there's an issue, Macie returns an error. For
-// information about addressing the issue, see Retrieving sensitive data samples
-// with findings (https://docs.aws.amazon.com/macie/latest/user/findings-retrieve-sd.html)
+// Access Management (IAM) role to assume, Amazon Macie verifies that the role
+// exists and the attached policies are configured correctly. If there's an issue,
+// Macie returns an error. For information about addressing the issue, see
+// Configuration options and requirements for retrieving sensitive data samples (https://docs.aws.amazon.com/macie/latest/user/findings-retrieve-sd-options.html)
// in the Amazon Macie User Guide.
type UpdateRetrievalConfiguration struct {
diff --git a/service/mwaa/CHANGELOG.md b/service/mwaa/CHANGELOG.md
index 8ab179169ca..fb6f8216f02 100644
--- a/service/mwaa/CHANGELOG.md
+++ b/service/mwaa/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.23.0 (2024-01-12)
+
+* **Feature**: This Amazon MWAA feature release includes new fields in CreateWebLoginToken response model. The new fields IamIdentity and AirflowIdentity will let you match identifications, as the Airflow identity length is currently hashed to 64 characters.
+
# v1.22.6 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/mwaa/api_op_CreateWebLoginToken.go b/service/mwaa/api_op_CreateWebLoginToken.go
index 79884c911ca..5bfa547c606 100644
--- a/service/mwaa/api_op_CreateWebLoginToken.go
+++ b/service/mwaa/api_op_CreateWebLoginToken.go
@@ -41,6 +41,14 @@ type CreateWebLoginTokenInput struct {
type CreateWebLoginTokenOutput struct {
+ // The user name of the Apache Airflow identity creating the web login token.
+ AirflowIdentity *string
+
+ // The name of the IAM identity creating the web login token. This might be an IAM
+ // user, or an assumed or federated identity. For example,
+ // assumed-role/Admin/your-name .
+ IamIdentity *string
+
// The Airflow web server hostname for the environment.
WebServerHostname *string
diff --git a/service/mwaa/deserializers.go b/service/mwaa/deserializers.go
index 09592006c89..5a9fd5f9fe0 100644
--- a/service/mwaa/deserializers.go
+++ b/service/mwaa/deserializers.go
@@ -475,6 +475,24 @@ func awsRestjson1_deserializeOpDocumentCreateWebLoginTokenOutput(v **CreateWebLo
for key, value := range shape {
switch key {
+ case "AirflowIdentity":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected AirflowIdentity to be of type string, got %T instead", value)
+ }
+ sv.AirflowIdentity = ptr.String(jtv)
+ }
+
+ case "IamIdentity":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected IamIdentity to be of type string, got %T instead", value)
+ }
+ sv.IamIdentity = ptr.String(jtv)
+ }
+
case "WebServerHostname":
if value != nil {
jtv, ok := value.(string)
diff --git a/service/mwaa/go_module_metadata.go b/service/mwaa/go_module_metadata.go
index 7de9b5f2e31..8c15722d4c3 100644
--- a/service/mwaa/go_module_metadata.go
+++ b/service/mwaa/go_module_metadata.go
@@ -3,4 +3,4 @@
package mwaa
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.22.6"
+const goModuleVersion = "1.23.0"
diff --git a/service/paymentcryptography/CHANGELOG.md b/service/paymentcryptography/CHANGELOG.md
index a5839409086..0ad11ce6a8b 100644
--- a/service/paymentcryptography/CHANGELOG.md
+++ b/service/paymentcryptography/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.7.0 (2024-01-16)
+
+* **Feature**: Provide an additional option for key exchange using RSA wrap/unwrap in addition to tr-34/tr-31 in ImportKey and ExportKey operations. Added new key usage (type) TR31_M1_ISO_9797_1_MAC_KEY, for use with Generate/VerifyMac dataplane operations with ISO9797 Algorithm 1 MAC calculations.
+
# v1.6.3 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/paymentcryptography/api_op_ExportKey.go b/service/paymentcryptography/api_op_ExportKey.go
index 4fc19d95915..3f65aec3e12 100644
--- a/service/paymentcryptography/api_op_ExportKey.go
+++ b/service/paymentcryptography/api_op_ExportKey.go
@@ -21,43 +21,46 @@ import (
// operations outside of Amazon Web Services Payment Cryptography For symmetric key
// exchange, Amazon Web Services Payment Cryptography uses the ANSI X9 TR-31 norm
// in accordance with PCI PIN guidelines. And for asymmetric key exchange, Amazon
-// Web Services Payment Cryptography supports ANSI X9 TR-34 norm . Asymmetric key
-// exchange methods are typically used to establish bi-directional trust between
-// the two parties exhanging keys and are used for initial key exchange such as Key
-// Encryption Key (KEK). After which you can export working keys using symmetric
-// method to perform various cryptographic operations within Amazon Web Services
-// Payment Cryptography. The TR-34 norm is intended for exchanging 3DES keys only
-// and keys are imported in a WrappedKeyBlock format. Key attributes (such as
-// KeyUsage, KeyAlgorithm, KeyModesOfUse, Exportability) are contained within the
-// key block. You can also use ExportKey functionality to generate and export an
-// IPEK (Initial Pin Encryption Key) from Amazon Web Services Payment Cryptography
-// using either TR-31 or TR-34 export key exchange. IPEK is generated from BDK
-// (Base Derivation Key) and ExportDukptInitialKey attribute KSN ( KeySerialNumber
-// ). The generated IPEK does not persist within Amazon Web Services Payment
-// Cryptography and has to be re-generated each time during export. To export KEK
-// or IPEK using TR-34 Using this operation, you can export initial key using TR-34
-// asymmetric key exchange. You can only export KEK generated within Amazon Web
-// Services Payment Cryptography. In TR-34 terminology, the sending party of the
-// key is called Key Distribution Host (KDH) and the receiving party of the key is
-// called Key Receiving Device (KRD). During key export process, KDH is Amazon Web
-// Services Payment Cryptography which initiates key export and KRD is the user
-// receiving the key. To initiate TR-34 key export, the KRD must obtain an export
-// token by calling GetParametersForExport . This operation also generates a key
-// pair for the purpose of key export, signs the key and returns back the signing
-// public key certificate (also known as KDH signing certificate) and root
-// certificate chain. The KDH uses the private key to sign the the export payload
-// and the signing public key certificate is provided to KRD to verify the
-// signature. The KRD can import the root certificate into its Hardware Security
-// Module (HSM), as required. The export token and the associated KDH signing
-// certificate expires after 7 days. Next the KRD generates a key pair for the the
-// purpose of encrypting the KDH key and provides the public key cerificate (also
-// known as KRD wrapping certificate) back to KDH. The KRD will also import the
-// root cerificate chain into Amazon Web Services Payment Cryptography by calling
-// ImportKey for RootCertificatePublicKey . The KDH, Amazon Web Services Payment
-// Cryptography, will use the KRD wrapping cerificate to encrypt (wrap) the key
-// under export and signs it with signing private key to generate a TR-34
-// WrappedKeyBlock. For more information on TR-34 key export, see section
-// Exporting symmetric keys (https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-export.html)
+// Web Services Payment Cryptography supports ANSI X9 TR-34 norm and RSA wrap and
+// unwrap key exchange mechanism. Asymmetric key exchange methods are typically
+// used to establish bi-directional trust between the two parties exhanging keys
+// and are used for initial key exchange such as Key Encryption Key (KEK). After
+// which you can export working keys using symmetric method to perform various
+// cryptographic operations within Amazon Web Services Payment Cryptography. The
+// TR-34 norm is intended for exchanging 3DES keys only and keys are imported in a
+// WrappedKeyBlock format. Key attributes (such as KeyUsage, KeyAlgorithm,
+// KeyModesOfUse, Exportability) are contained within the key block. With RSA wrap
+// and unwrap, you can exchange both 3DES and AES-128 keys. The keys are imported
+// in a WrappedKeyCryptogram format and you will need to specify the key attributes
+// during import. You can also use ExportKey functionality to generate and export
+// an IPEK (Initial Pin Encryption Key) from Amazon Web Services Payment
+// Cryptography using either TR-31 or TR-34 export key exchange. IPEK is generated
+// from BDK (Base Derivation Key) and ExportDukptInitialKey attribute KSN (
+// KeySerialNumber ). The generated IPEK does not persist within Amazon Web
+// Services Payment Cryptography and has to be re-generated each time during
+// export. To export initial keys (KEK) or IPEK using TR-34 Using this operation,
+// you can export initial key using TR-34 asymmetric key exchange. You can only
+// export KEK generated within Amazon Web Services Payment Cryptography. In TR-34
+// terminology, the sending party of the key is called Key Distribution Host (KDH)
+// and the receiving party of the key is called Key Receiving Device (KRD). During
+// key export process, KDH is Amazon Web Services Payment Cryptography which
+// initiates key export and KRD is the user receiving the key. To initiate TR-34
+// key export, the KRD must obtain an export token by calling
+// GetParametersForExport . This operation also generates a key pair for the
+// purpose of key export, signs the key and returns back the signing public key
+// certificate (also known as KDH signing certificate) and root certificate chain.
+// The KDH uses the private key to sign the the export payload and the signing
+// public key certificate is provided to KRD to verify the signature. The KRD can
+// import the root certificate into its Hardware Security Module (HSM), as
+// required. The export token and the associated KDH signing certificate expires
+// after 7 days. Next the KRD generates a key pair for the the purpose of
+// encrypting the KDH key and provides the public key cerificate (also known as KRD
+// wrapping certificate) back to KDH. The KRD will also import the root cerificate
+// chain into Amazon Web Services Payment Cryptography by calling ImportKey for
+// RootCertificatePublicKey . The KDH, Amazon Web Services Payment Cryptography,
+// will use the KRD wrapping cerificate to encrypt (wrap) the key under export and
+// signs it with signing private key to generate a TR-34 WrappedKeyBlock. For more
+// information on TR-34 key export, see section Exporting symmetric keys (https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-export.html)
// in the Amazon Web Services Payment Cryptography User Guide. Set the following
// parameters:
// - ExportAttributes : Specify export attributes in case of IPEK export. This
@@ -75,11 +78,30 @@ import (
// Amazon Web Services Payment Cryptography.
//
// When this operation is successful, Amazon Web Services Payment Cryptography
-// returns the KEK or IPEK as a TR-34 WrappedKeyBlock. To export WK (Working Key)
-// or IPEK using TR-31 Using this operation, you can export working keys or IPEK
-// using TR-31 symmetric key exchange. In TR-31, you must use an initial key such
-// as KEK to encrypt or wrap the key under export. To establish a KEK, you can use
-// CreateKey or ImportKey . Set the following parameters:
+// returns the KEK or IPEK as a TR-34 WrappedKeyBlock. To export initial keys (KEK)
+// or IPEK using RSA Wrap and Unwrap Using this operation, you can export initial
+// key using asymmetric RSA wrap and unwrap key exchange method. To initiate
+// export, generate an asymmetric key pair on the receiving HSM and obtain the
+// public key certificate in PEM format (base64 encoded) for the purpose of
+// wrapping and the root certifiate chain. Import the root certificate into Amazon
+// Web Services Payment Cryptography by calling ImportKey for
+// RootCertificatePublicKey . Next call ExportKey and set the following
+// parameters:
+// - CertificateAuthorityPublicKeyIdentifier : The KeyARN of the certificate
+// chain that signed wrapping key certificate.
+// - KeyMaterial : Set to KeyCryptogram .
+// - WrappingKeyCertificate : The public key certificate in PEM format (base64
+// encoded) obtained by the receiving HSM and signed by the root certificate
+// (CertificateAuthorityPublicKeyIdentifier) imported into Amazon Web Services
+// Payment Cryptography. The receiving HSM uses its private key component to unwrap
+// the WrappedKeyCryptogram.
+//
+// When this operation is successful, Amazon Web Services Payment Cryptography
+// returns the WrappedKeyCryptogram. To export working keys or IPEK using TR-31
+// Using this operation, you can export working keys or IPEK using TR-31 symmetric
+// key exchange. In TR-31, you must use an initial key such as KEK to encrypt or
+// wrap the key under export. To establish a KEK, you can use CreateKey or
+// ImportKey . Set the following parameters:
// - ExportAttributes : Specify export attributes in case of IPEK export. This
// parameter is optional for KEK export.
// - ExportKeyIdentifier : The KeyARN of the KEK or BDK (in case of IPEK) under
@@ -87,9 +109,9 @@ import (
// - KeyMaterial : Use Tr31KeyBlock parameters.
//
// When this operation is successful, Amazon Web Services Payment Cryptography
-// returns the WK or IPEK as a TR-31 WrappedKeyBlock. Cross-account use: This
-// operation can't be used across different Amazon Web Services accounts. Related
-// operations:
+// returns the working key or IPEK as a TR-31 WrappedKeyBlock. Cross-account use:
+// This operation can't be used across different Amazon Web Services accounts.
+// Related operations:
// - GetParametersForExport
// - ImportKey
func (c *Client) ExportKey(ctx context.Context, params *ExportKeyInput, optFns ...func(*Options)) (*ExportKeyOutput, error) {
@@ -130,7 +152,7 @@ type ExportKeyInput struct {
type ExportKeyOutput struct {
// The key material under export as a TR-34 WrappedKeyBlock or a TR-31
- // WrappedKeyBlock.
+ // WrappedKeyBlock. or a RSA WrappedKeyCryptogram.
WrappedKey *types.WrappedKey
// Metadata pertaining to the operation's result.
diff --git a/service/paymentcryptography/api_op_GetParametersForImport.go b/service/paymentcryptography/api_op_GetParametersForImport.go
index 047c80d0b60..b822eba02ee 100644
--- a/service/paymentcryptography/api_op_GetParametersForImport.go
+++ b/service/paymentcryptography/api_op_GetParametersForImport.go
@@ -14,12 +14,13 @@ import (
)
// Gets the import token and the wrapping key certificate in PEM format (base64
-// encoded) to initiate a TR-34 WrappedKeyBlock. The wrapping key certificate wraps
-// the key under import. The import token and wrapping key certificate must be in
-// place and operational before calling ImportKey . The import token expires in 7
-// days. You can use the same import token to import multiple keys into your
-// service account. Cross-account use: This operation can't be used across
-// different Amazon Web Services accounts. Related operations:
+// encoded) to initiate a TR-34 WrappedKeyBlock or a RSA WrappedKeyCryptogram
+// import into Amazon Web Services Payment Cryptography. The wrapping key
+// certificate wraps the key under import. The import token and wrapping key
+// certificate must be in place and operational before calling ImportKey . The
+// import token expires in 7 days. You can use the same import token to import
+// multiple keys into your service account. Cross-account use: This operation can't
+// be used across different Amazon Web Services accounts. Related operations:
// - GetParametersForExport
// - ImportKey
func (c *Client) GetParametersForImport(ctx context.Context, params *GetParametersForImportInput, optFns ...func(*Options)) (*GetParametersForImportOutput, error) {
@@ -40,15 +41,17 @@ func (c *Client) GetParametersForImport(ctx context.Context, params *GetParamete
type GetParametersForImportInput struct {
// The method to use for key material import. Import token is only required for
- // TR-34 WrappedKeyBlock ( TR34_KEY_BLOCK ). Import token is not required for
- // TR-31, root public key cerificate or trusted public key certificate.
+ // TR-34 WrappedKeyBlock ( TR34_KEY_BLOCK ) and RSA WrappedKeyCryptogram (
+ // KEY_CRYPTOGRAM ). Import token is not required for TR-31, root public key
+ // cerificate or trusted public key certificate.
//
// This member is required.
KeyMaterialType types.KeyMaterialType
// The wrapping key algorithm to generate a wrapping key certificate. This
- // certificate wraps the key under import. At this time, RSA_2048 , RSA_3072 ,
- // RSA_4096 are the only allowed algorithms for TR-34 WrappedKeyBlock import.
+ // certificate wraps the key under import. At this time, RSA_2048 is the allowed
+ // algorithm for TR-34 WrappedKeyBlock import. Additionally, RSA_2048 , RSA_3072 ,
+ // RSA_4096 are the allowed algorithms for RSA WrappedKeyCryptogram import.
//
// This member is required.
WrappingKeyAlgorithm types.KeyAlgorithm
@@ -70,7 +73,8 @@ type GetParametersForImportOutput struct {
// This member is required.
ParametersValidUntilTimestamp *time.Time
- // The algorithm of the wrapping key for use within TR-34 WrappedKeyBlock.
+ // The algorithm of the wrapping key for use within TR-34 WrappedKeyBlock or RSA
+ // WrappedKeyCryptogram.
//
// This member is required.
WrappingKeyAlgorithm types.KeyAlgorithm
diff --git a/service/paymentcryptography/api_op_ImportKey.go b/service/paymentcryptography/api_op_ImportKey.go
index 8482dce7016..bb3ff137a12 100644
--- a/service/paymentcryptography/api_op_ImportKey.go
+++ b/service/paymentcryptography/api_op_ImportKey.go
@@ -20,15 +20,18 @@ import (
// mechanisms. For symmetric key exchange, Amazon Web Services Payment Cryptography
// uses the ANSI X9 TR-31 norm in accordance with PCI PIN guidelines. And for
// asymmetric key exchange, Amazon Web Services Payment Cryptography supports ANSI
-// X9 TR-34 norm . Asymmetric key exchange methods are typically used to establish
-// bi-directional trust between the two parties exhanging keys and are used for
-// initial key exchange such as Key Encryption Key (KEK) or Zone Master Key (ZMK).
-// After which you can import working keys using symmetric method to perform
-// various cryptographic operations within Amazon Web Services Payment
-// Cryptography. The TR-34 norm is intended for exchanging 3DES keys only and keys
-// are imported in a WrappedKeyBlock format. Key attributes (such as KeyUsage,
-// KeyAlgorithm, KeyModesOfUse, Exportability) are contained within the key block.
-// You can also import a root public key certificate, used to sign other public key
+// X9 TR-34 norm and RSA wrap and unwrap key exchange mechanisms. Asymmetric key
+// exchange methods are typically used to establish bi-directional trust between
+// the two parties exhanging keys and are used for initial key exchange such as Key
+// Encryption Key (KEK) or Zone Master Key (ZMK). After which you can import
+// working keys using symmetric method to perform various cryptographic operations
+// within Amazon Web Services Payment Cryptography. The TR-34 norm is intended for
+// exchanging 3DES keys only and keys are imported in a WrappedKeyBlock format. Key
+// attributes (such as KeyUsage, KeyAlgorithm, KeyModesOfUse, Exportability) are
+// contained within the key block. With RSA wrap and unwrap, you can exchange both
+// 3DES and AES-128 keys. The keys are imported in a WrappedKeyCryptogram format
+// and you will need to specify the key attributes during import. You can also
+// import a root public key certificate, used to sign other public key
// certificates, or a trusted public key certificate under an already established
// root public key certificate. To import a public root key certificate You can
// also import a root public key certificate, used to sign other public key
@@ -58,24 +61,25 @@ import (
// - PublicKeyCertificate : The trusted public key certificate in PEM format
// (base64 encoded) under import.
//
-// To import KEK or ZMK using TR-34 Using this operation, you can import initial
-// key using TR-34 asymmetric key exchange. In TR-34 terminology, the sending party
-// of the key is called Key Distribution Host (KDH) and the receiving party of the
-// key is called Key Receiving Device (KRD). During the key import process, KDH is
-// the user who initiates the key import and KRD is Amazon Web Services Payment
-// Cryptography who receives the key. To initiate TR-34 key import, the KDH must
-// obtain an import token by calling GetParametersForImport . This operation
-// generates an encryption keypair for the purpose of key import, signs the key and
-// returns back the wrapping key certificate (also known as KRD wrapping
-// certificate) and the root certificate chain. The KDH must trust and install the
-// KRD wrapping certificate on its HSM and use it to encrypt (wrap) the KDH key
-// during TR-34 WrappedKeyBlock generation. The import token and associated KRD
-// wrapping certificate expires after 7 days. Next the KDH generates a key pair for
-// the purpose of signing the encrypted KDH key and provides the public certificate
-// of the signing key to Amazon Web Services Payment Cryptography. The KDH will
-// also need to import the root certificate chain of the KDH signing certificate by
-// calling ImportKey for RootCertificatePublicKey . For more information on TR-34
-// key import, see section Importing symmetric keys (https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-import.html)
+// To import initial keys (KEK or ZMK or similar) using TR-34 Using this
+// operation, you can import initial key using TR-34 asymmetric key exchange. In
+// TR-34 terminology, the sending party of the key is called Key Distribution Host
+// (KDH) and the receiving party of the key is called Key Receiving Device (KRD).
+// During the key import process, KDH is the user who initiates the key import and
+// KRD is Amazon Web Services Payment Cryptography who receives the key. To
+// initiate TR-34 key import, the KDH must obtain an import token by calling
+// GetParametersForImport . This operation generates an encryption keypair for the
+// purpose of key import, signs the key and returns back the wrapping key
+// certificate (also known as KRD wrapping certificate) and the root certificate
+// chain. The KDH must trust and install the KRD wrapping certificate on its HSM
+// and use it to encrypt (wrap) the KDH key during TR-34 WrappedKeyBlock
+// generation. The import token and associated KRD wrapping certificate expires
+// after 7 days. Next the KDH generates a key pair for the purpose of signing the
+// encrypted KDH key and provides the public certificate of the signing key to
+// Amazon Web Services Payment Cryptography. The KDH will also need to import the
+// root certificate chain of the KDH signing certificate by calling ImportKey for
+// RootCertificatePublicKey . For more information on TR-34 key import, see section
+// Importing symmetric keys (https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-import.html)
// in the Amazon Web Services Payment Cryptography User Guide. Set the following
// parameters:
// - KeyMaterial : Use Tr34KeyBlock parameters.
@@ -92,11 +96,22 @@ import (
// (CertificateAuthorityPublicKeyIdentifier) imported in Amazon Web Services
// Payment Cryptography.
//
-// To import WK (Working Key) using TR-31 Amazon Web Services Payment Cryptography
-// uses TR-31 symmetric key exchange norm to import working keys. A KEK must be
-// established within Amazon Web Services Payment Cryptography by using TR-34 key
-// import or by using CreateKey . To initiate a TR-31 key import, set the following
-// parameters:
+// To import initial keys (KEK or ZMK or similar) using RSA Wrap and Unwrap Using
+// this operation, you can import initial key using asymmetric RSA wrap and unwrap
+// key exchange method. To initiate import, call GetParametersForImport with
+// KeyMaterial set to KEY_CRYPTOGRAM to generate an import token. This operation
+// also generates an encryption keypair for the purpose of key import, signs the
+// key and returns back the wrapping key certificate in PEM format (base64 encoded)
+// and its root certificate chain. The import token and associated KRD wrapping
+// certificate expires after 7 days. You must trust and install the wrapping
+// certificate and its certificate chain on the sending HSM and use it to wrap the
+// key under export for WrappedKeyCryptogram generation. Next call ImportKey with
+// KeyMaterial set to KEY_CRYPTOGRAM and provide the ImportToken and KeyAttributes
+// for the key under import. To import working keys using TR-31 Amazon Web Services
+// Payment Cryptography uses TR-31 symmetric key exchange norm to import working
+// keys. A KEK must be established within Amazon Web Services Payment Cryptography
+// by using TR-34 key import or by using CreateKey . To initiate a TR-31 key
+// import, set the following parameters:
// - KeyMaterial : Use Tr31KeyBlock parameters.
// - WrappedKeyBlock : The TR-31 wrapped key material. It contains the key under
// import, encrypted using KEK. The TR-31 key block is typically generated by a HSM
diff --git a/service/paymentcryptography/go_module_metadata.go b/service/paymentcryptography/go_module_metadata.go
index 90bc2536856..ee2d1b8343f 100644
--- a/service/paymentcryptography/go_module_metadata.go
+++ b/service/paymentcryptography/go_module_metadata.go
@@ -3,4 +3,4 @@
package paymentcryptography
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.6.3"
+const goModuleVersion = "1.7.0"
diff --git a/service/paymentcryptography/serializers.go b/service/paymentcryptography/serializers.go
index 3a5c0e79fbf..7bda5e92bb5 100644
--- a/service/paymentcryptography/serializers.go
+++ b/service/paymentcryptography/serializers.go
@@ -1145,11 +1145,39 @@ func awsAwsjson10_serializeDocumentExportDukptInitialKey(v *types.ExportDukptIni
return nil
}
+func awsAwsjson10_serializeDocumentExportKeyCryptogram(v *types.ExportKeyCryptogram, value smithyjson.Value) error {
+ object := value.Object()
+ defer object.Close()
+
+ if v.CertificateAuthorityPublicKeyIdentifier != nil {
+ ok := object.Key("CertificateAuthorityPublicKeyIdentifier")
+ ok.String(*v.CertificateAuthorityPublicKeyIdentifier)
+ }
+
+ if v.WrappingKeyCertificate != nil {
+ ok := object.Key("WrappingKeyCertificate")
+ ok.String(*v.WrappingKeyCertificate)
+ }
+
+ if len(v.WrappingSpec) > 0 {
+ ok := object.Key("WrappingSpec")
+ ok.String(string(v.WrappingSpec))
+ }
+
+ return nil
+}
+
func awsAwsjson10_serializeDocumentExportKeyMaterial(v types.ExportKeyMaterial, value smithyjson.Value) error {
object := value.Object()
defer object.Close()
switch uv := v.(type) {
+ case *types.ExportKeyMaterialMemberKeyCryptogram:
+ av := object.Key("KeyCryptogram")
+ if err := awsAwsjson10_serializeDocumentExportKeyCryptogram(&uv.Value, av); err != nil {
+ return err
+ }
+
case *types.ExportKeyMaterialMemberTr31KeyBlock:
av := object.Key("Tr31KeyBlock")
if err := awsAwsjson10_serializeDocumentExportTr31KeyBlock(&uv.Value, av); err != nil {
@@ -1213,11 +1241,51 @@ func awsAwsjson10_serializeDocumentExportTr34KeyBlock(v *types.ExportTr34KeyBloc
return nil
}
+func awsAwsjson10_serializeDocumentImportKeyCryptogram(v *types.ImportKeyCryptogram, value smithyjson.Value) error {
+ object := value.Object()
+ defer object.Close()
+
+ if v.Exportable != nil {
+ ok := object.Key("Exportable")
+ ok.Boolean(*v.Exportable)
+ }
+
+ if v.ImportToken != nil {
+ ok := object.Key("ImportToken")
+ ok.String(*v.ImportToken)
+ }
+
+ if v.KeyAttributes != nil {
+ ok := object.Key("KeyAttributes")
+ if err := awsAwsjson10_serializeDocumentKeyAttributes(v.KeyAttributes, ok); err != nil {
+ return err
+ }
+ }
+
+ if v.WrappedKeyCryptogram != nil {
+ ok := object.Key("WrappedKeyCryptogram")
+ ok.String(*v.WrappedKeyCryptogram)
+ }
+
+ if len(v.WrappingSpec) > 0 {
+ ok := object.Key("WrappingSpec")
+ ok.String(string(v.WrappingSpec))
+ }
+
+ return nil
+}
+
func awsAwsjson10_serializeDocumentImportKeyMaterial(v types.ImportKeyMaterial, value smithyjson.Value) error {
object := value.Object()
defer object.Close()
switch uv := v.(type) {
+ case *types.ImportKeyMaterialMemberKeyCryptogram:
+ av := object.Key("KeyCryptogram")
+ if err := awsAwsjson10_serializeDocumentImportKeyCryptogram(&uv.Value, av); err != nil {
+ return err
+ }
+
case *types.ImportKeyMaterialMemberRootCertificatePublicKey:
av := object.Key("RootCertificatePublicKey")
if err := awsAwsjson10_serializeDocumentRootCertificatePublicKey(&uv.Value, av); err != nil {
diff --git a/service/paymentcryptography/types/enums.go b/service/paymentcryptography/types/enums.go
index ef016b25228..09b8d2e646c 100644
--- a/service/paymentcryptography/types/enums.go
+++ b/service/paymentcryptography/types/enums.go
@@ -80,6 +80,7 @@ const (
KeyMaterialTypeTr31KeyBlock KeyMaterialType = "TR31_KEY_BLOCK"
KeyMaterialTypeRootPublicKeyCertificate KeyMaterialType = "ROOT_PUBLIC_KEY_CERTIFICATE"
KeyMaterialTypeTrustedPublicKeyCertificate KeyMaterialType = "TRUSTED_PUBLIC_KEY_CERTIFICATE"
+ KeyMaterialTypeKeyCryptogram KeyMaterialType = "KEY_CRYPTOGRAM"
)
// Values returns all known values for KeyMaterialType. Note that this can be
@@ -91,6 +92,7 @@ func (KeyMaterialType) Values() []KeyMaterialType {
"TR31_KEY_BLOCK",
"ROOT_PUBLIC_KEY_CERTIFICATE",
"TRUSTED_PUBLIC_KEY_CERTIFICATE",
+ "KEY_CRYPTOGRAM",
}
}
@@ -152,6 +154,7 @@ const (
KeyUsageTr31K1KeyBlockProtectionKey KeyUsage = "TR31_K1_KEY_BLOCK_PROTECTION_KEY"
KeyUsageTr31K3AsymmetricKeyForKeyAgreement KeyUsage = "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT"
KeyUsageTr31M3Iso97973MacKey KeyUsage = "TR31_M3_ISO_9797_3_MAC_KEY"
+ KeyUsageTr31M1Iso97971MacKey KeyUsage = "TR31_M1_ISO_9797_1_MAC_KEY"
KeyUsageTr31M6Iso97975CmacKey KeyUsage = "TR31_M6_ISO_9797_5_CMAC_KEY"
KeyUsageTr31M7HmacKey KeyUsage = "TR31_M7_HMAC_KEY"
KeyUsageTr31P0PinEncryptionKey KeyUsage = "TR31_P0_PIN_ENCRYPTION_KEY"
@@ -181,6 +184,7 @@ func (KeyUsage) Values() []KeyUsage {
"TR31_K1_KEY_BLOCK_PROTECTION_KEY",
"TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT",
"TR31_M3_ISO_9797_3_MAC_KEY",
+ "TR31_M1_ISO_9797_1_MAC_KEY",
"TR31_M6_ISO_9797_5_CMAC_KEY",
"TR31_M7_HMAC_KEY",
"TR31_P0_PIN_ENCRYPTION_KEY",
@@ -227,3 +231,21 @@ func (WrappedKeyMaterialFormat) Values() []WrappedKeyMaterialFormat {
"TR34_KEY_BLOCK",
}
}
+
+type WrappingKeySpec string
+
+// Enum values for WrappingKeySpec
+const (
+ WrappingKeySpecRsaOaepSha256 WrappingKeySpec = "RSA_OAEP_SHA_256"
+ WrappingKeySpecRsaOaepSha512 WrappingKeySpec = "RSA_OAEP_SHA_512"
+)
+
+// Values returns all known values for WrappingKeySpec. Note that this can be
+// expanded in the future, and so it is only as up to date as the client. The
+// ordering of this slice is not guaranteed to be stable across updates.
+func (WrappingKeySpec) Values() []WrappingKeySpec {
+ return []WrappingKeySpec{
+ "RSA_OAEP_SHA_256",
+ "RSA_OAEP_SHA_512",
+ }
+}
diff --git a/service/paymentcryptography/types/types.go b/service/paymentcryptography/types/types.go
index ebcad4c60ce..0938d8736d8 100644
--- a/service/paymentcryptography/types/types.go
+++ b/service/paymentcryptography/types/types.go
@@ -54,17 +54,51 @@ type ExportDukptInitialKey struct {
noSmithyDocumentSerde
}
+// Parameter information for key material export using asymmetric RSA wrap and
+// unwrap key exchange method.
+type ExportKeyCryptogram struct {
+
+ // The KeyARN of the certificate chain that signs the wrapping key certificate
+ // during RSA wrap and unwrap key export.
+ //
+ // This member is required.
+ CertificateAuthorityPublicKeyIdentifier *string
+
+ // The wrapping key certificate in PEM format (base64 encoded). Amazon Web
+ // Services Payment Cryptography uses this certificate to wrap the key under
+ // export.
+ //
+ // This member is required.
+ WrappingKeyCertificate *string
+
+ // The wrapping spec for the key under export.
+ WrappingSpec WrappingKeySpec
+
+ noSmithyDocumentSerde
+}
+
// Parameter information for key material export from Amazon Web Services Payment
-// Cryptography using TR-31 or TR-34 key exchange method.
+// Cryptography using TR-31 or TR-34 or RSA wrap and unwrap key exchange method.
//
// The following types satisfy this interface:
//
+// ExportKeyMaterialMemberKeyCryptogram
// ExportKeyMaterialMemberTr31KeyBlock
// ExportKeyMaterialMemberTr34KeyBlock
type ExportKeyMaterial interface {
isExportKeyMaterial()
}
+// Parameter information for key material export using asymmetric RSA wrap and
+// unwrap key exchange method
+type ExportKeyMaterialMemberKeyCryptogram struct {
+ Value ExportKeyCryptogram
+
+ noSmithyDocumentSerde
+}
+
+func (*ExportKeyMaterialMemberKeyCryptogram) isExportKeyMaterial() {}
+
// Parameter information for key material export using symmetric TR-31 key
// exchange method.
type ExportKeyMaterialMemberTr31KeyBlock struct {
@@ -137,11 +171,47 @@ type ExportTr34KeyBlock struct {
noSmithyDocumentSerde
}
+// Parameter information for key material import using asymmetric RSA wrap and
+// unwrap key exchange method.
+type ImportKeyCryptogram struct {
+
+ // Specifies whether the key is exportable from the service.
+ //
+ // This member is required.
+ Exportable *bool
+
+ // The import token that initiates key import using the asymmetric RSA wrap and
+ // unwrap key exchange method into AWS Payment Cryptography. It expires after 7
+ // days. You can use the same import token to import multiple keys to the same
+ // service account.
+ //
+ // This member is required.
+ ImportToken *string
+
+ // The role of the key, the algorithm it supports, and the cryptographic
+ // operations allowed with the key. This data is immutable after the key is
+ // created.
+ //
+ // This member is required.
+ KeyAttributes *KeyAttributes
+
+ // The RSA wrapped key cryptogram under import.
+ //
+ // This member is required.
+ WrappedKeyCryptogram *string
+
+ // The wrapping spec for the wrapped key cryptogram.
+ WrappingSpec WrappingKeySpec
+
+ noSmithyDocumentSerde
+}
+
// Parameter information for key material import into Amazon Web Services Payment
-// Cryptography using TR-31 or TR-34 key exchange method.
+// Cryptography using TR-31 or TR-34 or RSA wrap and unwrap key exchange method.
//
// The following types satisfy this interface:
//
+// ImportKeyMaterialMemberKeyCryptogram
// ImportKeyMaterialMemberRootCertificatePublicKey
// ImportKeyMaterialMemberTr31KeyBlock
// ImportKeyMaterialMemberTr34KeyBlock
@@ -150,6 +220,16 @@ type ImportKeyMaterial interface {
isImportKeyMaterial()
}
+// Parameter information for key material import using asymmetric RSA wrap and
+// unwrap key exchange method.
+type ImportKeyMaterialMemberKeyCryptogram struct {
+ Value ImportKeyCryptogram
+
+ noSmithyDocumentSerde
+}
+
+func (*ImportKeyMaterialMemberKeyCryptogram) isImportKeyMaterial() {}
+
// Parameter information for root public key certificate import.
type ImportKeyMaterialMemberRootCertificatePublicKey struct {
Value RootCertificatePublicKey
diff --git a/service/paymentcryptography/types/types_exported_test.go b/service/paymentcryptography/types/types_exported_test.go
index 9e4d9176db4..ecf3d001390 100644
--- a/service/paymentcryptography/types/types_exported_test.go
+++ b/service/paymentcryptography/types/types_exported_test.go
@@ -11,6 +11,9 @@ func ExampleExportKeyMaterial_outputUsage() {
var union types.ExportKeyMaterial
// type switches can be used to check the union value
switch v := union.(type) {
+ case *types.ExportKeyMaterialMemberKeyCryptogram:
+ _ = v.Value // Value is types.ExportKeyCryptogram
+
case *types.ExportKeyMaterialMemberTr31KeyBlock:
_ = v.Value // Value is types.ExportTr31KeyBlock
@@ -26,6 +29,7 @@ func ExampleExportKeyMaterial_outputUsage() {
}
}
+var _ *types.ExportKeyCryptogram
var _ *types.ExportTr34KeyBlock
var _ *types.ExportTr31KeyBlock
@@ -33,6 +37,9 @@ func ExampleImportKeyMaterial_outputUsage() {
var union types.ImportKeyMaterial
// type switches can be used to check the union value
switch v := union.(type) {
+ case *types.ImportKeyMaterialMemberKeyCryptogram:
+ _ = v.Value // Value is types.ImportKeyCryptogram
+
case *types.ImportKeyMaterialMemberRootCertificatePublicKey:
_ = v.Value // Value is types.RootCertificatePublicKey
@@ -55,6 +62,7 @@ func ExampleImportKeyMaterial_outputUsage() {
}
var _ *types.RootCertificatePublicKey
+var _ *types.ImportKeyCryptogram
var _ *types.TrustedCertificatePublicKey
var _ *types.ImportTr34KeyBlock
var _ *types.ImportTr31KeyBlock
diff --git a/service/paymentcryptography/validators.go b/service/paymentcryptography/validators.go
index 44fd05ba984..2edac7b1474 100644
--- a/service/paymentcryptography/validators.go
+++ b/service/paymentcryptography/validators.go
@@ -474,12 +474,35 @@ func validateExportDukptInitialKey(v *types.ExportDukptInitialKey) error {
}
}
+func validateExportKeyCryptogram(v *types.ExportKeyCryptogram) error {
+ if v == nil {
+ return nil
+ }
+ invalidParams := smithy.InvalidParamsError{Context: "ExportKeyCryptogram"}
+ if v.CertificateAuthorityPublicKeyIdentifier == nil {
+ invalidParams.Add(smithy.NewErrParamRequired("CertificateAuthorityPublicKeyIdentifier"))
+ }
+ if v.WrappingKeyCertificate == nil {
+ invalidParams.Add(smithy.NewErrParamRequired("WrappingKeyCertificate"))
+ }
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ } else {
+ return nil
+ }
+}
+
func validateExportKeyMaterial(v types.ExportKeyMaterial) error {
if v == nil {
return nil
}
invalidParams := smithy.InvalidParamsError{Context: "ExportKeyMaterial"}
switch uv := v.(type) {
+ case *types.ExportKeyMaterialMemberKeyCryptogram:
+ if err := validateExportKeyCryptogram(&uv.Value); err != nil {
+ invalidParams.AddNested("[KeyCryptogram]", err.(smithy.InvalidParamsError))
+ }
+
case *types.ExportKeyMaterialMemberTr31KeyBlock:
if err := validateExportTr31KeyBlock(&uv.Value); err != nil {
invalidParams.AddNested("[Tr31KeyBlock]", err.(smithy.InvalidParamsError))
@@ -537,12 +560,45 @@ func validateExportTr34KeyBlock(v *types.ExportTr34KeyBlock) error {
}
}
+func validateImportKeyCryptogram(v *types.ImportKeyCryptogram) error {
+ if v == nil {
+ return nil
+ }
+ invalidParams := smithy.InvalidParamsError{Context: "ImportKeyCryptogram"}
+ if v.KeyAttributes == nil {
+ invalidParams.Add(smithy.NewErrParamRequired("KeyAttributes"))
+ } else if v.KeyAttributes != nil {
+ if err := validateKeyAttributes(v.KeyAttributes); err != nil {
+ invalidParams.AddNested("KeyAttributes", err.(smithy.InvalidParamsError))
+ }
+ }
+ if v.Exportable == nil {
+ invalidParams.Add(smithy.NewErrParamRequired("Exportable"))
+ }
+ if v.WrappedKeyCryptogram == nil {
+ invalidParams.Add(smithy.NewErrParamRequired("WrappedKeyCryptogram"))
+ }
+ if v.ImportToken == nil {
+ invalidParams.Add(smithy.NewErrParamRequired("ImportToken"))
+ }
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ } else {
+ return nil
+ }
+}
+
func validateImportKeyMaterial(v types.ImportKeyMaterial) error {
if v == nil {
return nil
}
invalidParams := smithy.InvalidParamsError{Context: "ImportKeyMaterial"}
switch uv := v.(type) {
+ case *types.ImportKeyMaterialMemberKeyCryptogram:
+ if err := validateImportKeyCryptogram(&uv.Value); err != nil {
+ invalidParams.AddNested("[KeyCryptogram]", err.(smithy.InvalidParamsError))
+ }
+
case *types.ImportKeyMaterialMemberRootCertificatePublicKey:
if err := validateRootCertificatePublicKey(&uv.Value); err != nil {
invalidParams.AddNested("[RootCertificatePublicKey]", err.(smithy.InvalidParamsError))
diff --git a/service/personalize/CHANGELOG.md b/service/personalize/CHANGELOG.md
index 4f97c2c4eb3..24c37d54655 100644
--- a/service/personalize/CHANGELOG.md
+++ b/service/personalize/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.30.7 (2024-01-16)
+
+* **Documentation**: Documentation updates for Amazon Personalize.
+
# v1.30.6 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/personalize/api_op_CreateCampaign.go b/service/personalize/api_op_CreateCampaign.go
index 0488094d03c..49668a4f703 100644
--- a/service/personalize/api_op_CreateCampaign.go
+++ b/service/personalize/api_op_CreateCampaign.go
@@ -16,22 +16,26 @@ import (
// GetRecommendations (https://docs.aws.amazon.com/personalize/latest/dg/API_RS_GetRecommendations.html)
// and GetPersonalizedRanking (https://docs.aws.amazon.com/personalize/latest/dg/API_RS_GetPersonalizedRanking.html)
// APIs, a campaign is specified in the request. Minimum Provisioned TPS and
-// Auto-Scaling A high minProvisionedTPS will increase your bill. We recommend
+// Auto-Scaling A high minProvisionedTPS will increase your cost. We recommend
// starting with 1 for minProvisionedTPS (the default). Track your usage using
-// Amazon CloudWatch metrics, and increase the minProvisionedTPS as necessary. A
-// transaction is a single GetRecommendations or GetPersonalizedRanking call.
-// Transactions per second (TPS) is the throughput and unit of billing for Amazon
-// Personalize. The minimum provisioned TPS ( minProvisionedTPS ) specifies the
-// baseline throughput provisioned by Amazon Personalize, and thus, the minimum
-// billing charge. If your TPS increases beyond minProvisionedTPS , Amazon
-// Personalize auto-scales the provisioned capacity up and down, but never below
-// minProvisionedTPS . There's a short time delay while the capacity is increased
-// that might cause loss of transactions. The actual TPS used is calculated as the
-// average requests/second within a 5-minute window. You pay for maximum of either
-// the minimum provisioned TPS or the actual TPS. We recommend starting with a low
+// Amazon CloudWatch metrics, and increase the minProvisionedTPS as necessary.
+// When you create an Amazon Personalize campaign, you can specify the minimum
+// provisioned transactions per second ( minProvisionedTPS ) for the campaign. This
+// is the baseline transaction throughput for the campaign provisioned by Amazon
+// Personalize. It sets the minimum billing charge for the campaign while it is
+// active. A transaction is a single GetRecommendations or GetPersonalizedRanking
+// request. The default minProvisionedTPS is 1. If your TPS increases beyond the
+// minProvisionedTPS , Amazon Personalize auto-scales the provisioned capacity up
+// and down, but never below minProvisionedTPS . There's a short time delay while
+// the capacity is increased that might cause loss of transactions. When your
+// traffic reduces, capacity returns to the minProvisionedTPS . You are charged for
+// the the minimum provisioned TPS or, if your requests exceed the
+// minProvisionedTPS , the actual TPS. The actual TPS is the total number of
+// recommendation requests you make. We recommend starting with a low
// minProvisionedTPS , track your usage using Amazon CloudWatch metrics, and then
-// increase the minProvisionedTPS as necessary. Status A campaign can be in one of
-// the following states:
+// increase the minProvisionedTPS as necessary. For more information about
+// campaign costs, see Amazon Personalize pricing (https://aws.amazon.com/personalize/pricing/)
+// . Status A campaign can be in one of the following states:
// - CREATE PENDING > CREATE IN_PROGRESS > ACTIVE -or- CREATE FAILED
// - DELETE PENDING > DELETE IN_PROGRESS
//
diff --git a/service/personalize/api_op_CreateSolution.go b/service/personalize/api_op_CreateSolution.go
index fd056e4b2e5..61749ed07ab 100644
--- a/service/personalize/api_op_CreateSolution.go
+++ b/service/personalize/api_op_CreateSolution.go
@@ -82,8 +82,8 @@ type CreateSolutionInput struct {
// We don't recommend enabling automated machine learning. Instead, match your use
// case to the available Amazon Personalize recipes. For more information, see
- // Determining your use case. (https://docs.aws.amazon.com/personalize/latest/dg/determining-use-case.html)
- // Whether to perform automated machine learning (AutoML). The default is false .
+ // Choosing a recipe (https://docs.aws.amazon.com/personalize/latest/dg/working-with-predefined-recipes.html)
+ // . Whether to perform automated machine learning (AutoML). The default is false .
// For this case, you must specify recipeArn . When set to true , Amazon
// Personalize analyzes your training data and selects the optimal
// USER_PERSONALIZATION recipe and hyperparameters. In this case, you must omit
@@ -97,8 +97,10 @@ type CreateSolutionInput struct {
// is always true and you should not set it to false .
PerformHPO *bool
- // The ARN of the recipe to use for model training. This is required when
- // performAutoML is false.
+ // The Amazon Resource Name (ARN) of the recipe to use for model training. This is
+ // required when performAutoML is false. For information about different Amazon
+ // Personalize recipes and their ARNs, see Choosing a recipe (https://docs.aws.amazon.com/personalize/latest/dg/working-with-predefined-recipes.html)
+ // .
RecipeArn *string
// The configuration to use with the solution. When performAutoML is set to true,
diff --git a/service/personalize/go_module_metadata.go b/service/personalize/go_module_metadata.go
index 5f942bead5d..5441d94605c 100644
--- a/service/personalize/go_module_metadata.go
+++ b/service/personalize/go_module_metadata.go
@@ -3,4 +3,4 @@
package personalize
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.30.6"
+const goModuleVersion = "1.30.7"
diff --git a/service/personalize/types/types.go b/service/personalize/types/types.go
index 02dff214cc1..9abcf5a0faa 100644
--- a/service/personalize/types/types.go
+++ b/service/personalize/types/types.go
@@ -378,8 +378,10 @@ type CampaignConfig struct {
// Whether metadata with recommendations is enabled for the campaign. If enabled,
// you can specify the columns from your Items dataset in your request for
// recommendations. Amazon Personalize returns this data for each item in the
- // recommendation response. If you enable metadata in recommendations, you will
- // incur additional costs. For more information, see Amazon Personalize pricing (https://aws.amazon.com/personalize/pricing/)
+ // recommendation response. For information about enabling metadata for a campaign,
+ // see Enabling metadata in recommendations for a campaign (https://docs.aws.amazon.com/personalize/latest/dg/campaigns.html#create-campaign-return-metadata)
+ // . If you enable metadata in recommendations, you will incur additional costs.
+ // For more information, see Amazon Personalize pricing (https://aws.amazon.com/personalize/pricing/)
// .
EnableMetadataWithRecommendations *bool
@@ -1442,8 +1444,10 @@ type RecommenderConfig struct {
// Whether metadata with recommendations is enabled for the recommender. If
// enabled, you can specify the columns from your Items dataset in your request for
// recommendations. Amazon Personalize returns this data for each item in the
- // recommendation response. If you enable metadata in recommendations, you will
- // incur additional costs. For more information, see Amazon Personalize pricing (https://aws.amazon.com/personalize/pricing/)
+ // recommendation response. For information about enabling metadata for a
+ // recommender, see Enabling metadata in recommendations for a recommender (https://docs.aws.amazon.com/personalize/latest/dg/creating-recommenders.html#create-recommender-return-metadata)
+ // . If you enable metadata in recommendations, you will incur additional costs.
+ // For more information, see Amazon Personalize pricing (https://aws.amazon.com/personalize/pricing/)
// .
EnableMetadataWithRecommendations *bool
diff --git a/service/personalizeruntime/CHANGELOG.md b/service/personalizeruntime/CHANGELOG.md
index 4447be2e881..f5fb3246701 100644
--- a/service/personalizeruntime/CHANGELOG.md
+++ b/service/personalizeruntime/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.20.7 (2024-01-16)
+
+* **Documentation**: Documentation updates for Amazon Personalize
+
# v1.20.6 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/personalizeruntime/api_op_GetPersonalizedRanking.go b/service/personalizeruntime/api_op_GetPersonalizedRanking.go
index aa32de59d19..577614a6447 100644
--- a/service/personalizeruntime/api_op_GetPersonalizedRanking.go
+++ b/service/personalizeruntime/api_op_GetPersonalizedRanking.go
@@ -81,7 +81,7 @@ type GetPersonalizedRankingInput struct {
// personalized ranking. The map key is ITEMS and the value is a list of column
// names from your Items dataset. The maximum number of columns you can provide is
// 10. For information about enabling metadata for a campaign, see Enabling
- // metadata in recommendations for a campaign (https://docs.aws.amazon.com/personalize/latest/dg/create-campaign-return-metadata.html)
+ // metadata in recommendations for a campaign (https://docs.aws.amazon.com/personalize/latest/dg/campaigns.html#create-campaign-return-metadata)
// .
MetadataColumns map[string][]string
diff --git a/service/personalizeruntime/api_op_GetRecommendations.go b/service/personalizeruntime/api_op_GetRecommendations.go
index a5deb52f6c3..35d5669a841 100644
--- a/service/personalizeruntime/api_op_GetRecommendations.go
+++ b/service/personalizeruntime/api_op_GetRecommendations.go
@@ -77,9 +77,9 @@ type GetRecommendationsInput struct {
// include in item recommendations. The map key is ITEMS and the value is a list
// of column names from your Items dataset. The maximum number of columns you can
// provide is 10. For information about enabling metadata for a campaign, see
- // Enabling metadata in recommendations for a campaign (https://docs.aws.amazon.com/personalize/latest/dg/create-campaign-return-metadata.html)
+ // Enabling metadata in recommendations for a campaign (https://docs.aws.amazon.com/personalize/latest/dg/campaigns.html#create-campaign-return-metadata)
// . For information about enabling metadata for a recommender, see Enabling
- // metadata in recommendations for a recommender (https://docs.aws.amazon.com/personalize/latest/dg/create-recommender-return-metadata.html)
+ // metadata in recommendations for a recommender (https://docs.aws.amazon.com/personalize/latest/dg/creating-recommenders.html#create-recommender-return-metadata)
// .
MetadataColumns map[string][]string
diff --git a/service/personalizeruntime/go_module_metadata.go b/service/personalizeruntime/go_module_metadata.go
index 7e7737ca159..705c74eea8b 100644
--- a/service/personalizeruntime/go_module_metadata.go
+++ b/service/personalizeruntime/go_module_metadata.go
@@ -3,4 +3,4 @@
package personalizeruntime
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.20.6"
+const goModuleVersion = "1.20.7"
diff --git a/service/qconnect/CHANGELOG.md b/service/qconnect/CHANGELOG.md
index 1a8f62050e1..6f2ed77b56a 100644
--- a/service/qconnect/CHANGELOG.md
+++ b/service/qconnect/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.3.0 (2024-01-10)
+
+* **Feature**: QueryAssistant and GetRecommendations will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications.
+
# v1.2.4 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/qconnect/api_op_GetRecommendations.go b/service/qconnect/api_op_GetRecommendations.go
index 848611c979d..37b8a9463ca 100644
--- a/service/qconnect/api_op_GetRecommendations.go
+++ b/service/qconnect/api_op_GetRecommendations.go
@@ -18,6 +18,11 @@ import (
// Short poll is the default behavior and only returns recommendations already
// available. To perform a manual query against an assistant, use QueryAssistant (https://docs.aws.amazon.com/amazon-q-connect/latest/APIReference/API_QueryAssistant.html)
// .
+//
+// Deprecated: GetRecommendations API will be discontinued starting June 1, 2024.
+// To receive generative responses after March 1, 2024 you will need to create a
+// new Assistant in the Connect console and integrate the Amazon Q in Connect
+// JavaScript library (amazon-q-connectjs) into your applications.
func (c *Client) GetRecommendations(ctx context.Context, params *GetRecommendationsInput, optFns ...func(*Options)) (*GetRecommendationsOutput, error) {
if params == nil {
params = &GetRecommendationsInput{}
diff --git a/service/qconnect/api_op_QueryAssistant.go b/service/qconnect/api_op_QueryAssistant.go
index 858b273286c..07d31753efe 100644
--- a/service/qconnect/api_op_QueryAssistant.go
+++ b/service/qconnect/api_op_QueryAssistant.go
@@ -15,6 +15,11 @@ import (
// Performs a manual search against the specified assistant. To retrieve
// recommendations for an assistant, use GetRecommendations (https://docs.aws.amazon.com/amazon-q-connect/latest/APIReference/API_GetRecommendations.html)
// .
+//
+// Deprecated: QueryAssistant API will be discontinued starting June 1, 2024. To
+// receive generative responses after March 1, 2024 you will need to create a new
+// Assistant in the Connect console and integrate the Amazon Q in Connect
+// JavaScript library (amazon-q-connectjs) into your applications.
func (c *Client) QueryAssistant(ctx context.Context, params *QueryAssistantInput, optFns ...func(*Options)) (*QueryAssistantOutput, error) {
if params == nil {
params = &QueryAssistantInput{}
diff --git a/service/qconnect/go_module_metadata.go b/service/qconnect/go_module_metadata.go
index 8d69dc9145d..3a071891471 100644
--- a/service/qconnect/go_module_metadata.go
+++ b/service/qconnect/go_module_metadata.go
@@ -3,4 +3,4 @@
package qconnect
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.2.4"
+const goModuleVersion = "1.3.0"
diff --git a/service/redshiftserverless/CHANGELOG.md b/service/redshiftserverless/CHANGELOG.md
index 791b5953f5a..d3c0b952e94 100644
--- a/service/redshiftserverless/CHANGELOG.md
+++ b/service/redshiftserverless/CHANGELOG.md
@@ -1,3 +1,11 @@
+# v1.15.7 (2024-01-10)
+
+* **Documentation**: Updates to ConfigParameter for RSS workgroup, removal of use_fips_ssl
+
+# v1.15.6 (2024-01-05)
+
+* **Documentation**: use_fips_ssl and require_ssl parameter support for Workgroup, UpdateWorkgroup, and CreateWorkgroup
+
# v1.15.5 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/redshiftserverless/api_op_CreateWorkgroup.go b/service/redshiftserverless/api_op_CreateWorkgroup.go
index c41b7d77d90..ab844060bd9 100644
--- a/service/redshiftserverless/api_op_CreateWorkgroup.go
+++ b/service/redshiftserverless/api_op_CreateWorkgroup.go
@@ -46,10 +46,10 @@ type CreateWorkgroupInput struct {
// An array of parameters to set for advanced control over a database. The options
// are auto_mv , datestyle , enable_case_sensitive_identifier ,
- // enable_user_activity_logging , query_group , search_path , and query monitoring
- // metrics that let you define performance boundaries. For more information about
- // query monitoring rules and available metrics, see Query monitoring metrics for
- // Amazon Redshift Serverless (https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless)
+ // enable_user_activity_logging , query_group , search_path , require_ssl , and
+ // query monitoring metrics that let you define performance boundaries. For more
+ // information about query monitoring rules and available metrics, see Query
+ // monitoring metrics for Amazon Redshift Serverless (https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless)
// .
ConfigParameters []types.ConfigParameter
diff --git a/service/redshiftserverless/api_op_UpdateWorkgroup.go b/service/redshiftserverless/api_op_UpdateWorkgroup.go
index c595ed088dd..53728587a4a 100644
--- a/service/redshiftserverless/api_op_UpdateWorkgroup.go
+++ b/service/redshiftserverless/api_op_UpdateWorkgroup.go
@@ -43,10 +43,10 @@ type UpdateWorkgroupInput struct {
// An array of parameters to set for advanced control over a database. The options
// are auto_mv , datestyle , enable_case_sensitive_identifier ,
- // enable_user_activity_logging , query_group , search_path , and query monitoring
- // metrics that let you define performance boundaries. For more information about
- // query monitoring rules and available metrics, see Query monitoring metrics for
- // Amazon Redshift Serverless (https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless)
+ // enable_user_activity_logging , query_group , search_path , require_ssl , and
+ // query monitoring metrics that let you define performance boundaries. For more
+ // information about query monitoring rules and available metrics, see Query
+ // monitoring metrics for Amazon Redshift Serverless (https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless)
// .
ConfigParameters []types.ConfigParameter
diff --git a/service/redshiftserverless/go_module_metadata.go b/service/redshiftserverless/go_module_metadata.go
index 06b5ebd3fcc..6bcbd215ddc 100644
--- a/service/redshiftserverless/go_module_metadata.go
+++ b/service/redshiftserverless/go_module_metadata.go
@@ -3,4 +3,4 @@
package redshiftserverless
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.15.5"
+const goModuleVersion = "1.15.7"
diff --git a/service/redshiftserverless/types/types.go b/service/redshiftserverless/types/types.go
index acf3cee37e1..4a2926ad5fd 100644
--- a/service/redshiftserverless/types/types.go
+++ b/service/redshiftserverless/types/types.go
@@ -31,9 +31,9 @@ type ConfigParameter struct {
// The key of the parameter. The options are auto_mv , datestyle ,
// enable_case_sensitive_identifier , enable_user_activity_logging , query_group ,
- // search_path , and query monitoring metrics that let you define performance
- // boundaries. For more information about query monitoring rules and available
- // metrics, see Query monitoring metrics for Amazon Redshift Serverless (https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless)
+ // search_path , require_ssl , and query monitoring metrics that let you define
+ // performance boundaries. For more information about query monitoring rules and
+ // available metrics, see Query monitoring metrics for Amazon Redshift Serverless (https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless)
// .
ParameterKey *string
@@ -598,10 +598,10 @@ type Workgroup struct {
// An array of parameters to set for advanced control over a database. The options
// are auto_mv , datestyle , enable_case_sensitive_identifier ,
- // enable_user_activity_logging , query_group , search_path , and query monitoring
- // metrics that let you define performance boundaries. For more information about
- // query monitoring rules and available metrics, see Query monitoring metrics for
- // Amazon Redshift Serverless (https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless)
+ // enable_user_activity_logging , query_group , search_path , require_ssl , and
+ // query monitoring metrics that let you define performance boundaries. For more
+ // information about query monitoring rules and available metrics, see Query
+ // monitoring metrics for Amazon Redshift Serverless (https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless)
// .
ConfigParameters []ConfigParameter
diff --git a/service/rekognition/CHANGELOG.md b/service/rekognition/CHANGELOG.md
index 8043edd8950..f09c6ad07f6 100644
--- a/service/rekognition/CHANGELOG.md
+++ b/service/rekognition/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.36.0 (2024-01-16)
+
+* **Feature**: This release adds ContentType and TaxonomyLevel attributes to DetectModerationLabels and GetMediaAnalysisJob API responses.
+
# v1.35.6 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/rekognition/api_op_AssociateFaces.go b/service/rekognition/api_op_AssociateFaces.go
index 919b93054c9..260e5a78e7c 100644
--- a/service/rekognition/api_op_AssociateFaces.go
+++ b/service/rekognition/api_op_AssociateFaces.go
@@ -81,9 +81,9 @@ type AssociateFacesInput struct {
type AssociateFacesOutput struct {
- // An array of AssociatedFace objects containing FaceIDs that are successfully
- // associated with the UserID is returned. Returned if the AssociateFaces action is
- // successful.
+ // An array of AssociatedFace objects containing FaceIDs that have been
+ // successfully associated with the UserID. Returned if the AssociateFaces action
+ // is successful.
AssociatedFaces []types.AssociatedFace
// An array of UnsuccessfulAssociation objects containing FaceIDs that are not
diff --git a/service/rekognition/api_op_DetectCustomLabels.go b/service/rekognition/api_op_DetectCustomLabels.go
index 17717d59e27..c0c98a3d85a 100644
--- a/service/rekognition/api_op_DetectCustomLabels.go
+++ b/service/rekognition/api_op_DetectCustomLabels.go
@@ -23,23 +23,25 @@ import (
// CustomLabel ) object in an array ( CustomLabels ). Each CustomLabel object
// provides the label name ( Name ), the level of confidence that the image
// contains the object ( Confidence ), and object location information, if it
-// exists, for the label on the image ( Geometry ). To filter labels that are
-// returned, specify a value for MinConfidence . DetectCustomLabelsLabels only
-// returns labels with a confidence that's higher than the specified value. The
-// value of MinConfidence maps to the assumed threshold values created during
-// training. For more information, see Assumed threshold in the Amazon Rekognition
-// Custom Labels Developer Guide. Amazon Rekognition Custom Labels metrics
-// expresses an assumed threshold as a floating point value between 0-1. The range
-// of MinConfidence normalizes the threshold value to a percentage value (0-100).
-// Confidence responses from DetectCustomLabels are also returned as a percentage.
-// You can use MinConfidence to change the precision and recall or your model. For
-// more information, see Analyzing an image in the Amazon Rekognition Custom Labels
-// Developer Guide. If you don't specify a value for MinConfidence ,
-// DetectCustomLabels returns labels based on the assumed threshold of each label.
-// This is a stateless API operation. That is, the operation does not persist any
-// data. This operation requires permissions to perform the
-// rekognition:DetectCustomLabels action. For more information, see Analyzing an
-// image in the Amazon Rekognition Custom Labels Developer Guide.
+// exists, for the label on the image ( Geometry ). Note that for the
+// DetectCustomLabelsLabels operation, Polygons are not returned in the Geometry
+// section of the response. To filter labels that are returned, specify a value for
+// MinConfidence . DetectCustomLabelsLabels only returns labels with a confidence
+// that's higher than the specified value. The value of MinConfidence maps to the
+// assumed threshold values created during training. For more information, see
+// Assumed threshold in the Amazon Rekognition Custom Labels Developer Guide.
+// Amazon Rekognition Custom Labels metrics expresses an assumed threshold as a
+// floating point value between 0-1. The range of MinConfidence normalizes the
+// threshold value to a percentage value (0-100). Confidence responses from
+// DetectCustomLabels are also returned as a percentage. You can use MinConfidence
+// to change the precision and recall or your model. For more information, see
+// Analyzing an image in the Amazon Rekognition Custom Labels Developer Guide. If
+// you don't specify a value for MinConfidence , DetectCustomLabels returns labels
+// based on the assumed threshold of each label. This is a stateless API operation.
+// That is, the operation does not persist any data. This operation requires
+// permissions to perform the rekognition:DetectCustomLabels action. For more
+// information, see Analyzing an image in the Amazon Rekognition Custom Labels
+// Developer Guide.
func (c *Client) DetectCustomLabels(ctx context.Context, params *DetectCustomLabelsInput, optFns ...func(*Options)) (*DetectCustomLabelsOutput, error) {
if params == nil {
params = &DetectCustomLabelsInput{}
diff --git a/service/rekognition/api_op_DetectModerationLabels.go b/service/rekognition/api_op_DetectModerationLabels.go
index d9f17923bf2..19738d8cc92 100644
--- a/service/rekognition/api_op_DetectModerationLabels.go
+++ b/service/rekognition/api_op_DetectModerationLabels.go
@@ -69,6 +69,10 @@ type DetectModerationLabelsInput struct {
type DetectModerationLabelsOutput struct {
+ // A list of predicted results for the type of content an image contains. For
+ // example, the image content might be from animation, sports, or a video game.
+ ContentTypes []types.ContentType
+
// Shows the results of the human in the loop evaluation.
HumanLoopActivationOutput *types.HumanLoopActivationOutput
diff --git a/service/rekognition/deserializers.go b/service/rekognition/deserializers.go
index b8af78beb1d..1232abd061a 100644
--- a/service/rekognition/deserializers.go
+++ b/service/rekognition/deserializers.go
@@ -12360,6 +12360,114 @@ func awsAwsjson11_deserializeDocumentContentModerationDetections(v *[]types.Cont
return nil
}
+func awsAwsjson11_deserializeDocumentContentType(v **types.ContentType, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.(map[string]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var sv *types.ContentType
+ if *v == nil {
+ sv = &types.ContentType{}
+ } else {
+ sv = *v
+ }
+
+ for key, value := range shape {
+ switch key {
+ case "Confidence":
+ if value != nil {
+ switch jtv := value.(type) {
+ case json.Number:
+ f64, err := jtv.Float64()
+ if err != nil {
+ return err
+ }
+ sv.Confidence = ptr.Float32(float32(f64))
+
+ case string:
+ var f64 float64
+ switch {
+ case strings.EqualFold(jtv, "NaN"):
+ f64 = math.NaN()
+
+ case strings.EqualFold(jtv, "Infinity"):
+ f64 = math.Inf(1)
+
+ case strings.EqualFold(jtv, "-Infinity"):
+ f64 = math.Inf(-1)
+
+ default:
+ return fmt.Errorf("unknown JSON number value: %s", jtv)
+
+ }
+ sv.Confidence = ptr.Float32(float32(f64))
+
+ default:
+ return fmt.Errorf("expected Percent to be a JSON Number, got %T instead", value)
+
+ }
+ }
+
+ case "Name":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected String to be of type string, got %T instead", value)
+ }
+ sv.Name = ptr.String(jtv)
+ }
+
+ default:
+ _, _ = key, value
+
+ }
+ }
+ *v = sv
+ return nil
+}
+
+func awsAwsjson11_deserializeDocumentContentTypes(v *[]types.ContentType, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.([]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var cv []types.ContentType
+ if *v == nil {
+ cv = []types.ContentType{}
+ } else {
+ cv = *v
+ }
+
+ for _, value := range shape {
+ var col types.ContentType
+ destAddr := &col
+ if err := awsAwsjson11_deserializeDocumentContentType(&destAddr, value); err != nil {
+ return err
+ }
+ col = *destAddr
+ cv = append(cv, col)
+
+ }
+ *v = cv
+ return nil
+}
+
func awsAwsjson11_deserializeDocumentCoversBodyPart(v **types.CoversBodyPart, value interface{}) error {
if v == nil {
return fmt.Errorf("unexpected nil of type %T", v)
@@ -17353,6 +17461,46 @@ func awsAwsjson11_deserializeDocumentMediaAnalysisManifestSummary(v **types.Medi
return nil
}
+func awsAwsjson11_deserializeDocumentMediaAnalysisModelVersions(v **types.MediaAnalysisModelVersions, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.(map[string]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var sv *types.MediaAnalysisModelVersions
+ if *v == nil {
+ sv = &types.MediaAnalysisModelVersions{}
+ } else {
+ sv = *v
+ }
+
+ for key, value := range shape {
+ switch key {
+ case "Moderation":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected String to be of type string, got %T instead", value)
+ }
+ sv.Moderation = ptr.String(jtv)
+ }
+
+ default:
+ _, _ = key, value
+
+ }
+ }
+ *v = sv
+ return nil
+}
+
func awsAwsjson11_deserializeDocumentMediaAnalysisOperationsConfig(v **types.MediaAnalysisOperationsConfig, value interface{}) error {
if v == nil {
return fmt.Errorf("unexpected nil of type %T", v)
@@ -17460,6 +17608,11 @@ func awsAwsjson11_deserializeDocumentMediaAnalysisResults(v **types.MediaAnalysi
for key, value := range shape {
switch key {
+ case "ModelVersions":
+ if err := awsAwsjson11_deserializeDocumentMediaAnalysisModelVersions(&sv.ModelVersions, value); err != nil {
+ return err
+ }
+
case "S3Object":
if err := awsAwsjson11_deserializeDocumentS3Object(&sv.S3Object, value); err != nil {
return err
@@ -17548,6 +17701,19 @@ func awsAwsjson11_deserializeDocumentModerationLabel(v **types.ModerationLabel,
sv.ParentName = ptr.String(jtv)
}
+ case "TaxonomyLevel":
+ if value != nil {
+ jtv, ok := value.(json.Number)
+ if !ok {
+ return fmt.Errorf("expected UInteger to be json.Number, got %T instead", value)
+ }
+ i64, err := jtv.Int64()
+ if err != nil {
+ return err
+ }
+ sv.TaxonomyLevel = ptr.Int32(int32(i64))
+ }
+
default:
_, _ = key, value
@@ -23632,6 +23798,11 @@ func awsAwsjson11_deserializeOpDocumentDetectModerationLabelsOutput(v **DetectMo
for key, value := range shape {
switch key {
+ case "ContentTypes":
+ if err := awsAwsjson11_deserializeDocumentContentTypes(&sv.ContentTypes, value); err != nil {
+ return err
+ }
+
case "HumanLoopActivationOutput":
if err := awsAwsjson11_deserializeDocumentHumanLoopActivationOutput(&sv.HumanLoopActivationOutput, value); err != nil {
return err
diff --git a/service/rekognition/doc.go b/service/rekognition/doc.go
index 0d440614d06..629bf5bc509 100644
--- a/service/rekognition/doc.go
+++ b/service/rekognition/doc.go
@@ -24,8 +24,10 @@
// - DetectText (https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DetectText.html)
// - DisassociateFaces (https://docs.aws.amazon.com/rekognition/latest/APIReference/API_DisassociateFaces.html)
// - GetCelebrityInfo (https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetCelebrityInfo.html)
+// - GetMediaAnalysisJob (https://docs.aws.amazon.com/rekognition/latest/APIReference/API_GetMediaAnalysisJob.html)
// - IndexFaces (https://docs.aws.amazon.com/rekognition/latest/APIReference/API_IndexFaces.html)
// - ListCollections (https://docs.aws.amazon.com/rekognition/latest/APIReference/API_ListCollections.html)
+// - ListMediaAnalysisJob (https://docs.aws.amazon.com/rekognition/latest/APIReference/API_ListMediaAnalysisJob.html)
// - ListFaces (https://docs.aws.amazon.com/rekognition/latest/APIReference/API_ListFaces.html)
// - ListUsers (https://docs.aws.amazon.com/rekognition/latest/APIReference/API_ListFaces.html)
// - RecognizeCelebrities (https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RecognizeCelebrities.html)
@@ -33,6 +35,7 @@
// - SearchFacesByImage (https://docs.aws.amazon.com/rekognition/latest/APIReference/API_SearchFacesByImage.html)
// - SearchUsers (https://docs.aws.amazon.com/rekognition/latest/APIReference/API_SearchUsers.html)
// - SearchUsersByImage (https://docs.aws.amazon.com/rekognition/latest/APIReference/API_SearchUsersByImage.html)
+// - StartMediaAnalysisJob (https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StartMediaAnalysisJob.html)
//
// Amazon Rekognition Custom Labels
// - CopyProjectVersion (https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CopyProjectVersion.html)
diff --git a/service/rekognition/go_module_metadata.go b/service/rekognition/go_module_metadata.go
index 389b0160780..39de5eda1b2 100644
--- a/service/rekognition/go_module_metadata.go
+++ b/service/rekognition/go_module_metadata.go
@@ -3,4 +3,4 @@
package rekognition
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.35.6"
+const goModuleVersion = "1.36.0"
diff --git a/service/rekognition/types/types.go b/service/rekognition/types/types.go
index f295befca8e..581993583a6 100644
--- a/service/rekognition/types/types.go
+++ b/service/rekognition/types/types.go
@@ -377,6 +377,19 @@ type ContentModerationDetection struct {
noSmithyDocumentSerde
}
+// Contains information regarding the confidence and name of a detected content
+// type.
+type ContentType struct {
+
+ // The confidence level of the label given
+ Confidence *float32
+
+ // The name of the label
+ Name *string
+
+ noSmithyDocumentSerde
+}
+
// Information about an item of Personal Protective Equipment covering a
// corresponding body part. For more information, see DetectProtectiveEquipment .
type CoversBodyPart struct {
@@ -1583,6 +1596,16 @@ type MediaAnalysisManifestSummary struct {
noSmithyDocumentSerde
}
+// Object containing information about the model versions of selected features in
+// a given job.
+type MediaAnalysisModelVersions struct {
+
+ // The Moderation base model version.
+ Moderation *string
+
+ noSmithyDocumentSerde
+}
+
// Configuration options for a media analysis job. Configuration is
// operation-specific.
type MediaAnalysisOperationsConfig struct {
@@ -1612,6 +1635,9 @@ type MediaAnalysisOutputConfig struct {
// StartMediaAnalysisJob.
type MediaAnalysisResults struct {
+ // Information about the model versions for the features selected in a given job.
+ ModelVersions *MediaAnalysisModelVersions
+
// Provides the S3 bucket name and object name. The region for the S3 bucket
// containing the S3 object must match the region you use for Amazon Rekognition
// operations. For Amazon Rekognition to process an S3 object, the user must have
@@ -1641,6 +1667,9 @@ type ModerationLabel struct {
// the parent label "" .
ParentName *string
+ // The level of the moderation label with regard to its taxonomy, from 1 to 3.
+ TaxonomyLevel *int32
+
noSmithyDocumentSerde
}
diff --git a/service/route53/CHANGELOG.md b/service/route53/CHANGELOG.md
index 803fa00973b..7ac49b10234 100644
--- a/service/route53/CHANGELOG.md
+++ b/service/route53/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.37.0 (2024-01-10)
+
+* **Feature**: Route53 now supports geoproximity routing in AWS regions
+
# v1.36.1 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/route53/api_op_GetDNSSEC.go b/service/route53/api_op_GetDNSSEC.go
index 47419158b6f..46b910f2086 100644
--- a/service/route53/api_op_GetDNSSEC.go
+++ b/service/route53/api_op_GetDNSSEC.go
@@ -46,7 +46,7 @@ type GetDNSSECOutput struct {
// This member is required.
KeySigningKeys []types.KeySigningKey
- // A string repesenting the status of DNSSEC.
+ // A string representing the status of DNSSEC.
//
// This member is required.
Status *types.DNSSECStatus
diff --git a/service/route53/api_op_GetGeoLocation.go b/service/route53/api_op_GetGeoLocation.go
index 4111876e974..2fbdfafb24e 100644
--- a/service/route53/api_op_GetGeoLocation.go
+++ b/service/route53/api_op_GetGeoLocation.go
@@ -56,7 +56,7 @@ type GetGeoLocationInput struct {
// Amazon Route 53 uses the two-letter country codes that are specified in ISO
// standard 3166-1 alpha-2 (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .
- // Route 53 also supports the contry code UA forr Ukraine.
+ // Route 53 also supports the country code UA for Ukraine.
CountryCode *string
// The code for the subdivision, such as a particular state within the United
diff --git a/service/route53/api_op_UpdateHealthCheck.go b/service/route53/api_op_UpdateHealthCheck.go
index e1ad41a1201..060e8d69aec 100644
--- a/service/route53/api_op_UpdateHealthCheck.go
+++ b/service/route53/api_op_UpdateHealthCheck.go
@@ -118,16 +118,19 @@ type UpdateHealthCheckInput struct {
// , Route 53 sends a DNS request to the domain that you specify in
// FullyQualifiedDomainName at the interval you specify in RequestInterval . Using
// an IPv4 address that is returned by DNS, Route 53 then checks the health of the
- // endpoint. If you don't specify a value for IPAddress , Route 53 uses only IPv4
- // to send health checks to the endpoint. If there's no resource record set with a
- // type of A for the name that you specify for FullyQualifiedDomainName , the
- // health check fails with a "DNS resolution failed" error. If you want to check
- // the health of weighted, latency, or failover resource record sets and you choose
- // to specify the endpoint only by FullyQualifiedDomainName , we recommend that you
- // create a separate health check for each endpoint. For example, create a health
- // check for each HTTP server that is serving content for www.example.com. For the
- // value of FullyQualifiedDomainName , specify the domain name of the server (such
- // as us-east-2-www.example.com ), not the name of the resource record sets
+ // endpoint. If you don't specify a value for IPAddress , you can’t update the
+ // health check to remove the FullyQualifiedDomainName ; if you don’t specify a
+ // value for IPAddress on creation, a FullyQualifiedDomainName is required. If you
+ // don't specify a value for IPAddress , Route 53 uses only IPv4 to send health
+ // checks to the endpoint. If there's no resource record set with a type of A for
+ // the name that you specify for FullyQualifiedDomainName , the health check fails
+ // with a "DNS resolution failed" error. If you want to check the health of
+ // weighted, latency, or failover resource record sets and you choose to specify
+ // the endpoint only by FullyQualifiedDomainName , we recommend that you create a
+ // separate health check for each endpoint. For example, create a health check for
+ // each HTTP server that is serving content for www.example.com. For the value of
+ // FullyQualifiedDomainName , specify the domain name of the server (such as
+ // us-east-2-www.example.com ), not the name of the resource record sets
// (www.example.com). In this configuration, if the value of
// FullyQualifiedDomainName matches the name of the resource record sets and you
// then associate the health check with those resource record sets, health check
diff --git a/service/route53/deserializers.go b/service/route53/deserializers.go
index 2b17215a862..f0446c8c49c 100644
--- a/service/route53/deserializers.go
+++ b/service/route53/deserializers.go
@@ -15185,6 +15185,68 @@ func awsRestxml_deserializeDocumentConflictingTypes(v **types.ConflictingTypes,
return nil
}
+func awsRestxml_deserializeDocumentCoordinates(v **types.Coordinates, decoder smithyxml.NodeDecoder) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ var sv *types.Coordinates
+ if *v == nil {
+ sv = &types.Coordinates{}
+ } else {
+ sv = *v
+ }
+
+ for {
+ t, done, err := decoder.Token()
+ if err != nil {
+ return err
+ }
+ if done {
+ break
+ }
+ originalDecoder := decoder
+ decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t)
+ switch {
+ case strings.EqualFold("Latitude", t.Name.Local):
+ val, err := decoder.Value()
+ if err != nil {
+ return err
+ }
+ if val == nil {
+ break
+ }
+ {
+ xtv := string(val)
+ sv.Latitude = ptr.String(xtv)
+ }
+
+ case strings.EqualFold("Longitude", t.Name.Local):
+ val, err := decoder.Value()
+ if err != nil {
+ return err
+ }
+ if val == nil {
+ break
+ }
+ {
+ xtv := string(val)
+ sv.Longitude = ptr.String(xtv)
+ }
+
+ default:
+ // Do nothing and ignore the unexpected tag element
+ err = decoder.Decoder.Skip()
+ if err != nil {
+ return err
+ }
+
+ }
+ decoder = originalDecoder
+ }
+ *v = sv
+ return nil
+}
+
func awsRestxml_deserializeDocumentDelegationSet(v **types.DelegationSet, decoder smithyxml.NodeDecoder) error {
if v == nil {
return fmt.Errorf("unexpected nil of type %T", v)
@@ -16224,6 +16286,91 @@ func awsRestxml_deserializeDocumentGeoLocationDetailsListUnwrapped(v *[]types.Ge
*v = sv
return nil
}
+func awsRestxml_deserializeDocumentGeoProximityLocation(v **types.GeoProximityLocation, decoder smithyxml.NodeDecoder) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ var sv *types.GeoProximityLocation
+ if *v == nil {
+ sv = &types.GeoProximityLocation{}
+ } else {
+ sv = *v
+ }
+
+ for {
+ t, done, err := decoder.Token()
+ if err != nil {
+ return err
+ }
+ if done {
+ break
+ }
+ originalDecoder := decoder
+ decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t)
+ switch {
+ case strings.EqualFold("AWSRegion", t.Name.Local):
+ val, err := decoder.Value()
+ if err != nil {
+ return err
+ }
+ if val == nil {
+ break
+ }
+ {
+ xtv := string(val)
+ sv.AWSRegion = ptr.String(xtv)
+ }
+
+ case strings.EqualFold("Bias", t.Name.Local):
+ val, err := decoder.Value()
+ if err != nil {
+ return err
+ }
+ if val == nil {
+ break
+ }
+ {
+ xtv := string(val)
+ i64, err := strconv.ParseInt(xtv, 10, 64)
+ if err != nil {
+ return err
+ }
+ sv.Bias = ptr.Int32(int32(i64))
+ }
+
+ case strings.EqualFold("Coordinates", t.Name.Local):
+ nodeDecoder := smithyxml.WrapNodeDecoder(decoder.Decoder, t)
+ if err := awsRestxml_deserializeDocumentCoordinates(&sv.Coordinates, nodeDecoder); err != nil {
+ return err
+ }
+
+ case strings.EqualFold("LocalZoneGroup", t.Name.Local):
+ val, err := decoder.Value()
+ if err != nil {
+ return err
+ }
+ if val == nil {
+ break
+ }
+ {
+ xtv := string(val)
+ sv.LocalZoneGroup = ptr.String(xtv)
+ }
+
+ default:
+ // Do nothing and ignore the unexpected tag element
+ err = decoder.Decoder.Skip()
+ if err != nil {
+ return err
+ }
+
+ }
+ decoder = originalDecoder
+ }
+ *v = sv
+ return nil
+}
+
func awsRestxml_deserializeDocumentHealthCheck(v **types.HealthCheck, decoder smithyxml.NodeDecoder) error {
if v == nil {
return fmt.Errorf("unexpected nil of type %T", v)
@@ -20404,6 +20551,12 @@ func awsRestxml_deserializeDocumentResourceRecordSet(v **types.ResourceRecordSet
return err
}
+ case strings.EqualFold("GeoProximityLocation", t.Name.Local):
+ nodeDecoder := smithyxml.WrapNodeDecoder(decoder.Decoder, t)
+ if err := awsRestxml_deserializeDocumentGeoProximityLocation(&sv.GeoProximityLocation, nodeDecoder); err != nil {
+ return err
+ }
+
case strings.EqualFold("HealthCheckId", t.Name.Local):
val, err := decoder.Value()
if err != nil {
diff --git a/service/route53/go_module_metadata.go b/service/route53/go_module_metadata.go
index c90302e1d5d..28e26a96e82 100644
--- a/service/route53/go_module_metadata.go
+++ b/service/route53/go_module_metadata.go
@@ -3,4 +3,4 @@
package route53
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.36.1"
+const goModuleVersion = "1.37.0"
diff --git a/service/route53/serializers.go b/service/route53/serializers.go
index 897e11c3c55..03c0a6780a8 100644
--- a/service/route53/serializers.go
+++ b/service/route53/serializers.go
@@ -6073,6 +6073,33 @@ func awsRestxml_serializeDocumentCidrRoutingConfig(v *types.CidrRoutingConfig, v
return nil
}
+func awsRestxml_serializeDocumentCoordinates(v *types.Coordinates, value smithyxml.Value) error {
+ defer value.Close()
+ if v.Latitude != nil {
+ rootAttr := []smithyxml.Attr{}
+ root := smithyxml.StartElement{
+ Name: smithyxml.Name{
+ Local: "Latitude",
+ },
+ Attr: rootAttr,
+ }
+ el := value.MemberElement(root)
+ el.String(*v.Latitude)
+ }
+ if v.Longitude != nil {
+ rootAttr := []smithyxml.Attr{}
+ root := smithyxml.StartElement{
+ Name: smithyxml.Name{
+ Local: "Longitude",
+ },
+ Attr: rootAttr,
+ }
+ el := value.MemberElement(root)
+ el.String(*v.Longitude)
+ }
+ return nil
+}
+
func awsRestxml_serializeDocumentGeoLocation(v *types.GeoLocation, value smithyxml.Value) error {
defer value.Close()
if v.ContinentCode != nil {
@@ -6111,6 +6138,57 @@ func awsRestxml_serializeDocumentGeoLocation(v *types.GeoLocation, value smithyx
return nil
}
+func awsRestxml_serializeDocumentGeoProximityLocation(v *types.GeoProximityLocation, value smithyxml.Value) error {
+ defer value.Close()
+ if v.AWSRegion != nil {
+ rootAttr := []smithyxml.Attr{}
+ root := smithyxml.StartElement{
+ Name: smithyxml.Name{
+ Local: "AWSRegion",
+ },
+ Attr: rootAttr,
+ }
+ el := value.MemberElement(root)
+ el.String(*v.AWSRegion)
+ }
+ if v.Bias != nil {
+ rootAttr := []smithyxml.Attr{}
+ root := smithyxml.StartElement{
+ Name: smithyxml.Name{
+ Local: "Bias",
+ },
+ Attr: rootAttr,
+ }
+ el := value.MemberElement(root)
+ el.Integer(*v.Bias)
+ }
+ if v.Coordinates != nil {
+ rootAttr := []smithyxml.Attr{}
+ root := smithyxml.StartElement{
+ Name: smithyxml.Name{
+ Local: "Coordinates",
+ },
+ Attr: rootAttr,
+ }
+ el := value.MemberElement(root)
+ if err := awsRestxml_serializeDocumentCoordinates(v.Coordinates, el); err != nil {
+ return err
+ }
+ }
+ if v.LocalZoneGroup != nil {
+ rootAttr := []smithyxml.Attr{}
+ root := smithyxml.StartElement{
+ Name: smithyxml.Name{
+ Local: "LocalZoneGroup",
+ },
+ Attr: rootAttr,
+ }
+ el := value.MemberElement(root)
+ el.String(*v.LocalZoneGroup)
+ }
+ return nil
+}
+
func awsRestxml_serializeDocumentHealthCheckConfig(v *types.HealthCheckConfig, value smithyxml.Value) error {
defer value.Close()
if v.AlarmIdentifier != nil {
@@ -6477,6 +6555,19 @@ func awsRestxml_serializeDocumentResourceRecordSet(v *types.ResourceRecordSet, v
return err
}
}
+ if v.GeoProximityLocation != nil {
+ rootAttr := []smithyxml.Attr{}
+ root := smithyxml.StartElement{
+ Name: smithyxml.Name{
+ Local: "GeoProximityLocation",
+ },
+ Attr: rootAttr,
+ }
+ el := value.MemberElement(root)
+ if err := awsRestxml_serializeDocumentGeoProximityLocation(v.GeoProximityLocation, el); err != nil {
+ return err
+ }
+ }
if v.HealthCheckId != nil {
rootAttr := []smithyxml.Attr{}
root := smithyxml.StartElement{
diff --git a/service/route53/types/types.go b/service/route53/types/types.go
index df1aca6fa86..3696e8b478b 100644
--- a/service/route53/types/types.go
+++ b/service/route53/types/types.go
@@ -231,7 +231,7 @@ type AliasTarget struct {
// Specify the hosted zone ID for the region that you created the environment in.
// The environment must have a regionalized subdomain. For a list of regions and
// the corresponding hosted zone IDs, see Elastic Beanstalk endpoints and quotas (https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html)
- // in the the Amazon Web Services General Reference. ELB load balancer Specify the
+ // in the Amazon Web Services General Reference. ELB load balancer Specify the
// value of the hosted zone ID for the load balancer. Use the following methods to
// get the hosted zone ID:
// - Elastic Load Balancing endpoints and quotas (https://docs.aws.amazon.com/general/latest/gr/elb.html)
@@ -487,6 +487,24 @@ type CollectionSummary struct {
noSmithyDocumentSerde
}
+// A complex type that lists the coordinates for a geoproximity resource record.
+type Coordinates struct {
+
+ // Specifies a coordinate of the north–south position of a geographic point on the
+ // surface of the Earth (-90 - 90).
+ //
+ // This member is required.
+ Latitude *string
+
+ // Specifies a coordinate of the east–west position of a geographic point on the
+ // surface of the Earth (-180 - 180).
+ //
+ // This member is required.
+ Longitude *string
+
+ noSmithyDocumentSerde
+}
+
// A complex type that lists the name servers in a delegation set, as well as the
// CallerReference and the ID for the delegation set.
type DelegationSet struct {
@@ -526,7 +544,7 @@ type Dimension struct {
noSmithyDocumentSerde
}
-// A string repesenting the status of DNSSEC signing.
+// A string representing the status of DNSSEC signing.
type DNSSECStatus struct {
// A string that represents the current hosted zone signing status. Status can
@@ -569,7 +587,7 @@ type GeoLocation struct {
// For geolocation resource record sets, the two-letter code for a country. Amazon
// Route 53 uses the two-letter country codes that are specified in ISO standard
// 3166-1 alpha-2 (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) . Route 53
- // also supports the contry code UA forr Ukraine.
+ // also supports the country code UA for Ukraine.
CountryCode *string
// For geolocation resource record sets, the two-letter code for a state of the
@@ -614,6 +632,45 @@ type GeoLocationDetails struct {
noSmithyDocumentSerde
}
+// (Resource record sets only): A complex type that lets you control how Amazon
+// Route 53 responds to DNS queries based on the geographic origin of the query and
+// your resources. Only one of , LocalZoneGroup , Coordinates , or Amazon Web
+// ServicesRegion is allowed per request at a time. For more information about
+// geoproximity routing, see Geoproximity routing (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy-geoproximity.html)
+// in the Amazon Route 53 Developer Guide.
+type GeoProximityLocation struct {
+
+ // The Amazon Web Services Region the resource you are directing DNS traffic to,
+ // is in.
+ AWSRegion *string
+
+ // The bias increases or decreases the size of the geographic region from which
+ // Route 53 routes traffic to a resource. To use Bias to change the size of the
+ // geographic region, specify the applicable value for the bias:
+ // - To expand the size of the geographic region from which Route 53 routes
+ // traffic to a resource, specify a positive integer from 1 to 99 for the bias.
+ // Route 53 shrinks the size of adjacent regions.
+ // - To shrink the size of the geographic region from which Route 53 routes
+ // traffic to a resource, specify a negative bias of -1 to -99. Route 53 expands
+ // the size of adjacent regions.
+ Bias *int32
+
+ // Contains the longitude and latitude for a geographic region.
+ Coordinates *Coordinates
+
+ // Specifies an Amazon Web Services Local Zone Group. A local Zone Group is
+ // usually the Local Zone code without the ending character. For example, if the
+ // Local Zone is us-east-1-bue-1a the Local Zone Group is us-east-1-bue-1 . You can
+ // identify the Local Zones Group for a specific Local Zone by using the
+ // describe-availability-zones (https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html)
+ // CLI command: This command returns: "GroupName": "us-west-2-den-1" , specifying
+ // that the Local Zone us-west-2-den-1a belongs to the Local Zone Group
+ // us-west-2-den-1 .
+ LocalZoneGroup *string
+
+ noSmithyDocumentSerde
+}
+
// A complex type that contains information about one health check that is
// associated with the current Amazon Web Services account.
type HealthCheck struct {
@@ -684,7 +741,7 @@ type HealthCheckConfig struct {
// checks, Route 53 adds up the number of health checks that Route 53 health
// checkers consider to be healthy and compares that number with the value of
// HealthThreshold .
- // - RECOVERY_CONTROL: The health check is assocated with a Route53 Application
+ // - RECOVERY_CONTROL: The health check is associated with a Route53 Application
// Recovery Controller routing control. If the routing control state is ON , the
// health check is considered healthy. If the state is OFF , the health check is
// considered unhealthy.
@@ -1320,31 +1377,34 @@ type ResourceRecordSet struct {
// Amazon Route 53 responds to DNS queries based on the geographic origin of the
// query. For example, if you want all queries from Africa to be routed to a web
// server with an IP address of 192.0.2.111 , create a resource record set with a
- // Type of A and a ContinentCode of AF . Although creating geolocation and
- // geolocation alias resource record sets in a private hosted zone is allowed, it's
- // not supported. If you create separate resource record sets for overlapping
- // geographic regions (for example, one resource record set for a continent and one
- // for a country on the same continent), priority goes to the smallest geographic
- // region. This allows you to route most queries for a continent to one resource
- // and to route queries for a country on that continent to a different resource.
- // You can't create two geolocation resource record sets that specify the same
- // geographic location. The value * in the CountryCode element matches all
- // geographic locations that aren't specified in other geolocation resource record
- // sets that have the same values for the Name and Type elements. Geolocation
- // works by mapping IP addresses to locations. However, some IP addresses aren't
- // mapped to geographic locations, so even if you create geolocation resource
- // record sets that cover all seven continents, Route 53 will receive some DNS
- // queries from locations that it can't identify. We recommend that you create a
- // resource record set for which the value of CountryCode is * . Two groups of
- // queries are routed to the resource that you specify in this record: queries that
- // come from locations for which you haven't created geolocation resource record
- // sets and queries from IP addresses that aren't mapped to a location. If you
- // don't create a * resource record set, Route 53 returns a "no answer" response
- // for queries from those locations. You can't create non-geolocation resource
- // record sets that have the same values for the Name and Type elements as
- // geolocation resource record sets.
+ // Type of A and a ContinentCode of AF . If you create separate resource record
+ // sets for overlapping geographic regions (for example, one resource record set
+ // for a continent and one for a country on the same continent), priority goes to
+ // the smallest geographic region. This allows you to route most queries for a
+ // continent to one resource and to route queries for a country on that continent
+ // to a different resource. You can't create two geolocation resource record sets
+ // that specify the same geographic location. The value * in the CountryCode
+ // element matches all geographic locations that aren't specified in other
+ // geolocation resource record sets that have the same values for the Name and Type
+ // elements. Geolocation works by mapping IP addresses to locations. However, some
+ // IP addresses aren't mapped to geographic locations, so even if you create
+ // geolocation resource record sets that cover all seven continents, Route 53 will
+ // receive some DNS queries from locations that it can't identify. We recommend
+ // that you create a resource record set for which the value of CountryCode is * .
+ // Two groups of queries are routed to the resource that you specify in this
+ // record: queries that come from locations for which you haven't created
+ // geolocation resource record sets and queries from IP addresses that aren't
+ // mapped to a location. If you don't create a * resource record set, Route 53
+ // returns a "no answer" response for queries from those locations. You can't
+ // create non-geolocation resource record sets that have the same values for the
+ // Name and Type elements as geolocation resource record sets.
GeoLocation *GeoLocation
+ // GeoproximityLocation resource record sets only: A complex type that lets you
+ // control how Route 53 responds to DNS queries based on the geographic origin of
+ // the query and your resources.
+ GeoProximityLocation *GeoProximityLocation
+
// If you want Amazon Route 53 to return this resource record set in response to a
// DNS query only when the status of a health check is healthy, include the
// HealthCheckId element and specify the ID of the applicable health check. Route
diff --git a/service/route53/validators.go b/service/route53/validators.go
index 3f1403f4b96..d34881a7815 100644
--- a/service/route53/validators.go
+++ b/service/route53/validators.go
@@ -1504,6 +1504,41 @@ func validateCidrRoutingConfig(v *types.CidrRoutingConfig) error {
}
}
+func validateCoordinates(v *types.Coordinates) error {
+ if v == nil {
+ return nil
+ }
+ invalidParams := smithy.InvalidParamsError{Context: "Coordinates"}
+ if v.Latitude == nil {
+ invalidParams.Add(smithy.NewErrParamRequired("Latitude"))
+ }
+ if v.Longitude == nil {
+ invalidParams.Add(smithy.NewErrParamRequired("Longitude"))
+ }
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ } else {
+ return nil
+ }
+}
+
+func validateGeoProximityLocation(v *types.GeoProximityLocation) error {
+ if v == nil {
+ return nil
+ }
+ invalidParams := smithy.InvalidParamsError{Context: "GeoProximityLocation"}
+ if v.Coordinates != nil {
+ if err := validateCoordinates(v.Coordinates); err != nil {
+ invalidParams.AddNested("Coordinates", err.(smithy.InvalidParamsError))
+ }
+ }
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ } else {
+ return nil
+ }
+}
+
func validateHealthCheckConfig(v *types.HealthCheckConfig) error {
if v == nil {
return nil
@@ -1582,6 +1617,11 @@ func validateResourceRecordSet(v *types.ResourceRecordSet) error {
invalidParams.AddNested("CidrRoutingConfig", err.(smithy.InvalidParamsError))
}
}
+ if v.GeoProximityLocation != nil {
+ if err := validateGeoProximityLocation(v.GeoProximityLocation); err != nil {
+ invalidParams.AddNested("GeoProximityLocation", err.(smithy.InvalidParamsError))
+ }
+ }
if invalidParams.Len() > 0 {
return invalidParams
} else {
diff --git a/service/route53resolver/CHANGELOG.md b/service/route53resolver/CHANGELOG.md
index c55feb3bfda..484e32d7139 100644
--- a/service/route53resolver/CHANGELOG.md
+++ b/service/route53resolver/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.25.0 (2024-01-08)
+
+* **Feature**: This release adds support for query type configuration on firewall rules that enables customers for granular action (ALLOW, ALERT, BLOCK) by DNS query type.
+
# v1.24.2 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/route53resolver/api_op_CreateFirewallRule.go b/service/route53resolver/api_op_CreateFirewallRule.go
index e0ac1fc177f..28a9d818c24 100644
--- a/service/route53resolver/api_op_CreateFirewallRule.go
+++ b/service/route53resolver/api_op_CreateFirewallRule.go
@@ -102,6 +102,22 @@ type CreateFirewallRuleInput struct {
// This setting is required if the rule action setting is BLOCK .
BlockResponse types.BlockResponse
+ // The DNS query type you want the rule to evaluate. Allowed values are;
+ // - A: Returns an IPv4 address.
+ // - AAAA: Returns an Ipv6 address.
+ // - CAA: Restricts CAs that can create SSL/TLS certifications for the domain.
+ // - CNAME: Returns another domain name.
+ // - DS: Record that identifies the DNSSEC signing key of a delegated zone.
+ // - MX: Specifies mail servers.
+ // - NAPTR: Regular-expression-based rewriting of domain names.
+ // - NS: Authoritative name servers.
+ // - PTR: Maps an IP address to a domain name.
+ // - SOA: Start of authority record for the zone.
+ // - SPF: Lists the servers authorized to send emails from a domain.
+ // - SRV: Application specific values that identify servers.
+ // - TXT: Verifies email senders and application-specific values.
+ Qtype *string
+
noSmithyDocumentSerde
}
diff --git a/service/route53resolver/api_op_DeleteFirewallRule.go b/service/route53resolver/api_op_DeleteFirewallRule.go
index 4dc4b05084e..c941d842bce 100644
--- a/service/route53resolver/api_op_DeleteFirewallRule.go
+++ b/service/route53resolver/api_op_DeleteFirewallRule.go
@@ -41,6 +41,23 @@ type DeleteFirewallRuleInput struct {
// This member is required.
FirewallRuleGroupId *string
+ // The DNS query type that the rule you are deleting evaluates. Allowed values
+ // are;
+ // - A: Returns an IPv4 address.
+ // - AAAA: Returns an Ipv6 address.
+ // - CAA: Restricts CAs that can create SSL/TLS certifications for the domain.
+ // - CNAME: Returns another domain name.
+ // - DS: Record that identifies the DNSSEC signing key of a delegated zone.
+ // - MX: Specifies mail servers.
+ // - NAPTR: Regular-expression-based rewriting of domain names.
+ // - NS: Authoritative name servers.
+ // - PTR: Maps an IP address to a domain name.
+ // - SOA: Start of authority record for the zone.
+ // - SPF: Lists the servers authorized to send emails from a domain.
+ // - SRV: Application specific values that identify servers.
+ // - TXT: Verifies email senders and application-specific values.
+ Qtype *string
+
noSmithyDocumentSerde
}
diff --git a/service/route53resolver/api_op_UpdateFirewallRule.go b/service/route53resolver/api_op_UpdateFirewallRule.go
index adcaa604285..91e955100d7 100644
--- a/service/route53resolver/api_op_UpdateFirewallRule.go
+++ b/service/route53resolver/api_op_UpdateFirewallRule.go
@@ -83,6 +83,22 @@ type UpdateFirewallRuleInput struct {
// setting for the rules in a rule group at any time.
Priority *int32
+ // The DNS query type you want the rule to evaluate. Allowed values are;
+ // - A: Returns an IPv4 address.
+ // - AAAA: Returns an Ipv6 address.
+ // - CAA: Restricts CAs that can create SSL/TLS certifications for the domain.
+ // - CNAME: Returns another domain name.
+ // - DS: Record that identifies the DNSSEC signing key of a delegated zone.
+ // - MX: Specifies mail servers.
+ // - NAPTR: Regular-expression-based rewriting of domain names.
+ // - NS: Authoritative name servers.
+ // - PTR: Maps an IP address to a domain name.
+ // - SOA: Start of authority record for the zone.
+ // - SPF: Lists the servers authorized to send emails from a domain.
+ // - SRV: Application specific values that identify servers.
+ // - TXT: Verifies email senders and application-specific values.
+ Qtype *string
+
noSmithyDocumentSerde
}
diff --git a/service/route53resolver/deserializers.go b/service/route53resolver/deserializers.go
index a43b1d56ccb..57adb73cde5 100644
--- a/service/route53resolver/deserializers.go
+++ b/service/route53resolver/deserializers.go
@@ -9702,6 +9702,15 @@ func awsAwsjson11_deserializeDocumentFirewallRule(v **types.FirewallRule, value
sv.Priority = ptr.Int32(int32(i64))
}
+ case "Qtype":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected Qtype to be of type string, got %T instead", value)
+ }
+ sv.Qtype = ptr.String(jtv)
+ }
+
default:
_, _ = key, value
diff --git a/service/route53resolver/go_module_metadata.go b/service/route53resolver/go_module_metadata.go
index 57d96c65b9c..fff7625b466 100644
--- a/service/route53resolver/go_module_metadata.go
+++ b/service/route53resolver/go_module_metadata.go
@@ -3,4 +3,4 @@
package route53resolver
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.24.2"
+const goModuleVersion = "1.25.0"
diff --git a/service/route53resolver/serializers.go b/service/route53resolver/serializers.go
index 80992a9fb1e..fac1e630f8b 100644
--- a/service/route53resolver/serializers.go
+++ b/service/route53resolver/serializers.go
@@ -4231,6 +4231,11 @@ func awsAwsjson11_serializeOpDocumentCreateFirewallRuleInput(v *CreateFirewallRu
ok.Integer(*v.Priority)
}
+ if v.Qtype != nil {
+ ok := object.Key("Qtype")
+ ok.String(*v.Qtype)
+ }
+
return nil
}
@@ -4451,6 +4456,11 @@ func awsAwsjson11_serializeOpDocumentDeleteFirewallRuleInput(v *DeleteFirewallRu
ok.String(*v.FirewallRuleGroupId)
}
+ if v.Qtype != nil {
+ ok := object.Key("Qtype")
+ ok.String(*v.Qtype)
+ }
+
return nil
}
@@ -5364,6 +5374,11 @@ func awsAwsjson11_serializeOpDocumentUpdateFirewallRuleInput(v *UpdateFirewallRu
ok.Integer(*v.Priority)
}
+ if v.Qtype != nil {
+ ok := object.Key("Qtype")
+ ok.String(*v.Qtype)
+ }
+
return nil
}
diff --git a/service/route53resolver/types/types.go b/service/route53resolver/types/types.go
index dfa1050b70e..7612589d8a9 100644
--- a/service/route53resolver/types/types.go
+++ b/service/route53resolver/types/types.go
@@ -294,6 +294,22 @@ type FirewallRule struct {
// priority, starting from the lowest setting.
Priority *int32
+ // The DNS query type you want the rule to evaluate. Allowed values are;
+ // - A: Returns an IPv4 address.
+ // - AAAA: Returns an Ipv6 address.
+ // - CAA: Restricts CAs that can create SSL/TLS certifications for the domain.
+ // - CNAME: Returns another domain name.
+ // - DS: Record that identifies the DNSSEC signing key of a delegated zone.
+ // - MX: Specifies mail servers.
+ // - NAPTR: Regular-expression-based rewriting of domain names.
+ // - NS: Authoritative name servers.
+ // - PTR: Maps an IP address to a domain name.
+ // - SOA: Start of authority record for the zone.
+ // - SPF: Lists the servers authorized to send emails from a domain.
+ // - SRV: Application specific values that identify servers.
+ // - TXT: Verifies email senders and application-specific values.
+ Qtype *string
+
noSmithyDocumentSerde
}
diff --git a/service/s3/CHANGELOG.md b/service/s3/CHANGELOG.md
index b9733d8fd5c..f83de2a5efe 100644
--- a/service/s3/CHANGELOG.md
+++ b/service/s3/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.48.0 (2024-01-05)
+
+* **Feature**: Support smithy sigv4a trait for codegen.
+
# v1.47.8 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/s3/auth.go b/service/s3/auth.go
index 8a4f832f7f5..6ef631bd380 100644
--- a/service/s3/auth.go
+++ b/service/s3/auth.go
@@ -155,7 +155,15 @@ func serviceAuthOptions(params *AuthResolverParameters) []*smithyauth.Option {
}(),
},
- {SchemeID: smithyauth.SchemeIDSigV4A},
+ {
+ SchemeID: smithyauth.SchemeIDSigV4A,
+ SignerProperties: func() smithy.Properties {
+ var props smithy.Properties
+ smithyhttp.SetSigV4ASigningName(&props, "s3")
+ smithyhttp.SetSigV4ASigningRegions(&props, []string{params.Region})
+ return props
+ }(),
+ },
}
}
diff --git a/service/s3/go_module_metadata.go b/service/s3/go_module_metadata.go
index 166e6292c90..77e3ee12fd9 100644
--- a/service/s3/go_module_metadata.go
+++ b/service/s3/go_module_metadata.go
@@ -3,4 +3,4 @@
package s3
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.47.8"
+const goModuleVersion = "1.48.0"
diff --git a/service/s3/internal/configtesting/go.mod b/service/s3/internal/configtesting/go.mod
index f4557f236fe..b404680fc5d 100644
--- a/service/s3/internal/configtesting/go.mod
+++ b/service/s3/internal/configtesting/go.mod
@@ -3,13 +3,13 @@ module github.com/aws/aws-sdk-go-v2/service/s3/internal/configtesting
go 1.19
require (
- github.com/aws/aws-sdk-go-v2/config v1.26.3
+ github.com/aws/aws-sdk-go-v2/config v1.26.4
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.10
)
require (
github.com/aws/aws-sdk-go-v2 v1.24.1 // indirect
- github.com/aws/aws-sdk-go-v2/credentials v1.16.14 // indirect
+ github.com/aws/aws-sdk-go-v2/credentials v1.16.15 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 // indirect
@@ -17,7 +17,7 @@ require (
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.18.6 // indirect
- github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.6 // indirect
+ github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 // indirect
github.com/aws/smithy-go v1.19.0 // indirect
)
diff --git a/service/s3control/CHANGELOG.md b/service/s3control/CHANGELOG.md
index 6fc1e948c82..23e70691528 100644
--- a/service/s3control/CHANGELOG.md
+++ b/service/s3control/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.42.0 (2024-01-12)
+
+* **Feature**: S3 On Outposts team adds dualstack endpoints support for S3Control and S3Outposts API calls.
+
# v1.41.8 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/s3control/endpoints.go b/service/s3control/endpoints.go
index 0afd9ee4828..973121712f7 100644
--- a/service/s3control/endpoints.go
+++ b/service/s3control/endpoints.go
@@ -452,10 +452,14 @@ func (r *resolver) ResolveEndpoint(
if !(rulesfn.IsValidHostLabel(_OutpostId, false)) {
return endpoint, fmt.Errorf("endpoint rule error, %s", "OutpostId must only contain a-z, A-Z, 0-9 and `-`.")
}
- if rulesfn.IsValidHostLabel(_Region, true) {
+ if exprVal := params.Endpoint; exprVal != nil {
+ _Endpoint := *exprVal
+ _ = _Endpoint
if _UseDualStack == true {
- return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid configuration: Outposts do not support dual-stack")
+ return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: DualStack and custom endpoint are not supported")
}
+ }
+ if rulesfn.IsValidHostLabel(_Region, true) {
if exprVal := params.Endpoint; exprVal != nil {
_Endpoint := *exprVal
_ = _Endpoint
@@ -501,6 +505,47 @@ func (r *resolver) ResolveEndpoint(
}, nil
}
}
+ if _UseFIPS == true {
+ if _UseDualStack == true {
+ uriString := func() string {
+ var out strings.Builder
+ out.WriteString("https://s3-outposts-fips.")
+ out.WriteString(_Region)
+ out.WriteString(".")
+ out.WriteString(_partitionResult.DualStackDnsSuffix)
+ return out.String()
+ }()
+
+ uri, err := url.Parse(uriString)
+ if err != nil {
+ return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
+ }
+
+ return smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: func() smithy.Properties {
+ var out smithy.Properties
+ smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
+ {
+ SchemeID: "aws.auth#sigv4",
+ SignerProperties: func() smithy.Properties {
+ var sp smithy.Properties
+ smithyhttp.SetDisableDoubleEncoding(&sp, true)
+
+ smithyhttp.SetSigV4SigningName(&sp, "s3-outposts")
+ smithyhttp.SetSigV4ASigningName(&sp, "s3-outposts")
+
+ smithyhttp.SetSigV4SigningRegion(&sp, _Region)
+ return sp
+ }(),
+ },
+ })
+ return out
+ }(),
+ }, nil
+ }
+ }
if _UseFIPS == true {
uriString := func() string {
var out strings.Builder
@@ -540,6 +585,45 @@ func (r *resolver) ResolveEndpoint(
}(),
}, nil
}
+ if _UseDualStack == true {
+ uriString := func() string {
+ var out strings.Builder
+ out.WriteString("https://s3-outposts.")
+ out.WriteString(_Region)
+ out.WriteString(".")
+ out.WriteString(_partitionResult.DualStackDnsSuffix)
+ return out.String()
+ }()
+
+ uri, err := url.Parse(uriString)
+ if err != nil {
+ return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
+ }
+
+ return smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: func() smithy.Properties {
+ var out smithy.Properties
+ smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
+ {
+ SchemeID: "aws.auth#sigv4",
+ SignerProperties: func() smithy.Properties {
+ var sp smithy.Properties
+ smithyhttp.SetDisableDoubleEncoding(&sp, true)
+
+ smithyhttp.SetSigV4SigningName(&sp, "s3-outposts")
+ smithyhttp.SetSigV4ASigningName(&sp, "s3-outposts")
+
+ smithyhttp.SetSigV4SigningRegion(&sp, _Region)
+ return sp
+ }(),
+ },
+ })
+ return out
+ }(),
+ }, nil
+ }
uriString := func() string {
var out strings.Builder
out.WriteString("https://s3-outposts.")
@@ -593,13 +677,17 @@ func (r *resolver) ResolveEndpoint(
_ = _arnType
if !(_arnType == "") {
if _accessPointArn.Service == "s3-outposts" {
- if _UseDualStack == true {
- return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid configuration: Outpost Access Points do not support dual-stack")
- }
if exprVal := _accessPointArn.ResourceId.Get(1); exprVal != nil {
_outpostId := *exprVal
_ = _outpostId
if rulesfn.IsValidHostLabel(_outpostId, false) {
+ if exprVal := params.Endpoint; exprVal != nil {
+ _Endpoint := *exprVal
+ _ = _Endpoint
+ if _UseDualStack == true {
+ return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: DualStack and custom endpoint are not supported")
+ }
+ }
if exprVal := params.UseArnRegion; exprVal != nil {
_UseArnRegion := *exprVal
_ = _UseArnRegion
@@ -649,6 +737,52 @@ func (r *resolver) ResolveEndpoint(
_accessPointName := *exprVal
_ = _accessPointName
if _outpostType == "accesspoint" {
+ if _UseFIPS == true {
+ if _UseDualStack == true {
+ uriString := func() string {
+ var out strings.Builder
+ out.WriteString("https://s3-outposts-fips.")
+ out.WriteString(_accessPointArn.Region)
+ out.WriteString(".")
+ out.WriteString(_arnPartition.DualStackDnsSuffix)
+ return out.String()
+ }()
+
+ uri, err := url.Parse(uriString)
+ if err != nil {
+ return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
+ }
+
+ return smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: func() http.Header {
+ headers := http.Header{}
+ headers.Set("x-amz-account-id", _accessPointArn.AccountId)
+ headers.Set("x-amz-outpost-id", _outpostId)
+ return headers
+ }(),
+ Properties: func() smithy.Properties {
+ var out smithy.Properties
+ smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
+ {
+ SchemeID: "aws.auth#sigv4",
+ SignerProperties: func() smithy.Properties {
+ var sp smithy.Properties
+ smithyhttp.SetDisableDoubleEncoding(&sp, true)
+
+ smithyhttp.SetSigV4SigningName(&sp, "s3-outposts")
+ smithyhttp.SetSigV4ASigningName(&sp, "s3-outposts")
+
+ smithyhttp.SetSigV4SigningRegion(&sp, _accessPointArn.Region)
+ return sp
+ }(),
+ },
+ })
+ return out
+ }(),
+ }, nil
+ }
+ }
if _UseFIPS == true {
uriString := func() string {
var out strings.Builder
@@ -693,6 +827,50 @@ func (r *resolver) ResolveEndpoint(
}(),
}, nil
}
+ if _UseDualStack == true {
+ uriString := func() string {
+ var out strings.Builder
+ out.WriteString("https://s3-outposts.")
+ out.WriteString(_accessPointArn.Region)
+ out.WriteString(".")
+ out.WriteString(_arnPartition.DualStackDnsSuffix)
+ return out.String()
+ }()
+
+ uri, err := url.Parse(uriString)
+ if err != nil {
+ return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
+ }
+
+ return smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: func() http.Header {
+ headers := http.Header{}
+ headers.Set("x-amz-account-id", _accessPointArn.AccountId)
+ headers.Set("x-amz-outpost-id", _outpostId)
+ return headers
+ }(),
+ Properties: func() smithy.Properties {
+ var out smithy.Properties
+ smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
+ {
+ SchemeID: "aws.auth#sigv4",
+ SignerProperties: func() smithy.Properties {
+ var sp smithy.Properties
+ smithyhttp.SetDisableDoubleEncoding(&sp, true)
+
+ smithyhttp.SetSigV4SigningName(&sp, "s3-outposts")
+ smithyhttp.SetSigV4ASigningName(&sp, "s3-outposts")
+
+ smithyhttp.SetSigV4SigningRegion(&sp, _accessPointArn.Region)
+ return sp
+ }(),
+ },
+ })
+ return out
+ }(),
+ }, nil
+ }
if exprVal := params.Endpoint; exprVal != nil {
_Endpoint := *exprVal
_ = _Endpoint
@@ -857,13 +1035,17 @@ func (r *resolver) ResolveEndpoint(
_ = _arnType
if !(_arnType == "") {
if _bucketArn.Service == "s3-outposts" {
- if _UseDualStack == true {
- return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid configuration: Outpost buckets do not support dual-stack")
- }
if exprVal := _bucketArn.ResourceId.Get(1); exprVal != nil {
_outpostId := *exprVal
_ = _outpostId
if rulesfn.IsValidHostLabel(_outpostId, false) {
+ if exprVal := params.Endpoint; exprVal != nil {
+ _Endpoint := *exprVal
+ _ = _Endpoint
+ if _UseDualStack == true {
+ return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: DualStack and custom endpoint are not supported")
+ }
+ }
if exprVal := params.UseArnRegion; exprVal != nil {
_UseArnRegion := *exprVal
_ = _UseArnRegion
@@ -913,6 +1095,52 @@ func (r *resolver) ResolveEndpoint(
_bucketName := *exprVal
_ = _bucketName
if _outpostType == "bucket" {
+ if _UseFIPS == true {
+ if _UseDualStack == true {
+ uriString := func() string {
+ var out strings.Builder
+ out.WriteString("https://s3-outposts-fips.")
+ out.WriteString(_bucketArn.Region)
+ out.WriteString(".")
+ out.WriteString(_arnPartition.DualStackDnsSuffix)
+ return out.String()
+ }()
+
+ uri, err := url.Parse(uriString)
+ if err != nil {
+ return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
+ }
+
+ return smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: func() http.Header {
+ headers := http.Header{}
+ headers.Set("x-amz-account-id", _bucketArn.AccountId)
+ headers.Set("x-amz-outpost-id", _outpostId)
+ return headers
+ }(),
+ Properties: func() smithy.Properties {
+ var out smithy.Properties
+ smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
+ {
+ SchemeID: "aws.auth#sigv4",
+ SignerProperties: func() smithy.Properties {
+ var sp smithy.Properties
+ smithyhttp.SetDisableDoubleEncoding(&sp, true)
+
+ smithyhttp.SetSigV4SigningName(&sp, "s3-outposts")
+ smithyhttp.SetSigV4ASigningName(&sp, "s3-outposts")
+
+ smithyhttp.SetSigV4SigningRegion(&sp, _bucketArn.Region)
+ return sp
+ }(),
+ },
+ })
+ return out
+ }(),
+ }, nil
+ }
+ }
if _UseFIPS == true {
uriString := func() string {
var out strings.Builder
@@ -957,6 +1185,50 @@ func (r *resolver) ResolveEndpoint(
}(),
}, nil
}
+ if _UseDualStack == true {
+ uriString := func() string {
+ var out strings.Builder
+ out.WriteString("https://s3-outposts.")
+ out.WriteString(_bucketArn.Region)
+ out.WriteString(".")
+ out.WriteString(_arnPartition.DualStackDnsSuffix)
+ return out.String()
+ }()
+
+ uri, err := url.Parse(uriString)
+ if err != nil {
+ return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
+ }
+
+ return smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: func() http.Header {
+ headers := http.Header{}
+ headers.Set("x-amz-account-id", _bucketArn.AccountId)
+ headers.Set("x-amz-outpost-id", _outpostId)
+ return headers
+ }(),
+ Properties: func() smithy.Properties {
+ var out smithy.Properties
+ smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
+ {
+ SchemeID: "aws.auth#sigv4",
+ SignerProperties: func() smithy.Properties {
+ var sp smithy.Properties
+ smithyhttp.SetDisableDoubleEncoding(&sp, true)
+
+ smithyhttp.SetSigV4SigningName(&sp, "s3-outposts")
+ smithyhttp.SetSigV4ASigningName(&sp, "s3-outposts")
+
+ smithyhttp.SetSigV4SigningRegion(&sp, _bucketArn.Region)
+ return sp
+ }(),
+ },
+ })
+ return out
+ }(),
+ }, nil
+ }
if exprVal := params.Endpoint; exprVal != nil {
_Endpoint := *exprVal
_ = _Endpoint
diff --git a/service/s3control/endpoints_test.go b/service/s3control/endpoints_test.go
index ce39633355a..dc05ab8028d 100644
--- a/service/s3control/endpoints_test.go
+++ b/service/s3control/endpoints_test.go
@@ -1219,7 +1219,7 @@ func TestEndpointCase18(t *testing.T) {
}
}
-// outpost access points do not support dualstack@us-west-2
+// outpost access points support dualstack@us-west-2
func TestEndpointCase19(t *testing.T) {
var params = EndpointParameters{
AccessPointName: ptr.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint"),
@@ -1234,20 +1234,62 @@ func TestEndpointCase19(t *testing.T) {
result, err := resolver.ResolveEndpoint(context.Background(), params)
_, _ = result, err
- if err == nil {
- t.Fatalf("expect error, got none")
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
}
- if e, a := "Invalid configuration: Outpost Access Points do not support dual-stack", err.Error(); !strings.Contains(a, e) {
- t.Errorf("expect %v error in %v", e, a)
+
+ uri, _ := url.Parse("https://s3-outposts.us-west-2.api.aws")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: func() http.Header {
+ headers := http.Header{}
+ headers.Set("x-amz-account-id", "123456789012")
+ headers.Set("x-amz-outpost-id", "op-01234567890123456")
+ return headers
+ }(),
+ Properties: func() smithy.Properties {
+ var out smithy.Properties
+ smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
+ {
+ SchemeID: "aws.auth#sigv4",
+ SignerProperties: func() smithy.Properties {
+ var sp smithy.Properties
+ smithyhttp.SetSigV4SigningName(&sp, "s3-outposts")
+ smithyhttp.SetSigV4ASigningName(&sp, "s3-outposts")
+
+ smithyhttp.SetSigV4SigningRegion(&sp, "us-west-2")
+
+ smithyhttp.SetDisableDoubleEncoding(&sp, true)
+ return sp
+ }(),
+ },
+ })
+ return out
+ }(),
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
}
}
-// outpost access points do not support dualstack@cn-north-1
+// outpost access points support dualstack@af-south-1
func TestEndpointCase20(t *testing.T) {
var params = EndpointParameters{
- AccessPointName: ptr.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint"),
+ AccessPointName: ptr.String("arn:aws:s3-outposts:af-south-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint"),
AccountId: ptr.String("123456789012"),
- Region: ptr.String("cn-north-1"),
+ Region: ptr.String("af-south-1"),
RequiresAccountId: ptr.Bool(true),
UseDualStack: ptr.Bool(true),
UseFIPS: ptr.Bool(false),
@@ -1257,34 +1299,118 @@ func TestEndpointCase20(t *testing.T) {
result, err := resolver.ResolveEndpoint(context.Background(), params)
_, _ = result, err
- if err == nil {
- t.Fatalf("expect error, got none")
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
}
- if e, a := "Invalid configuration: Outpost Access Points do not support dual-stack", err.Error(); !strings.Contains(a, e) {
- t.Errorf("expect %v error in %v", e, a)
+
+ uri, _ := url.Parse("https://s3-outposts.af-south-1.api.aws")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: func() http.Header {
+ headers := http.Header{}
+ headers.Set("x-amz-account-id", "123456789012")
+ headers.Set("x-amz-outpost-id", "op-01234567890123456")
+ return headers
+ }(),
+ Properties: func() smithy.Properties {
+ var out smithy.Properties
+ smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
+ {
+ SchemeID: "aws.auth#sigv4",
+ SignerProperties: func() smithy.Properties {
+ var sp smithy.Properties
+ smithyhttp.SetSigV4SigningName(&sp, "s3-outposts")
+ smithyhttp.SetSigV4ASigningName(&sp, "s3-outposts")
+
+ smithyhttp.SetSigV4SigningRegion(&sp, "af-south-1")
+
+ smithyhttp.SetDisableDoubleEncoding(&sp, true)
+ return sp
+ }(),
+ },
+ })
+ return out
+ }(),
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
}
}
-// outpost access points do not support dualstack@af-south-1
+// outpost access points support fips + dualstack@af-south-1
func TestEndpointCase21(t *testing.T) {
var params = EndpointParameters{
- AccessPointName: ptr.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint"),
+ AccessPointName: ptr.String("arn:aws:s3-outposts:af-south-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint"),
AccountId: ptr.String("123456789012"),
Region: ptr.String("af-south-1"),
RequiresAccountId: ptr.Bool(true),
UseDualStack: ptr.Bool(true),
- UseFIPS: ptr.Bool(false),
+ UseFIPS: ptr.Bool(true),
}
resolver := NewDefaultEndpointResolverV2()
result, err := resolver.ResolveEndpoint(context.Background(), params)
_, _ = result, err
- if err == nil {
- t.Fatalf("expect error, got none")
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
}
- if e, a := "Invalid configuration: Outpost Access Points do not support dual-stack", err.Error(); !strings.Contains(a, e) {
- t.Errorf("expect %v error in %v", e, a)
+
+ uri, _ := url.Parse("https://s3-outposts-fips.af-south-1.api.aws")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: func() http.Header {
+ headers := http.Header{}
+ headers.Set("x-amz-account-id", "123456789012")
+ headers.Set("x-amz-outpost-id", "op-01234567890123456")
+ return headers
+ }(),
+ Properties: func() smithy.Properties {
+ var out smithy.Properties
+ smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
+ {
+ SchemeID: "aws.auth#sigv4",
+ SignerProperties: func() smithy.Properties {
+ var sp smithy.Properties
+ smithyhttp.SetSigV4SigningName(&sp, "s3-outposts")
+ smithyhttp.SetSigV4ASigningName(&sp, "s3-outposts")
+
+ smithyhttp.SetSigV4SigningRegion(&sp, "af-south-1")
+
+ smithyhttp.SetDisableDoubleEncoding(&sp, true)
+ return sp
+ }(),
+ },
+ })
+ return out
+ }(),
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
}
}
@@ -1926,15 +2052,14 @@ func TestEndpointCase35(t *testing.T) {
}
}
-// CreateBucket + OutpostId endpoint url@us-east-2
+// ListRegionalBucket + OutpostId + fips + dualstack@us-east-2
func TestEndpointCase36(t *testing.T) {
var params = EndpointParameters{
- Bucket: ptr.String("blah"),
- Endpoint: ptr.String("https://beta.example.com"),
- OutpostId: ptr.String("123"),
+ AccountId: ptr.String("123456789012"),
+ OutpostId: ptr.String("op-123"),
Region: ptr.String("us-east-2"),
- RequiresAccountId: ptr.Bool(false),
- UseDualStack: ptr.Bool(false),
+ RequiresAccountId: ptr.Bool(true),
+ UseDualStack: ptr.Bool(true),
UseFIPS: ptr.Bool(true),
}
@@ -1946,7 +2071,7 @@ func TestEndpointCase36(t *testing.T) {
t.Fatalf("expect no error, got %v", err)
}
- uri, _ := url.Parse("https://beta.example.com")
+ uri, _ := url.Parse("https://s3-outposts-fips.us-east-2.api.aws")
expectEndpoint := smithyendpoints.Endpoint{
URI: *uri,
@@ -1987,37 +2112,74 @@ func TestEndpointCase36(t *testing.T) {
}
}
-// dualstack cannot be used with outposts when an endpoint URL is set@us-west-2.
+// CreateBucket + OutpostId endpoint url@us-east-2
func TestEndpointCase37(t *testing.T) {
var params = EndpointParameters{
- AccessPointName: ptr.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint"),
+ Bucket: ptr.String("blah"),
Endpoint: ptr.String("https://beta.example.com"),
- Region: ptr.String("us-west-2"),
- RequiresAccountId: ptr.Bool(true),
- UseDualStack: ptr.Bool(true),
- UseFIPS: ptr.Bool(false),
+ OutpostId: ptr.String("123"),
+ Region: ptr.String("us-east-2"),
+ RequiresAccountId: ptr.Bool(false),
+ UseDualStack: ptr.Bool(false),
+ UseFIPS: ptr.Bool(true),
}
resolver := NewDefaultEndpointResolverV2()
result, err := resolver.ResolveEndpoint(context.Background(), params)
_, _ = result, err
- if err == nil {
- t.Fatalf("expect error, got none")
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
}
- if e, a := "Invalid configuration: Outpost Access Points do not support dual-stack", err.Error(); !strings.Contains(a, e) {
- t.Errorf("expect %v error in %v", e, a)
+
+ uri, _ := url.Parse("https://beta.example.com")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: func() smithy.Properties {
+ var out smithy.Properties
+ smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
+ {
+ SchemeID: "aws.auth#sigv4",
+ SignerProperties: func() smithy.Properties {
+ var sp smithy.Properties
+ smithyhttp.SetSigV4SigningName(&sp, "s3-outposts")
+ smithyhttp.SetSigV4ASigningName(&sp, "s3-outposts")
+
+ smithyhttp.SetSigV4SigningRegion(&sp, "us-east-2")
+
+ smithyhttp.SetDisableDoubleEncoding(&sp, true)
+ return sp
+ }(),
+ },
+ })
+ return out
+ }(),
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
}
}
-// Dual-stack cannot be used with outposts@us-west-2
+// dualstack cannot be used with outposts when an endpoint URL is set@us-west-2.
func TestEndpointCase38(t *testing.T) {
var params = EndpointParameters{
- Bucket: ptr.String("bucketname"),
- Endpoint: ptr.String("https://beta.example.com"),
- OutpostId: ptr.String("op-123"),
+ AccessPointName: ptr.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint"),
+ Endpoint: ptr.String("https://s3-outposts.us-west-2.api.aws"),
Region: ptr.String("us-west-2"),
- RequiresAccountId: ptr.Bool(false),
+ RequiresAccountId: ptr.Bool(true),
UseDualStack: ptr.Bool(true),
UseFIPS: ptr.Bool(false),
}
@@ -2029,7 +2191,7 @@ func TestEndpointCase38(t *testing.T) {
if err == nil {
t.Fatalf("expect error, got none")
}
- if e, a := "Invalid configuration: Outposts do not support dual-stack", err.Error(); !strings.Contains(a, e) {
+ if e, a := "Invalid Configuration: DualStack and custom endpoint are not supported", err.Error(); !strings.Contains(a, e) {
t.Errorf("expect %v error in %v", e, a)
}
}
@@ -2355,25 +2517,67 @@ func TestEndpointCase43(t *testing.T) {
}
}
-// Outposts do not support dualstack@us-west-2
+// bucket ARN in aws partition with fips + dualstack@us-east-2
func TestEndpointCase44(t *testing.T) {
var params = EndpointParameters{
- Bucket: ptr.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket"),
- Region: ptr.String("us-west-2"),
+ Bucket: ptr.String("arn:aws:s3-outposts:us-east-2:123456789012:outpost:op-01234567890123456:bucket:mybucket"),
+ Region: ptr.String("us-east-2"),
RequiresAccountId: ptr.Bool(true),
UseDualStack: ptr.Bool(true),
- UseFIPS: ptr.Bool(false),
+ UseFIPS: ptr.Bool(true),
}
resolver := NewDefaultEndpointResolverV2()
result, err := resolver.ResolveEndpoint(context.Background(), params)
_, _ = result, err
- if err == nil {
- t.Fatalf("expect error, got none")
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
}
- if e, a := "Invalid configuration: Outpost buckets do not support dual-stack", err.Error(); !strings.Contains(a, e) {
- t.Errorf("expect %v error in %v", e, a)
+
+ uri, _ := url.Parse("https://s3-outposts-fips.us-east-2.api.aws")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: func() http.Header {
+ headers := http.Header{}
+ headers.Set("x-amz-account-id", "123456789012")
+ headers.Set("x-amz-outpost-id", "op-01234567890123456")
+ return headers
+ }(),
+ Properties: func() smithy.Properties {
+ var out smithy.Properties
+ smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
+ {
+ SchemeID: "aws.auth#sigv4",
+ SignerProperties: func() smithy.Properties {
+ var sp smithy.Properties
+ smithyhttp.SetSigV4SigningName(&sp, "s3-outposts")
+ smithyhttp.SetSigV4ASigningName(&sp, "s3-outposts")
+
+ smithyhttp.SetSigV4SigningRegion(&sp, "us-east-2")
+
+ smithyhttp.SetDisableDoubleEncoding(&sp, true)
+ return sp
+ }(),
+ },
+ })
+ return out
+ }(),
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
}
}
@@ -2698,7 +2902,7 @@ func TestEndpointCase49(t *testing.T) {
}
}
-// Outposts do not support dualstack@us-west-2
+// Outposts support dualstack @us-west-2
func TestEndpointCase50(t *testing.T) {
var params = EndpointParameters{
Bucket: ptr.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket"),
@@ -2712,11 +2916,53 @@ func TestEndpointCase50(t *testing.T) {
result, err := resolver.ResolveEndpoint(context.Background(), params)
_, _ = result, err
- if err == nil {
- t.Fatalf("expect error, got none")
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
}
- if e, a := "Invalid configuration: Outpost buckets do not support dual-stack", err.Error(); !strings.Contains(a, e) {
- t.Errorf("expect %v error in %v", e, a)
+
+ uri, _ := url.Parse("https://s3-outposts.us-west-2.api.aws")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: func() http.Header {
+ headers := http.Header{}
+ headers.Set("x-amz-account-id", "123456789012")
+ headers.Set("x-amz-outpost-id", "op-01234567890123456")
+ return headers
+ }(),
+ Properties: func() smithy.Properties {
+ var out smithy.Properties
+ smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
+ {
+ SchemeID: "aws.auth#sigv4",
+ SignerProperties: func() smithy.Properties {
+ var sp smithy.Properties
+ smithyhttp.SetSigV4SigningName(&sp, "s3-outposts")
+ smithyhttp.SetSigV4ASigningName(&sp, "s3-outposts")
+
+ smithyhttp.SetSigV4SigningRegion(&sp, "us-west-2")
+
+ smithyhttp.SetDisableDoubleEncoding(&sp, true)
+ return sp
+ }(),
+ },
+ })
+ return out
+ }(),
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
}
}
@@ -3041,30 +3287,8 @@ func TestEndpointCase55(t *testing.T) {
}
}
-// Outposts do not support dualstack@us-west-2
-func TestEndpointCase56(t *testing.T) {
- var params = EndpointParameters{
- Bucket: ptr.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket"),
- Region: ptr.String("us-west-2"),
- RequiresAccountId: ptr.Bool(true),
- UseDualStack: ptr.Bool(true),
- UseFIPS: ptr.Bool(false),
- }
-
- resolver := NewDefaultEndpointResolverV2()
- result, err := resolver.ResolveEndpoint(context.Background(), params)
- _, _ = result, err
-
- if err == nil {
- t.Fatalf("expect error, got none")
- }
- if e, a := "Invalid configuration: Outpost buckets do not support dual-stack", err.Error(); !strings.Contains(a, e) {
- t.Errorf("expect %v error in %v", e, a)
- }
-}
-
// Invalid ARN: missing outpost id and bucket@us-west-2
-func TestEndpointCase57(t *testing.T) {
+func TestEndpointCase56(t *testing.T) {
var params = EndpointParameters{
Bucket: ptr.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost"),
Region: ptr.String("us-west-2"),
@@ -3086,7 +3310,7 @@ func TestEndpointCase57(t *testing.T) {
}
// Invalid ARN: missing bucket@us-west-2
-func TestEndpointCase58(t *testing.T) {
+func TestEndpointCase57(t *testing.T) {
var params = EndpointParameters{
Bucket: ptr.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456"),
Region: ptr.String("us-west-2"),
@@ -3108,7 +3332,7 @@ func TestEndpointCase58(t *testing.T) {
}
// Invalid ARN: missing outpost and bucket ids@us-west-2
-func TestEndpointCase59(t *testing.T) {
+func TestEndpointCase58(t *testing.T) {
var params = EndpointParameters{
Bucket: ptr.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:bucket"),
Region: ptr.String("us-west-2"),
@@ -3130,7 +3354,7 @@ func TestEndpointCase59(t *testing.T) {
}
// Invalid ARN: missing bucket id@us-west-2
-func TestEndpointCase60(t *testing.T) {
+func TestEndpointCase59(t *testing.T) {
var params = EndpointParameters{
Bucket: ptr.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket"),
Region: ptr.String("us-west-2"),
@@ -3152,7 +3376,7 @@ func TestEndpointCase60(t *testing.T) {
}
// account id inserted into hostname@us-west-2
-func TestEndpointCase61(t *testing.T) {
+func TestEndpointCase60(t *testing.T) {
var params = EndpointParameters{
AccountId: ptr.String("1234567890"),
Region: ptr.String("us-west-2"),
@@ -3211,7 +3435,7 @@ func TestEndpointCase61(t *testing.T) {
}
// account id prefix with dualstack@us-east-1
-func TestEndpointCase62(t *testing.T) {
+func TestEndpointCase61(t *testing.T) {
var params = EndpointParameters{
AccountId: ptr.String("1234567890"),
Region: ptr.String("us-east-1"),
@@ -3270,7 +3494,7 @@ func TestEndpointCase62(t *testing.T) {
}
// account id prefix with fips@us-east-1
-func TestEndpointCase63(t *testing.T) {
+func TestEndpointCase62(t *testing.T) {
var params = EndpointParameters{
AccountId: ptr.String("1234567890"),
Region: ptr.String("us-east-1"),
@@ -3329,7 +3553,7 @@ func TestEndpointCase63(t *testing.T) {
}
// custom account id prefix with fips@us-east-1
-func TestEndpointCase64(t *testing.T) {
+func TestEndpointCase63(t *testing.T) {
var params = EndpointParameters{
AccountId: ptr.String("123456789012"),
Region: ptr.String("us-east-1"),
@@ -3388,7 +3612,7 @@ func TestEndpointCase64(t *testing.T) {
}
// standard url @ us-east-1
-func TestEndpointCase65(t *testing.T) {
+func TestEndpointCase64(t *testing.T) {
var params = EndpointParameters{
Region: ptr.String("us-east-1"),
}
@@ -3443,7 +3667,7 @@ func TestEndpointCase65(t *testing.T) {
}
// fips url @ us-east-1
-func TestEndpointCase66(t *testing.T) {
+func TestEndpointCase65(t *testing.T) {
var params = EndpointParameters{
Region: ptr.String("us-east-1"),
UseFIPS: ptr.Bool(true),
@@ -3499,7 +3723,7 @@ func TestEndpointCase66(t *testing.T) {
}
// dualstack url @ us-east-1
-func TestEndpointCase67(t *testing.T) {
+func TestEndpointCase66(t *testing.T) {
var params = EndpointParameters{
Region: ptr.String("us-east-1"),
UseDualStack: ptr.Bool(true),
@@ -3555,7 +3779,7 @@ func TestEndpointCase67(t *testing.T) {
}
// fips,dualstack url @ us-east-1
-func TestEndpointCase68(t *testing.T) {
+func TestEndpointCase67(t *testing.T) {
var params = EndpointParameters{
Region: ptr.String("us-east-1"),
UseDualStack: ptr.Bool(true),
@@ -3612,7 +3836,7 @@ func TestEndpointCase68(t *testing.T) {
}
// standard url @ cn-north-1
-func TestEndpointCase69(t *testing.T) {
+func TestEndpointCase68(t *testing.T) {
var params = EndpointParameters{
Region: ptr.String("cn-north-1"),
}
@@ -3667,7 +3891,7 @@ func TestEndpointCase69(t *testing.T) {
}
// fips @ cn-north-1
-func TestEndpointCase70(t *testing.T) {
+func TestEndpointCase69(t *testing.T) {
var params = EndpointParameters{
Region: ptr.String("cn-north-1"),
UseDualStack: ptr.Bool(true),
@@ -3687,7 +3911,7 @@ func TestEndpointCase70(t *testing.T) {
}
// custom account id prefix @us-east-1
-func TestEndpointCase71(t *testing.T) {
+func TestEndpointCase70(t *testing.T) {
var params = EndpointParameters{
AccountId: ptr.String("123456789012"),
Region: ptr.String("us-east-1"),
@@ -3746,7 +3970,7 @@ func TestEndpointCase71(t *testing.T) {
}
// invalid account id prefix @us-east-1
-func TestEndpointCase72(t *testing.T) {
+func TestEndpointCase71(t *testing.T) {
var params = EndpointParameters{
AccountId: ptr.String("/?invalid¬-host*label"),
Region: ptr.String("us-east-1"),
@@ -3768,7 +3992,7 @@ func TestEndpointCase72(t *testing.T) {
}
// custom account id prefix with fips@us-east-1
-func TestEndpointCase73(t *testing.T) {
+func TestEndpointCase72(t *testing.T) {
var params = EndpointParameters{
AccountId: ptr.String("123456789012"),
Region: ptr.String("us-east-1"),
@@ -3827,7 +4051,7 @@ func TestEndpointCase73(t *testing.T) {
}
// custom account id prefix with dualstack,fips@us-east-1
-func TestEndpointCase74(t *testing.T) {
+func TestEndpointCase73(t *testing.T) {
var params = EndpointParameters{
AccountId: ptr.String("123456789012"),
Region: ptr.String("us-east-1"),
@@ -3886,7 +4110,7 @@ func TestEndpointCase74(t *testing.T) {
}
// custom account id with custom endpoint
-func TestEndpointCase75(t *testing.T) {
+func TestEndpointCase74(t *testing.T) {
var params = EndpointParameters{
AccountId: ptr.String("123456789012"),
Region: ptr.String("us-east-1"),
@@ -3944,7 +4168,7 @@ func TestEndpointCase75(t *testing.T) {
}
// RequiresAccountId with AccountId unset
-func TestEndpointCase76(t *testing.T) {
+func TestEndpointCase75(t *testing.T) {
var params = EndpointParameters{
Region: ptr.String("us-east-1"),
RequiresAccountId: ptr.Bool(true),
@@ -3963,7 +4187,7 @@ func TestEndpointCase76(t *testing.T) {
}
// RequiresAccountId with AccountId unset and custom endpoint
-func TestEndpointCase77(t *testing.T) {
+func TestEndpointCase76(t *testing.T) {
var params = EndpointParameters{
Region: ptr.String("us-east-1"),
Endpoint: ptr.String("https://beta.example.com"),
@@ -3983,7 +4207,7 @@ func TestEndpointCase77(t *testing.T) {
}
// RequiresAccountId with invalid AccountId and custom endpoint
-func TestEndpointCase78(t *testing.T) {
+func TestEndpointCase77(t *testing.T) {
var params = EndpointParameters{
Region: ptr.String("us-east-1"),
Endpoint: ptr.String("https://beta.example.com"),
@@ -4004,7 +4228,7 @@ func TestEndpointCase78(t *testing.T) {
}
// account id with custom endpoint, fips
-func TestEndpointCase79(t *testing.T) {
+func TestEndpointCase78(t *testing.T) {
var params = EndpointParameters{
AccountId: ptr.String("123456789012"),
Region: ptr.String("us-east-1"),
@@ -4063,7 +4287,7 @@ func TestEndpointCase79(t *testing.T) {
}
// custom endpoint, fips
-func TestEndpointCase80(t *testing.T) {
+func TestEndpointCase79(t *testing.T) {
var params = EndpointParameters{
Region: ptr.String("us-east-1"),
Endpoint: ptr.String("https://example.com"),
@@ -4120,7 +4344,7 @@ func TestEndpointCase80(t *testing.T) {
}
// custom endpoint, fips
-func TestEndpointCase81(t *testing.T) {
+func TestEndpointCase80(t *testing.T) {
var params = EndpointParameters{
Region: ptr.String("us-east-1"),
Endpoint: ptr.String("https://example.com"),
@@ -4177,7 +4401,7 @@ func TestEndpointCase81(t *testing.T) {
}
// custom endpoint, DualStack
-func TestEndpointCase82(t *testing.T) {
+func TestEndpointCase81(t *testing.T) {
var params = EndpointParameters{
Region: ptr.String("us-east-1"),
Endpoint: ptr.String("https://example.com"),
@@ -4198,7 +4422,7 @@ func TestEndpointCase82(t *testing.T) {
}
// region not set
-func TestEndpointCase83(t *testing.T) {
+func TestEndpointCase82(t *testing.T) {
var params = EndpointParameters{}
resolver := NewDefaultEndpointResolverV2()
@@ -4214,7 +4438,7 @@ func TestEndpointCase83(t *testing.T) {
}
// invalid partition
-func TestEndpointCase84(t *testing.T) {
+func TestEndpointCase83(t *testing.T) {
var params = EndpointParameters{
Region: ptr.String("invalid-region 42"),
}
@@ -4232,7 +4456,7 @@ func TestEndpointCase84(t *testing.T) {
}
// ListRegionalBuckets + OutpostId without accountId set.
-func TestEndpointCase85(t *testing.T) {
+func TestEndpointCase84(t *testing.T) {
var params = EndpointParameters{
OutpostId: ptr.String("op-123"),
Region: ptr.String("us-east-2"),
@@ -4254,7 +4478,7 @@ func TestEndpointCase85(t *testing.T) {
}
// ListRegionalBuckets + OutpostId with invalid accountId set.
-func TestEndpointCase86(t *testing.T) {
+func TestEndpointCase85(t *testing.T) {
var params = EndpointParameters{
AccountId: ptr.String("/?invalid¬-host*label"),
OutpostId: ptr.String("op-123"),
@@ -4277,7 +4501,7 @@ func TestEndpointCase86(t *testing.T) {
}
// accesspoint set but missing accountId
-func TestEndpointCase87(t *testing.T) {
+func TestEndpointCase86(t *testing.T) {
var params = EndpointParameters{
AccessPointName: ptr.String("myaccesspoint"),
Region: ptr.String("us-west-2"),
@@ -4299,7 +4523,7 @@ func TestEndpointCase87(t *testing.T) {
}
// outpost accesspoint ARN with missing accountId
-func TestEndpointCase88(t *testing.T) {
+func TestEndpointCase87(t *testing.T) {
var params = EndpointParameters{
AccessPointName: ptr.String("arn:aws:s3-outposts:us-west-2::outpost:op-01234567890123456:outpost:op1"),
Region: ptr.String("us-west-2"),
@@ -4321,7 +4545,7 @@ func TestEndpointCase88(t *testing.T) {
}
// bucket ARN with missing accountId
-func TestEndpointCase89(t *testing.T) {
+func TestEndpointCase88(t *testing.T) {
var params = EndpointParameters{
AccessPointName: ptr.String("arn:aws:s3-outposts:us-west-2::outpost:op-01234567890123456:bucket:mybucket"),
Region: ptr.String("us-west-2"),
@@ -4343,7 +4567,7 @@ func TestEndpointCase89(t *testing.T) {
}
// endpoint url with accesspoint (non-arn)
-func TestEndpointCase90(t *testing.T) {
+func TestEndpointCase89(t *testing.T) {
var params = EndpointParameters{
AccessPointName: ptr.String("apname"),
Endpoint: ptr.String("https://beta.example.com"),
@@ -4404,7 +4628,7 @@ func TestEndpointCase90(t *testing.T) {
}
// access point name with an accesspoint arn@us-west-2
-func TestEndpointCase91(t *testing.T) {
+func TestEndpointCase90(t *testing.T) {
var params = EndpointParameters{
AccessPointName: ptr.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint"),
Endpoint: ptr.String("https://beta.example.com"),
@@ -4469,7 +4693,7 @@ func TestEndpointCase91(t *testing.T) {
}
// DualStack + Custom endpoint is not supported(non-arn)
-func TestEndpointCase92(t *testing.T) {
+func TestEndpointCase91(t *testing.T) {
var params = EndpointParameters{
AccessPointName: ptr.String("apname"),
Endpoint: ptr.String("https://beta.example.com"),
@@ -4492,11 +4716,11 @@ func TestEndpointCase92(t *testing.T) {
}
}
-// get bucket with endpoint_url and dualstack is not supported@us-west-2
-func TestEndpointCase93(t *testing.T) {
+// get bucket with custom endpoint and dualstack is not supported@us-west-2
+func TestEndpointCase92(t *testing.T) {
var params = EndpointParameters{
Bucket: ptr.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket"),
- Endpoint: ptr.String("https://beta.example.com"),
+ Endpoint: ptr.String("https://s3-outposts.us-west-2.api.aws"),
Region: ptr.String("us-west-2"),
RequiresAccountId: ptr.Bool(true),
UseDualStack: ptr.Bool(true),
@@ -4510,13 +4734,13 @@ func TestEndpointCase93(t *testing.T) {
if err == nil {
t.Fatalf("expect error, got none")
}
- if e, a := "Invalid configuration: Outpost buckets do not support dual-stack", err.Error(); !strings.Contains(a, e) {
+ if e, a := "Invalid Configuration: DualStack and custom endpoint are not supported", err.Error(); !strings.Contains(a, e) {
t.Errorf("expect %v error in %v", e, a)
}
}
// ListRegionalBuckets + OutpostId with fips in CN.
-func TestEndpointCase94(t *testing.T) {
+func TestEndpointCase93(t *testing.T) {
var params = EndpointParameters{
AccountId: ptr.String("0123456789012"),
OutpostId: ptr.String("op-123"),
@@ -4539,7 +4763,7 @@ func TestEndpointCase94(t *testing.T) {
}
// ListRegionalBuckets + invalid OutpostId.
-func TestEndpointCase95(t *testing.T) {
+func TestEndpointCase94(t *testing.T) {
var params = EndpointParameters{
AccountId: ptr.String("0123456789012"),
OutpostId: ptr.String("?outpost/invalid+"),
@@ -4562,7 +4786,7 @@ func TestEndpointCase95(t *testing.T) {
}
// bucket ARN with mismatched accountId
-func TestEndpointCase96(t *testing.T) {
+func TestEndpointCase95(t *testing.T) {
var params = EndpointParameters{
Bucket: ptr.String("arn:aws:s3-outposts:us-west-2:999999:outpost:op-01234567890123456:bucket:mybucket"),
AccountId: ptr.String("0123456789012"),
@@ -4585,7 +4809,7 @@ func TestEndpointCase96(t *testing.T) {
}
// OutpostId with invalid region
-func TestEndpointCase97(t *testing.T) {
+func TestEndpointCase96(t *testing.T) {
var params = EndpointParameters{
OutpostId: ptr.String("op-123"),
Region: ptr.String("invalid-region 42"),
@@ -4608,7 +4832,7 @@ func TestEndpointCase97(t *testing.T) {
}
// OutpostId with RequireAccountId unset
-func TestEndpointCase98(t *testing.T) {
+func TestEndpointCase97(t *testing.T) {
var params = EndpointParameters{
OutpostId: ptr.String("op-123"),
Region: ptr.String("us-west-2"),
@@ -4667,7 +4891,7 @@ func TestEndpointCase98(t *testing.T) {
// Outpost Accesspoint ARN with arn region and client region mismatch with
// UseArnRegion=false
-func TestEndpointCase99(t *testing.T) {
+func TestEndpointCase98(t *testing.T) {
var params = EndpointParameters{
AccessPointName: ptr.String("arn:aws:s3-outposts:us-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint"),
AccountId: ptr.String("123456789012"),
@@ -4692,7 +4916,7 @@ func TestEndpointCase99(t *testing.T) {
// Outpost Bucket ARN with arn region and client region mismatch with
// UseArnRegion=false
-func TestEndpointCase100(t *testing.T) {
+func TestEndpointCase99(t *testing.T) {
var params = EndpointParameters{
Bucket: ptr.String("arn:aws:s3-outposts:us-east-1:123456789012:outpost:op-01234567890123456:bucket:mybucket"),
Endpoint: ptr.String("https://beta.example.com"),
@@ -4716,7 +4940,7 @@ func TestEndpointCase100(t *testing.T) {
}
// Accesspoint ARN with region mismatch and UseArnRegion unset
-func TestEndpointCase101(t *testing.T) {
+func TestEndpointCase100(t *testing.T) {
var params = EndpointParameters{
AccessPointName: ptr.String("arn:aws:s3-outposts:us-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint"),
AccountId: ptr.String("123456789012"),
@@ -4781,7 +5005,7 @@ func TestEndpointCase101(t *testing.T) {
}
// Bucket ARN with region mismatch and UseArnRegion unset
-func TestEndpointCase102(t *testing.T) {
+func TestEndpointCase101(t *testing.T) {
var params = EndpointParameters{
Bucket: ptr.String("arn:aws:s3-outposts:us-east-1:123456789012:outpost:op-01234567890123456:bucket:mybucket"),
Region: ptr.String("us-west-2"),
@@ -4845,7 +5069,7 @@ func TestEndpointCase102(t *testing.T) {
}
// Outpost Bucket ARN with partition mismatch with UseArnRegion=true
-func TestEndpointCase103(t *testing.T) {
+func TestEndpointCase102(t *testing.T) {
var params = EndpointParameters{
Bucket: ptr.String("arn:aws:s3-outposts:cn-north-1:123456789012:outpost:op-01234567890123456:bucket:mybucket"),
Region: ptr.String("us-west-2"),
@@ -4868,7 +5092,7 @@ func TestEndpointCase103(t *testing.T) {
}
// Accesspoint ARN with partition mismatch and UseArnRegion=true
-func TestEndpointCase104(t *testing.T) {
+func TestEndpointCase103(t *testing.T) {
var params = EndpointParameters{
AccessPointName: ptr.String("arn:aws:s3-outposts:cn-north-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint"),
AccountId: ptr.String("123456789012"),
@@ -4892,7 +5116,7 @@ func TestEndpointCase104(t *testing.T) {
}
// Accesspoint ARN with region mismatch, UseArnRegion=false and custom endpoint
-func TestEndpointCase105(t *testing.T) {
+func TestEndpointCase104(t *testing.T) {
var params = EndpointParameters{
AccessPointName: ptr.String("arn:aws:s3-outposts:cn-north-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint"),
Region: ptr.String("us-west-2"),
@@ -4916,7 +5140,7 @@ func TestEndpointCase105(t *testing.T) {
}
// outpost bucket arn@us-west-2
-func TestEndpointCase106(t *testing.T) {
+func TestEndpointCase105(t *testing.T) {
var params = EndpointParameters{
Bucket: ptr.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket"),
Region: ptr.String("us-west-2"),
@@ -4980,7 +5204,7 @@ func TestEndpointCase106(t *testing.T) {
}
// S3 Snow Control with bucket
-func TestEndpointCase107(t *testing.T) {
+func TestEndpointCase106(t *testing.T) {
var params = EndpointParameters{
Region: ptr.String("snow"),
Bucket: ptr.String("bucketName"),
@@ -5039,7 +5263,7 @@ func TestEndpointCase107(t *testing.T) {
}
// S3 Snow Control without bucket
-func TestEndpointCase108(t *testing.T) {
+func TestEndpointCase107(t *testing.T) {
var params = EndpointParameters{
Region: ptr.String("snow"),
Endpoint: ptr.String("https://10.0.1.12:433"),
@@ -5097,7 +5321,7 @@ func TestEndpointCase108(t *testing.T) {
}
// S3 Snow Control with bucket and without port
-func TestEndpointCase109(t *testing.T) {
+func TestEndpointCase108(t *testing.T) {
var params = EndpointParameters{
Region: ptr.String("snow"),
Bucket: ptr.String("bucketName"),
@@ -5156,7 +5380,7 @@ func TestEndpointCase109(t *testing.T) {
}
// S3 Snow Control with bucket and with DNS
-func TestEndpointCase110(t *testing.T) {
+func TestEndpointCase109(t *testing.T) {
var params = EndpointParameters{
Region: ptr.String("snow"),
Bucket: ptr.String("bucketName"),
@@ -5215,7 +5439,7 @@ func TestEndpointCase110(t *testing.T) {
}
// S3 Snow Control with FIPS enabled
-func TestEndpointCase111(t *testing.T) {
+func TestEndpointCase110(t *testing.T) {
var params = EndpointParameters{
Region: ptr.String("snow"),
Bucket: ptr.String("bucketName"),
@@ -5237,7 +5461,7 @@ func TestEndpointCase111(t *testing.T) {
}
// S3 Snow Control with Dualstack enabled
-func TestEndpointCase112(t *testing.T) {
+func TestEndpointCase111(t *testing.T) {
var params = EndpointParameters{
Region: ptr.String("snow"),
Bucket: ptr.String("bucketName"),
diff --git a/service/s3control/go_module_metadata.go b/service/s3control/go_module_metadata.go
index f013aa93064..851f40af252 100644
--- a/service/s3control/go_module_metadata.go
+++ b/service/s3control/go_module_metadata.go
@@ -3,4 +3,4 @@
package s3control
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.41.8"
+const goModuleVersion = "1.42.0"
diff --git a/service/sagemaker/CHANGELOG.md b/service/sagemaker/CHANGELOG.md
index 91057cbbc82..803f0e284e7 100644
--- a/service/sagemaker/CHANGELOG.md
+++ b/service/sagemaker/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.125.0 (2024-01-14)
+
+* **Feature**: This release will have ValidationException thrown if certain invalid app types are provided. The release will also throw ValidationException if more than 10 account ids are provided in VpcOnlyTrustedAccounts.
+
# v1.124.0 (2024-01-04)
* **Feature**: Adding support for provisioned throughput mode for SageMaker Feature Groups
diff --git a/service/sagemaker/go_module_metadata.go b/service/sagemaker/go_module_metadata.go
index 759cf4d2c2b..aafdce81a99 100644
--- a/service/sagemaker/go_module_metadata.go
+++ b/service/sagemaker/go_module_metadata.go
@@ -3,4 +3,4 @@
package sagemaker
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.124.0"
+const goModuleVersion = "1.125.0"
diff --git a/service/sagemaker/types/enums.go b/service/sagemaker/types/enums.go
index fb25550680f..443d885e4e2 100644
--- a/service/sagemaker/types/enums.go
+++ b/service/sagemaker/types/enums.go
@@ -33,6 +33,7 @@ type AdditionalS3DataSourceDataType string
// Enum values for AdditionalS3DataSourceDataType
const (
AdditionalS3DataSourceDataTypeS3object AdditionalS3DataSourceDataType = "S3Object"
+ AdditionalS3DataSourceDataTypeS3prefix AdditionalS3DataSourceDataType = "S3Prefix"
)
// Values returns all known values for AdditionalS3DataSourceDataType. Note that
@@ -42,6 +43,7 @@ const (
func (AdditionalS3DataSourceDataType) Values() []AdditionalS3DataSourceDataType {
return []AdditionalS3DataSourceDataType{
"S3Object",
+ "S3Prefix",
}
}
@@ -356,17 +358,11 @@ const (
AppTypeKernelGateway AppType = "KernelGateway"
AppTypeDetailedProfiler AppType = "DetailedProfiler"
AppTypeTensorBoard AppType = "TensorBoard"
- AppTypeVSCode AppType = "VSCode"
- AppTypeSavitur AppType = "Savitur"
AppTypeCodeEditor AppType = "CodeEditor"
AppTypeJupyterLab AppType = "JupyterLab"
AppTypeRStudioServerPro AppType = "RStudioServerPro"
- AppTypeRSession AppType = "RSession"
AppTypeRSessionGateway AppType = "RSessionGateway"
AppTypeCanvas AppType = "Canvas"
- AppTypeDatasetManager AppType = "DatasetManager"
- AppTypeSageMakerLite AppType = "SageMakerLite"
- AppTypeLocal AppType = "Local"
)
// Values returns all known values for AppType. Note that this can be expanded in
@@ -378,17 +374,11 @@ func (AppType) Values() []AppType {
"KernelGateway",
"DetailedProfiler",
"TensorBoard",
- "VSCode",
- "Savitur",
"CodeEditor",
"JupyterLab",
"RStudioServerPro",
- "RSession",
"RSessionGateway",
"Canvas",
- "DatasetManager",
- "SageMakerLite",
- "Local",
}
}
@@ -5904,8 +5894,6 @@ type StudioLifecycleConfigAppType string
const (
StudioLifecycleConfigAppTypeJupyterServer StudioLifecycleConfigAppType = "JupyterServer"
StudioLifecycleConfigAppTypeKernelGateway StudioLifecycleConfigAppType = "KernelGateway"
- StudioLifecycleConfigAppTypeVSCode StudioLifecycleConfigAppType = "VSCode"
- StudioLifecycleConfigAppTypeSavitur StudioLifecycleConfigAppType = "Savitur"
StudioLifecycleConfigAppTypeCodeEditor StudioLifecycleConfigAppType = "CodeEditor"
StudioLifecycleConfigAppTypeJupyterLab StudioLifecycleConfigAppType = "JupyterLab"
)
@@ -5918,8 +5906,6 @@ func (StudioLifecycleConfigAppType) Values() []StudioLifecycleConfigAppType {
return []StudioLifecycleConfigAppType{
"JupyterServer",
"KernelGateway",
- "VSCode",
- "Savitur",
"CodeEditor",
"JupyterLab",
}
diff --git a/service/secretsmanager/CHANGELOG.md b/service/secretsmanager/CHANGELOG.md
index 53846552954..8c65e3385e3 100644
--- a/service/secretsmanager/CHANGELOG.md
+++ b/service/secretsmanager/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.26.2 (2024-01-11)
+
+* **Documentation**: Doc only update for Secrets Manager
+
# v1.26.1 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/secretsmanager/api_op_DescribeSecret.go b/service/secretsmanager/api_op_DescribeSecret.go
index a5b2f0ad3b8..2e714de6d75 100644
--- a/service/secretsmanager/api_op_DescribeSecret.go
+++ b/service/secretsmanager/api_op_DescribeSecret.go
@@ -83,14 +83,16 @@ type DescribeSecretOutput struct {
LastChangedDate *time.Time
// The last date and time that Secrets Manager rotated the secret. If the secret
- // isn't configured for rotation, Secrets Manager returns null.
+ // isn't configured for rotation or rotation has been disabled, Secrets Manager
+ // returns null.
LastRotatedDate *time.Time
// The name of the secret.
Name *string
// The next rotation is scheduled to occur on or before this date. If the secret
- // isn't configured for rotation, Secrets Manager returns null.
+ // isn't configured for rotation or rotation has been disabled, Secrets Manager
+ // returns null.
NextRotationDate *time.Time
// The ID of the service that created this secret. For more information, see
diff --git a/service/secretsmanager/api_op_GetRandomPassword.go b/service/secretsmanager/api_op_GetRandomPassword.go
index f302fb8b8a6..a9b2deaa346 100644
--- a/service/secretsmanager/api_op_GetRandomPassword.go
+++ b/service/secretsmanager/api_op_GetRandomPassword.go
@@ -13,10 +13,12 @@ import (
// Generates a random password. We recommend that you specify the maximum length
// and include every character type that the system you are generating a password
-// for can support. Secrets Manager generates a CloudTrail log entry when you call
-// this action. Do not include sensitive information in request parameters because
-// it might be logged. For more information, see Logging Secrets Manager events
-// with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html)
+// for can support. By default, Secrets Manager uses uppercase and lowercase
+// letters, numbers, and the following characters in passwords:
+// !\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~ Secrets Manager generates a CloudTrail log
+// entry when you call this action. Do not include sensitive information in request
+// parameters because it might be logged. For more information, see Logging
+// Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html)
// . Required permissions: secretsmanager:GetRandomPassword . For more information,
// see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions)
// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html)
diff --git a/service/secretsmanager/api_op_GetSecretValue.go b/service/secretsmanager/api_op_GetSecretValue.go
index a8778ab3fe9..11ecfcd359b 100644
--- a/service/secretsmanager/api_op_GetSecretValue.go
+++ b/service/secretsmanager/api_op_GetSecretValue.go
@@ -87,11 +87,12 @@ type GetSecretValueOutput struct {
Name *string
// The decrypted secret value, if the secret value was originally provided as
- // binary data in the form of a byte array. The response parameter represents the
- // binary data as a base64-encoded (https://tools.ietf.org/html/rfc4648#section-4)
- // string. If the secret was created by using the Secrets Manager console, or if
- // the secret value was originally provided as a string, then this field is
- // omitted. The secret value appears in SecretString instead.
+ // binary data in the form of a byte array. When you retrieve a SecretBinary using
+ // the HTTP API, the Python SDK, or the Amazon Web Services CLI, the value is
+ // Base64-encoded. Otherwise, it is not encoded. If the secret was created by using
+ // the Secrets Manager console, or if the secret value was originally provided as a
+ // string, then this field is omitted. The secret value appears in SecretString
+ // instead.
SecretBinary []byte
// The decrypted secret value, if the secret value was originally provided as a
diff --git a/service/secretsmanager/api_op_ReplicateSecretToRegions.go b/service/secretsmanager/api_op_ReplicateSecretToRegions.go
index 313f28ca5c8..44d3acb0375 100644
--- a/service/secretsmanager/api_op_ReplicateSecretToRegions.go
+++ b/service/secretsmanager/api_op_ReplicateSecretToRegions.go
@@ -16,8 +16,11 @@ import (
// . Secrets Manager generates a CloudTrail log entry when you call this action. Do
// not include sensitive information in request parameters because it might be
// logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html)
-// . Required permissions: secretsmanager:ReplicateSecretToRegions . For more
-// information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions)
+// . Required permissions: secretsmanager:ReplicateSecretToRegions . If the primary
+// secret is encrypted with a KMS key other than aws/secretsmanager , you also need
+// kms:Decrypt permission to the key. To encrypt the replicated secret with a KMS
+// key other than aws/secretsmanager , you need kms:GenerateDataKey and kms:Encrypt
+// to the key. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions)
// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html)
// .
func (c *Client) ReplicateSecretToRegions(ctx context.Context, params *ReplicateSecretToRegionsInput, optFns ...func(*Options)) (*ReplicateSecretToRegionsOutput, error) {
diff --git a/service/secretsmanager/go_module_metadata.go b/service/secretsmanager/go_module_metadata.go
index 2abaa13ec14..06f6ae945b3 100644
--- a/service/secretsmanager/go_module_metadata.go
+++ b/service/secretsmanager/go_module_metadata.go
@@ -3,4 +3,4 @@
package secretsmanager
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.26.1"
+const goModuleVersion = "1.26.2"
diff --git a/service/secretsmanager/types/types.go b/service/secretsmanager/types/types.go
index 7d549c908f9..e04e17e788c 100644
--- a/service/secretsmanager/types/types.go
+++ b/service/secretsmanager/types/types.go
@@ -178,7 +178,8 @@ type SecretListEntry struct {
Name *string
// The next rotation is scheduled to occur on or before this date. If the secret
- // isn't configured for rotation, Secrets Manager returns null.
+ // isn't configured for rotation or rotation has been disabled, Secrets Manager
+ // returns null.
NextRotationDate *time.Time
// Returns the name of the service that created the secret.
diff --git a/service/securityhub/CHANGELOG.md b/service/securityhub/CHANGELOG.md
index e0d590fb5ef..c7e26c30cfa 100644
--- a/service/securityhub/CHANGELOG.md
+++ b/service/securityhub/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.44.3 (2024-01-16)
+
+* **Documentation**: Documentation updates for AWS Security Hub
+
# v1.44.2 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/securityhub/doc.go b/service/securityhub/doc.go
index a4e6ad5733b..7ffe804cca8 100644
--- a/service/securityhub/doc.go
+++ b/service/securityhub/doc.go
@@ -3,25 +3,58 @@
// Package securityhub provides the API client, operations, and parameter types
// for AWS SecurityHub.
//
-// Security Hub provides you with a comprehensive view of the security state of
-// your Amazon Web Services environment and resources. It also provides you with
-// the readiness status of your environment based on controls from supported
-// security standards. Security Hub collects security data from Amazon Web Services
-// accounts, services, and integrated third-party products and helps you analyze
-// security trends in your environment to identify the highest priority security
-// issues. For more information about Security Hub, see the Security Hub User
-// Guide (https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html)
-// . When you use operations in the Security Hub API, the requests are executed
-// only in the Amazon Web Services Region that is currently active or in the
-// specific Amazon Web Services Region that you specify in your request. Any
-// configuration or settings change that results from the operation is applied only
-// to that Region. To make the same change in other Regions, run the same command
-// for each Region in which you want to apply the change. For example, if your
-// Region is set to us-west-2 , when you use CreateMembers to add a member account
-// to Security Hub, the association of the member account with the administrator
-// account is created only in the us-west-2 Region. Security Hub must be enabled
-// for the member account in the same Region that the invitation was sent from. The
-// following throttling limits apply to using Security Hub API operations.
+// Security Hub provides you with a comprehensive view of your security state in
+// Amazon Web Services and helps you assess your Amazon Web Services environment
+// against security industry standards and best practices. Security Hub collects
+// security data across Amazon Web Services accounts, Amazon Web Services, and
+// supported third-party products and helps you analyze your security trends and
+// identify the highest priority security issues. To help you manage the security
+// state of your organization, Security Hub supports multiple security standards.
+// These include the Amazon Web Services Foundational Security Best Practices
+// (FSBP) standard developed by Amazon Web Services, and external compliance
+// frameworks such as the Center for Internet Security (CIS), the Payment Card
+// Industry Data Security Standard (PCI DSS), and the National Institute of
+// Standards and Technology (NIST). Each standard includes several security
+// controls, each of which represents a security best practice. Security Hub runs
+// checks against security controls and generates control findings to help you
+// assess your compliance against security best practices. In addition to
+// generating control findings, Security Hub also receives findings from other
+// Amazon Web Services, such as Amazon GuardDuty and Amazon Inspector, and
+// supported third-party products. This gives you a single pane of glass into a
+// variety of security-related issues. You can also send Security Hub findings to
+// other Amazon Web Services and supported third-party products. Security Hub
+// offers automation features that help you triage and remediate security issues.
+// For example, you can use automation rules to automatically update critical
+// findings when a security check fails. You can also leverage the integration with
+// Amazon EventBridge to trigger automatic responses to specific findings. This
+// guide, the Security Hub API Reference, provides information about the Security
+// Hub API. This includes supported resources, HTTP methods, parameters, and
+// schemas. If you're new to Security Hub, you might find it helpful to also review
+// the Security Hub User Guide (https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html)
+// . The user guide explains key concepts and provides procedures that demonstrate
+// how to use Security Hub features. It also provides information about topics such
+// as integrating Security Hub with other Amazon Web Services. In addition to
+// interacting with Security Hub by making calls to the Security Hub API, you can
+// use a current version of an Amazon Web Services command line tool or SDK. Amazon
+// Web Services provides tools and SDKs that consist of libraries and sample code
+// for various languages and platforms, such as PowerShell, Java, Go, Python, C++,
+// and .NET. These tools and SDKs provide convenient, programmatic access to
+// Security Hub and other Amazon Web Services . They also handle tasks such as
+// signing requests, managing errors, and retrying requests automatically. For
+// information about installing and using the Amazon Web Services tools and SDKs,
+// see Tools to Build on Amazon Web Services (http://aws.amazon.com/developer/tools/)
+// . With the exception of operations that are related to central configuration,
+// Security Hub API requests are executed only in the Amazon Web Services Region
+// that is currently active or in the specific Amazon Web Services Region that you
+// specify in your request. Any configuration or settings change that results from
+// the operation is applied only to that Region. To make the same change in other
+// Regions, call the same API operation in each Region in which you want to apply
+// the change. When you use central configuration, API requests for enabling
+// Security Hub, standards, and controls are executed in the home Region and all
+// linked Regions. For a list of central configuration operations, see the Central
+// configuration terms and concepts (https://docs.aws.amazon.com/securityhub/latest/userguide/central-configuration-intro.html#central-configuration-concepts)
+// section of the Security Hub User Guide. The following throttling limits apply to
+// Security Hub API operations.
// - BatchEnableStandards - RateLimit of 1 request per second. BurstLimit of 1
// request per second.
// - GetFindings - RateLimit of 3 requests per second. BurstLimit of 6 requests
diff --git a/service/securityhub/go_module_metadata.go b/service/securityhub/go_module_metadata.go
index 35821c320bb..dd6a495244e 100644
--- a/service/securityhub/go_module_metadata.go
+++ b/service/securityhub/go_module_metadata.go
@@ -3,4 +3,4 @@
package securityhub
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.44.2"
+const goModuleVersion = "1.44.3"
diff --git a/service/securityhub/types/types.go b/service/securityhub/types/types.go
index 1a050be81e8..6872ce12cc5 100644
--- a/service/securityhub/types/types.go
+++ b/service/securityhub/types/types.go
@@ -8538,9 +8538,16 @@ type AwsLambdaFunctionVpcConfig struct {
// Details about a Lambda layer version.
type AwsLambdaLayerVersionDetails struct {
- // The layer's compatible runtimes. Maximum number of five items. Valid values:
- // nodejs10.x | nodejs12.x | java8 | java11 | python2.7 | python3.6 | python3.7 |
- // python3.8 | dotnetcore1.0 | dotnetcore2.1 | go1.x | ruby2.5 | provided
+ // The layer's compatible function runtimes (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html)
+ // . The following list includes deprecated runtimes. For more information, see
+ // Runtime deprecation policy (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-support-policy)
+ // in the Lambda Developer Guide. Array Members: Maximum number of 5 items. Valid
+ // Values: nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x
+ // | nodejs14.x | nodejs16.x | java8 | java8.al2 | java11 | python2.7 | python3.6 |
+ // python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 |
+ // dotnetcore2.1 | dotnetcore3.1 | dotnet6 | nodejs4.3-edge | go1.x | ruby2.5 |
+ // ruby2.7 | provided | provided.al2 | nodejs18.x | python3.10 | java17 | ruby3.2 |
+ // python3.11 | nodejs20.x | provided.al2023 | python3.12 | java21
CompatibleRuntimes []string
// Indicates when the version was created. Uses the date-time format specified in
diff --git a/service/securitylake/CHANGELOG.md b/service/securitylake/CHANGELOG.md
index 6c244f58c62..a836b506363 100644
--- a/service/securitylake/CHANGELOG.md
+++ b/service/securitylake/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.10.7 (2024-01-10)
+
+* No change notes available for this release.
+
# v1.10.6 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/securitylake/go_module_metadata.go b/service/securitylake/go_module_metadata.go
index ad478942433..2b53eeedf88 100644
--- a/service/securitylake/go_module_metadata.go
+++ b/service/securitylake/go_module_metadata.go
@@ -3,4 +3,4 @@
package securitylake
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.10.6"
+const goModuleVersion = "1.10.7"
diff --git a/service/securitylake/internal/endpoints/endpoints.go b/service/securitylake/internal/endpoints/endpoints.go
index 387ec72b75b..781f1598d15 100644
--- a/service/securitylake/internal/endpoints/endpoints.go
+++ b/service/securitylake/internal/endpoints/endpoints.go
@@ -175,21 +175,81 @@ var defaultPartitions = endpoints.Partitions{
endpoints.EndpointKey{
Region: "eu-west-3",
}: endpoints.Endpoint{},
+ endpoints.EndpointKey{
+ Region: "fips-us-east-1",
+ }: endpoints.Endpoint{
+ Hostname: "securitylake-fips.us-east-1.amazonaws.com",
+ CredentialScope: endpoints.CredentialScope{
+ Region: "us-east-1",
+ },
+ Deprecated: aws.TrueTernary,
+ },
+ endpoints.EndpointKey{
+ Region: "fips-us-east-2",
+ }: endpoints.Endpoint{
+ Hostname: "securitylake-fips.us-east-2.amazonaws.com",
+ CredentialScope: endpoints.CredentialScope{
+ Region: "us-east-2",
+ },
+ Deprecated: aws.TrueTernary,
+ },
+ endpoints.EndpointKey{
+ Region: "fips-us-west-1",
+ }: endpoints.Endpoint{
+ Hostname: "securitylake-fips.us-west-1.amazonaws.com",
+ CredentialScope: endpoints.CredentialScope{
+ Region: "us-west-1",
+ },
+ Deprecated: aws.TrueTernary,
+ },
+ endpoints.EndpointKey{
+ Region: "fips-us-west-2",
+ }: endpoints.Endpoint{
+ Hostname: "securitylake-fips.us-west-2.amazonaws.com",
+ CredentialScope: endpoints.CredentialScope{
+ Region: "us-west-2",
+ },
+ Deprecated: aws.TrueTernary,
+ },
endpoints.EndpointKey{
Region: "sa-east-1",
}: endpoints.Endpoint{},
endpoints.EndpointKey{
Region: "us-east-1",
}: endpoints.Endpoint{},
+ endpoints.EndpointKey{
+ Region: "us-east-1",
+ Variant: endpoints.FIPSVariant,
+ }: {
+ Hostname: "securitylake-fips.us-east-1.amazonaws.com",
+ },
endpoints.EndpointKey{
Region: "us-east-2",
}: endpoints.Endpoint{},
+ endpoints.EndpointKey{
+ Region: "us-east-2",
+ Variant: endpoints.FIPSVariant,
+ }: {
+ Hostname: "securitylake-fips.us-east-2.amazonaws.com",
+ },
endpoints.EndpointKey{
Region: "us-west-1",
}: endpoints.Endpoint{},
+ endpoints.EndpointKey{
+ Region: "us-west-1",
+ Variant: endpoints.FIPSVariant,
+ }: {
+ Hostname: "securitylake-fips.us-west-1.amazonaws.com",
+ },
endpoints.EndpointKey{
Region: "us-west-2",
}: endpoints.Endpoint{},
+ endpoints.EndpointKey{
+ Region: "us-west-2",
+ Variant: endpoints.FIPSVariant,
+ }: {
+ Hostname: "securitylake-fips.us-west-2.amazonaws.com",
+ },
},
},
{
diff --git a/service/ssooidc/CHANGELOG.md b/service/ssooidc/CHANGELOG.md
index 84810e173e9..f77c4785e72 100644
--- a/service/ssooidc/CHANGELOG.md
+++ b/service/ssooidc/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.21.7 (2024-01-16)
+
+* No change notes available for this release.
+
# v1.21.6 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/ssooidc/go_module_metadata.go b/service/ssooidc/go_module_metadata.go
index abeab0d2588..474a574ec71 100644
--- a/service/ssooidc/go_module_metadata.go
+++ b/service/ssooidc/go_module_metadata.go
@@ -3,4 +3,4 @@
package ssooidc
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.21.6"
+const goModuleVersion = "1.21.7"
diff --git a/service/ssooidc/internal/endpoints/endpoints.go b/service/ssooidc/internal/endpoints/endpoints.go
index c48da8b88a6..cbd77fd291c 100644
--- a/service/ssooidc/internal/endpoints/endpoints.go
+++ b/service/ssooidc/internal/endpoints/endpoints.go
@@ -283,6 +283,14 @@ var defaultPartitions = endpoints.Partitions{
Region: "il-central-1",
},
},
+ endpoints.EndpointKey{
+ Region: "me-central-1",
+ }: endpoints.Endpoint{
+ Hostname: "oidc.me-central-1.amazonaws.com",
+ CredentialScope: endpoints.CredentialScope{
+ Region: "me-central-1",
+ },
+ },
endpoints.EndpointKey{
Region: "me-south-1",
}: endpoints.Endpoint{
diff --git a/service/supplychain/CHANGELOG.md b/service/supplychain/CHANGELOG.md
new file mode 100644
index 00000000000..1414343dbe1
--- /dev/null
+++ b/service/supplychain/CHANGELOG.md
@@ -0,0 +1,5 @@
+# v1.0.0 (2024-01-12)
+
+* **Release**: New AWS service client module
+* **Feature**: This release includes APIs CreateBillOfMaterialsImportJob and GetBillOfMaterialsImportJob.
+
diff --git a/service/supplychain/LICENSE.txt b/service/supplychain/LICENSE.txt
new file mode 100644
index 00000000000..d6456956733
--- /dev/null
+++ b/service/supplychain/LICENSE.txt
@@ -0,0 +1,202 @@
+
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
diff --git a/service/supplychain/api_client.go b/service/supplychain/api_client.go
new file mode 100644
index 00000000000..83ca4d3e457
--- /dev/null
+++ b/service/supplychain/api_client.go
@@ -0,0 +1,491 @@
+// Code generated by smithy-go-codegen DO NOT EDIT.
+
+package supplychain
+
+import (
+ "context"
+ cryptorand "crypto/rand"
+ "fmt"
+ "github.com/aws/aws-sdk-go-v2/aws"
+ "github.com/aws/aws-sdk-go-v2/aws/defaults"
+ awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
+ "github.com/aws/aws-sdk-go-v2/aws/retry"
+ "github.com/aws/aws-sdk-go-v2/aws/signer/v4"
+ awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http"
+ internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
+ internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy"
+ internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources"
+ smithy "github.com/aws/smithy-go"
+ smithydocument "github.com/aws/smithy-go/document"
+ "github.com/aws/smithy-go/logging"
+ "github.com/aws/smithy-go/middleware"
+ smithyrand "github.com/aws/smithy-go/rand"
+ smithyhttp "github.com/aws/smithy-go/transport/http"
+ "net"
+ "net/http"
+ "time"
+)
+
+const ServiceID = "SupplyChain"
+const ServiceAPIVersion = "2024-01-01"
+
+// Client provides the API client to make operations call for AWS Supply Chain.
+type Client struct {
+ options Options
+}
+
+// New returns an initialized Client based on the functional options. Provide
+// additional functional options to further configure the behavior of the client,
+// such as changing the client's endpoint or adding custom middleware behavior.
+func New(options Options, optFns ...func(*Options)) *Client {
+ options = options.Copy()
+
+ resolveDefaultLogger(&options)
+
+ setResolvedDefaultsMode(&options)
+
+ resolveRetryer(&options)
+
+ resolveHTTPClient(&options)
+
+ resolveHTTPSignerV4(&options)
+
+ resolveIdempotencyTokenProvider(&options)
+
+ resolveEndpointResolverV2(&options)
+
+ resolveAuthSchemeResolver(&options)
+
+ for _, fn := range optFns {
+ fn(&options)
+ }
+
+ finalizeRetryMaxAttempts(&options)
+
+ ignoreAnonymousAuth(&options)
+
+ wrapWithAnonymousAuth(&options)
+
+ resolveAuthSchemes(&options)
+
+ client := &Client{
+ options: options,
+ }
+
+ return client
+}
+
+// Options returns a copy of the client configuration.
+//
+// Callers SHOULD NOT perform mutations on any inner structures within client
+// config. Config overrides should instead be made on a per-operation basis through
+// functional options.
+func (c *Client) Options() Options {
+ return c.options.Copy()
+}
+
+func (c *Client) invokeOperation(ctx context.Context, opID string, params interface{}, optFns []func(*Options), stackFns ...func(*middleware.Stack, Options) error) (result interface{}, metadata middleware.Metadata, err error) {
+ ctx = middleware.ClearStackValues(ctx)
+ stack := middleware.NewStack(opID, smithyhttp.NewStackRequest)
+ options := c.options.Copy()
+
+ for _, fn := range optFns {
+ fn(&options)
+ }
+
+ finalizeOperationRetryMaxAttempts(&options, *c)
+
+ finalizeClientEndpointResolverOptions(&options)
+
+ for _, fn := range stackFns {
+ if err := fn(stack, options); err != nil {
+ return nil, metadata, err
+ }
+ }
+
+ for _, fn := range options.APIOptions {
+ if err := fn(stack); err != nil {
+ return nil, metadata, err
+ }
+ }
+
+ handler := middleware.DecorateHandler(smithyhttp.NewClientHandler(options.HTTPClient), stack)
+ result, metadata, err = handler.Handle(ctx, params)
+ if err != nil {
+ err = &smithy.OperationError{
+ ServiceID: ServiceID,
+ OperationName: opID,
+ Err: err,
+ }
+ }
+ return result, metadata, err
+}
+
+type operationInputKey struct{}
+
+func setOperationInput(ctx context.Context, input interface{}) context.Context {
+ return middleware.WithStackValue(ctx, operationInputKey{}, input)
+}
+
+func getOperationInput(ctx context.Context) interface{} {
+ return middleware.GetStackValue(ctx, operationInputKey{})
+}
+
+type setOperationInputMiddleware struct {
+}
+
+func (*setOperationInputMiddleware) ID() string {
+ return "setOperationInput"
+}
+
+func (m *setOperationInputMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
+ out middleware.SerializeOutput, metadata middleware.Metadata, err error,
+) {
+ ctx = setOperationInput(ctx, in.Parameters)
+ return next.HandleSerialize(ctx, in)
+}
+
+func addProtocolFinalizerMiddlewares(stack *middleware.Stack, options Options, operation string) error {
+ if err := stack.Finalize.Add(&resolveAuthSchemeMiddleware{operation: operation, options: options}, middleware.Before); err != nil {
+ return fmt.Errorf("add ResolveAuthScheme: %w", err)
+ }
+ if err := stack.Finalize.Insert(&getIdentityMiddleware{options: options}, "ResolveAuthScheme", middleware.After); err != nil {
+ return fmt.Errorf("add GetIdentity: %v", err)
+ }
+ if err := stack.Finalize.Insert(&resolveEndpointV2Middleware{options: options}, "GetIdentity", middleware.After); err != nil {
+ return fmt.Errorf("add ResolveEndpointV2: %v", err)
+ }
+ if err := stack.Finalize.Insert(&signRequestMiddleware{}, "ResolveEndpointV2", middleware.After); err != nil {
+ return fmt.Errorf("add Signing: %w", err)
+ }
+ return nil
+}
+func resolveAuthSchemeResolver(options *Options) {
+ if options.AuthSchemeResolver == nil {
+ options.AuthSchemeResolver = &defaultAuthSchemeResolver{}
+ }
+}
+
+func resolveAuthSchemes(options *Options) {
+ if options.AuthSchemes == nil {
+ options.AuthSchemes = []smithyhttp.AuthScheme{
+ internalauth.NewHTTPAuthScheme("aws.auth#sigv4", &internalauthsmithy.V4SignerAdapter{
+ Signer: options.HTTPSignerV4,
+ Logger: options.Logger,
+ LogSigning: options.ClientLogMode.IsSigning(),
+ }),
+ }
+ }
+}
+
+type noSmithyDocumentSerde = smithydocument.NoSerde
+
+type legacyEndpointContextSetter struct {
+ LegacyResolver EndpointResolver
+}
+
+func (*legacyEndpointContextSetter) ID() string {
+ return "legacyEndpointContextSetter"
+}
+
+func (m *legacyEndpointContextSetter) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) (
+ out middleware.InitializeOutput, metadata middleware.Metadata, err error,
+) {
+ if m.LegacyResolver != nil {
+ ctx = awsmiddleware.SetRequiresLegacyEndpoints(ctx, true)
+ }
+
+ return next.HandleInitialize(ctx, in)
+
+}
+func addlegacyEndpointContextSetter(stack *middleware.Stack, o Options) error {
+ return stack.Initialize.Add(&legacyEndpointContextSetter{
+ LegacyResolver: o.EndpointResolver,
+ }, middleware.Before)
+}
+
+func resolveDefaultLogger(o *Options) {
+ if o.Logger != nil {
+ return
+ }
+ o.Logger = logging.Nop{}
+}
+
+func addSetLoggerMiddleware(stack *middleware.Stack, o Options) error {
+ return middleware.AddSetLoggerMiddleware(stack, o.Logger)
+}
+
+func setResolvedDefaultsMode(o *Options) {
+ if len(o.resolvedDefaultsMode) > 0 {
+ return
+ }
+
+ var mode aws.DefaultsMode
+ mode.SetFromString(string(o.DefaultsMode))
+
+ if mode == aws.DefaultsModeAuto {
+ mode = defaults.ResolveDefaultsModeAuto(o.Region, o.RuntimeEnvironment)
+ }
+
+ o.resolvedDefaultsMode = mode
+}
+
+// NewFromConfig returns a new client from the provided config.
+func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client {
+ opts := Options{
+ Region: cfg.Region,
+ DefaultsMode: cfg.DefaultsMode,
+ RuntimeEnvironment: cfg.RuntimeEnvironment,
+ HTTPClient: cfg.HTTPClient,
+ Credentials: cfg.Credentials,
+ APIOptions: cfg.APIOptions,
+ Logger: cfg.Logger,
+ ClientLogMode: cfg.ClientLogMode,
+ AppID: cfg.AppID,
+ }
+ resolveAWSRetryerProvider(cfg, &opts)
+ resolveAWSRetryMaxAttempts(cfg, &opts)
+ resolveAWSRetryMode(cfg, &opts)
+ resolveAWSEndpointResolver(cfg, &opts)
+ resolveUseDualStackEndpoint(cfg, &opts)
+ resolveUseFIPSEndpoint(cfg, &opts)
+ resolveBaseEndpoint(cfg, &opts)
+ return New(opts, optFns...)
+}
+
+func resolveHTTPClient(o *Options) {
+ var buildable *awshttp.BuildableClient
+
+ if o.HTTPClient != nil {
+ var ok bool
+ buildable, ok = o.HTTPClient.(*awshttp.BuildableClient)
+ if !ok {
+ return
+ }
+ } else {
+ buildable = awshttp.NewBuildableClient()
+ }
+
+ modeConfig, err := defaults.GetModeConfiguration(o.resolvedDefaultsMode)
+ if err == nil {
+ buildable = buildable.WithDialerOptions(func(dialer *net.Dialer) {
+ if dialerTimeout, ok := modeConfig.GetConnectTimeout(); ok {
+ dialer.Timeout = dialerTimeout
+ }
+ })
+
+ buildable = buildable.WithTransportOptions(func(transport *http.Transport) {
+ if tlsHandshakeTimeout, ok := modeConfig.GetTLSNegotiationTimeout(); ok {
+ transport.TLSHandshakeTimeout = tlsHandshakeTimeout
+ }
+ })
+ }
+
+ o.HTTPClient = buildable
+}
+
+func resolveRetryer(o *Options) {
+ if o.Retryer != nil {
+ return
+ }
+
+ if len(o.RetryMode) == 0 {
+ modeConfig, err := defaults.GetModeConfiguration(o.resolvedDefaultsMode)
+ if err == nil {
+ o.RetryMode = modeConfig.RetryMode
+ }
+ }
+ if len(o.RetryMode) == 0 {
+ o.RetryMode = aws.RetryModeStandard
+ }
+
+ var standardOptions []func(*retry.StandardOptions)
+ if v := o.RetryMaxAttempts; v != 0 {
+ standardOptions = append(standardOptions, func(so *retry.StandardOptions) {
+ so.MaxAttempts = v
+ })
+ }
+
+ switch o.RetryMode {
+ case aws.RetryModeAdaptive:
+ var adaptiveOptions []func(*retry.AdaptiveModeOptions)
+ if len(standardOptions) != 0 {
+ adaptiveOptions = append(adaptiveOptions, func(ao *retry.AdaptiveModeOptions) {
+ ao.StandardOptions = append(ao.StandardOptions, standardOptions...)
+ })
+ }
+ o.Retryer = retry.NewAdaptiveMode(adaptiveOptions...)
+
+ default:
+ o.Retryer = retry.NewStandard(standardOptions...)
+ }
+}
+
+func resolveAWSRetryerProvider(cfg aws.Config, o *Options) {
+ if cfg.Retryer == nil {
+ return
+ }
+ o.Retryer = cfg.Retryer()
+}
+
+func resolveAWSRetryMode(cfg aws.Config, o *Options) {
+ if len(cfg.RetryMode) == 0 {
+ return
+ }
+ o.RetryMode = cfg.RetryMode
+}
+func resolveAWSRetryMaxAttempts(cfg aws.Config, o *Options) {
+ if cfg.RetryMaxAttempts == 0 {
+ return
+ }
+ o.RetryMaxAttempts = cfg.RetryMaxAttempts
+}
+
+func finalizeRetryMaxAttempts(o *Options) {
+ if o.RetryMaxAttempts == 0 {
+ return
+ }
+
+ o.Retryer = retry.AddWithMaxAttempts(o.Retryer, o.RetryMaxAttempts)
+}
+
+func finalizeOperationRetryMaxAttempts(o *Options, client Client) {
+ if v := o.RetryMaxAttempts; v == 0 || v == client.options.RetryMaxAttempts {
+ return
+ }
+
+ o.Retryer = retry.AddWithMaxAttempts(o.Retryer, o.RetryMaxAttempts)
+}
+
+func resolveAWSEndpointResolver(cfg aws.Config, o *Options) {
+ if cfg.EndpointResolver == nil && cfg.EndpointResolverWithOptions == nil {
+ return
+ }
+ o.EndpointResolver = withEndpointResolver(cfg.EndpointResolver, cfg.EndpointResolverWithOptions)
+}
+
+func addClientUserAgent(stack *middleware.Stack, options Options) error {
+ if err := awsmiddleware.AddSDKAgentKeyValue(awsmiddleware.APIMetadata, "supplychain", goModuleVersion)(stack); err != nil {
+ return err
+ }
+
+ if len(options.AppID) > 0 {
+ return awsmiddleware.AddSDKAgentKey(awsmiddleware.ApplicationIdentifier, options.AppID)(stack)
+ }
+
+ return nil
+}
+
+type HTTPSignerV4 interface {
+ SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time, optFns ...func(*v4.SignerOptions)) error
+}
+
+func resolveHTTPSignerV4(o *Options) {
+ if o.HTTPSignerV4 != nil {
+ return
+ }
+ o.HTTPSignerV4 = newDefaultV4Signer(*o)
+}
+
+func newDefaultV4Signer(o Options) *v4.Signer {
+ return v4.NewSigner(func(so *v4.SignerOptions) {
+ so.Logger = o.Logger
+ so.LogSigning = o.ClientLogMode.IsSigning()
+ })
+}
+
+func resolveIdempotencyTokenProvider(o *Options) {
+ if o.IdempotencyTokenProvider != nil {
+ return
+ }
+ o.IdempotencyTokenProvider = smithyrand.NewUUIDIdempotencyToken(cryptorand.Reader)
+}
+
+func addRetryMiddlewares(stack *middleware.Stack, o Options) error {
+ mo := retry.AddRetryMiddlewaresOptions{
+ Retryer: o.Retryer,
+ LogRetryAttempts: o.ClientLogMode.IsRetries(),
+ }
+ return retry.AddRetryMiddlewares(stack, mo)
+}
+
+// resolves dual-stack endpoint configuration
+func resolveUseDualStackEndpoint(cfg aws.Config, o *Options) error {
+ if len(cfg.ConfigSources) == 0 {
+ return nil
+ }
+ value, found, err := internalConfig.ResolveUseDualStackEndpoint(context.Background(), cfg.ConfigSources)
+ if err != nil {
+ return err
+ }
+ if found {
+ o.EndpointOptions.UseDualStackEndpoint = value
+ }
+ return nil
+}
+
+// resolves FIPS endpoint configuration
+func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error {
+ if len(cfg.ConfigSources) == 0 {
+ return nil
+ }
+ value, found, err := internalConfig.ResolveUseFIPSEndpoint(context.Background(), cfg.ConfigSources)
+ if err != nil {
+ return err
+ }
+ if found {
+ o.EndpointOptions.UseFIPSEndpoint = value
+ }
+ return nil
+}
+
+// IdempotencyTokenProvider interface for providing idempotency token
+type IdempotencyTokenProvider interface {
+ GetIdempotencyToken() (string, error)
+}
+
+func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error {
+ return awsmiddleware.AddRequestIDRetrieverMiddleware(stack)
+}
+
+func addResponseErrorMiddleware(stack *middleware.Stack) error {
+ return awshttp.AddResponseErrorMiddleware(stack)
+}
+
+func addRequestResponseLogging(stack *middleware.Stack, o Options) error {
+ return stack.Deserialize.Add(&smithyhttp.RequestResponseLogger{
+ LogRequest: o.ClientLogMode.IsRequest(),
+ LogRequestWithBody: o.ClientLogMode.IsRequestWithBody(),
+ LogResponse: o.ClientLogMode.IsResponse(),
+ LogResponseWithBody: o.ClientLogMode.IsResponseWithBody(),
+ }, middleware.After)
+}
+
+type disableHTTPSMiddleware struct {
+ DisableHTTPS bool
+}
+
+func (*disableHTTPSMiddleware) ID() string {
+ return "disableHTTPS"
+}
+
+func (m *disableHTTPSMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
+ out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
+) {
+ req, ok := in.Request.(*smithyhttp.Request)
+ if !ok {
+ return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
+ }
+
+ if m.DisableHTTPS && !smithyhttp.GetHostnameImmutable(ctx) {
+ req.URL.Scheme = "http"
+ }
+
+ return next.HandleFinalize(ctx, in)
+}
+
+func addDisableHTTPSMiddleware(stack *middleware.Stack, o Options) error {
+ return stack.Finalize.Insert(&disableHTTPSMiddleware{
+ DisableHTTPS: o.EndpointOptions.DisableHTTPS,
+ }, "ResolveEndpointV2", middleware.After)
+}
diff --git a/service/supplychain/api_client_test.go b/service/supplychain/api_client_test.go
new file mode 100644
index 00000000000..60746e757ed
--- /dev/null
+++ b/service/supplychain/api_client_test.go
@@ -0,0 +1,127 @@
+// Code generated by smithy-go-codegen DO NOT EDIT.
+
+package supplychain
+
+import (
+ "context"
+ "github.com/aws/aws-sdk-go-v2/aws"
+ "github.com/aws/smithy-go/middleware"
+ smithyhttp "github.com/aws/smithy-go/transport/http"
+ "io/ioutil"
+ "net/http"
+ "strings"
+ "testing"
+)
+
+func TestClient_resolveRetryOptions(t *testing.T) {
+ nopClient := smithyhttp.ClientDoFunc(func(_ *http.Request) (*http.Response, error) {
+ return &http.Response{
+ StatusCode: 200,
+ Header: http.Header{},
+ Body: ioutil.NopCloser(strings.NewReader("")),
+ }, nil
+ })
+
+ cases := map[string]struct {
+ defaultsMode aws.DefaultsMode
+ retryer aws.Retryer
+ retryMaxAttempts int
+ opRetryMaxAttempts *int
+ retryMode aws.RetryMode
+ expectClientRetryMode aws.RetryMode
+ expectClientMaxAttempts int
+ expectOpMaxAttempts int
+ }{
+ "defaults": {
+ defaultsMode: aws.DefaultsModeStandard,
+ expectClientRetryMode: aws.RetryModeStandard,
+ expectClientMaxAttempts: 3,
+ expectOpMaxAttempts: 3,
+ },
+ "custom default retry": {
+ retryMode: aws.RetryModeAdaptive,
+ retryMaxAttempts: 10,
+ expectClientRetryMode: aws.RetryModeAdaptive,
+ expectClientMaxAttempts: 10,
+ expectOpMaxAttempts: 10,
+ },
+ "custom op max attempts": {
+ retryMode: aws.RetryModeAdaptive,
+ retryMaxAttempts: 10,
+ opRetryMaxAttempts: aws.Int(2),
+ expectClientRetryMode: aws.RetryModeAdaptive,
+ expectClientMaxAttempts: 10,
+ expectOpMaxAttempts: 2,
+ },
+ "custom op no change max attempts": {
+ retryMode: aws.RetryModeAdaptive,
+ retryMaxAttempts: 10,
+ opRetryMaxAttempts: aws.Int(10),
+ expectClientRetryMode: aws.RetryModeAdaptive,
+ expectClientMaxAttempts: 10,
+ expectOpMaxAttempts: 10,
+ },
+ "custom op 0 max attempts": {
+ retryMode: aws.RetryModeAdaptive,
+ retryMaxAttempts: 10,
+ opRetryMaxAttempts: aws.Int(0),
+ expectClientRetryMode: aws.RetryModeAdaptive,
+ expectClientMaxAttempts: 10,
+ expectOpMaxAttempts: 10,
+ },
+ }
+
+ for name, c := range cases {
+ t.Run(name, func(t *testing.T) {
+ client := NewFromConfig(aws.Config{
+ DefaultsMode: c.defaultsMode,
+ Retryer: func() func() aws.Retryer {
+ if c.retryer == nil {
+ return nil
+ }
+
+ return func() aws.Retryer { return c.retryer }
+ }(),
+ HTTPClient: nopClient,
+ RetryMaxAttempts: c.retryMaxAttempts,
+ RetryMode: c.retryMode,
+ }, func(o *Options) {
+ if o.Retryer == nil {
+ t.Errorf("retryer must not be nil in functional options")
+ }
+ })
+
+ if e, a := c.expectClientRetryMode, client.options.RetryMode; e != a {
+ t.Errorf("expect %v retry mode, got %v", e, a)
+ }
+ if e, a := c.expectClientMaxAttempts, client.options.Retryer.MaxAttempts(); e != a {
+ t.Errorf("expect %v max attempts, got %v", e, a)
+ }
+
+ _, _, err := client.invokeOperation(context.Background(), "mockOperation", struct{}{},
+ []func(*Options){
+ func(o *Options) {
+ if c.opRetryMaxAttempts == nil {
+ return
+ }
+ o.RetryMaxAttempts = *c.opRetryMaxAttempts
+ },
+ },
+ func(s *middleware.Stack, o Options) error {
+ s.Initialize.Clear()
+ s.Serialize.Clear()
+ s.Build.Clear()
+ s.Finalize.Clear()
+ s.Deserialize.Clear()
+
+ if e, a := c.expectOpMaxAttempts, o.Retryer.MaxAttempts(); e != a {
+ t.Errorf("expect %v op max attempts, got %v", e, a)
+ }
+ return nil
+ })
+ if err != nil {
+ t.Fatalf("expect no operation error, got %v", err)
+ }
+ })
+ }
+}
diff --git a/service/supplychain/api_op_CreateBillOfMaterialsImportJob.go b/service/supplychain/api_op_CreateBillOfMaterialsImportJob.go
new file mode 100644
index 00000000000..95f75d8cc1a
--- /dev/null
+++ b/service/supplychain/api_op_CreateBillOfMaterialsImportJob.go
@@ -0,0 +1,189 @@
+// Code generated by smithy-go-codegen DO NOT EDIT.
+
+package supplychain
+
+import (
+ "context"
+ "fmt"
+ awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
+ "github.com/aws/aws-sdk-go-v2/aws/signer/v4"
+ "github.com/aws/smithy-go/middleware"
+ smithyhttp "github.com/aws/smithy-go/transport/http"
+)
+
+// CreateBillOfMaterialsImportJob creates an import job for the Product Bill Of
+// Materials (BOM) entity. For information on the product_bom entity, see the AWS
+// Supply Chain User Guide. The CSV file must be located in an Amazon S3 location
+// accessible to AWS Supply Chain. It is recommended to use the same Amazon S3
+// bucket created during your AWS Supply Chain instance creation.
+func (c *Client) CreateBillOfMaterialsImportJob(ctx context.Context, params *CreateBillOfMaterialsImportJobInput, optFns ...func(*Options)) (*CreateBillOfMaterialsImportJobOutput, error) {
+ if params == nil {
+ params = &CreateBillOfMaterialsImportJobInput{}
+ }
+
+ result, metadata, err := c.invokeOperation(ctx, "CreateBillOfMaterialsImportJob", params, optFns, c.addOperationCreateBillOfMaterialsImportJobMiddlewares)
+ if err != nil {
+ return nil, err
+ }
+
+ out := result.(*CreateBillOfMaterialsImportJobOutput)
+ out.ResultMetadata = metadata
+ return out, nil
+}
+
+// The request parameters for CreateBillOfMaterialsImportJob.
+type CreateBillOfMaterialsImportJobInput struct {
+
+ // The AWS Supply Chain instance identifier.
+ //
+ // This member is required.
+ InstanceId *string
+
+ // The S3 URI of the CSV file to be imported. The bucket must grant permissions
+ // for AWS Supply Chain to read the file.
+ //
+ // This member is required.
+ S3uri *string
+
+ // An idempotency token.
+ ClientToken *string
+
+ noSmithyDocumentSerde
+}
+
+// The response parameters of CreateBillOfMaterialsImportJob.
+type CreateBillOfMaterialsImportJobOutput struct {
+
+ // The new BillOfMaterialsImportJob identifier.
+ //
+ // This member is required.
+ JobId *string
+
+ // Metadata pertaining to the operation's result.
+ ResultMetadata middleware.Metadata
+
+ noSmithyDocumentSerde
+}
+
+func (c *Client) addOperationCreateBillOfMaterialsImportJobMiddlewares(stack *middleware.Stack, options Options) (err error) {
+ if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
+ return err
+ }
+ err = stack.Serialize.Add(&awsRestjson1_serializeOpCreateBillOfMaterialsImportJob{}, middleware.After)
+ if err != nil {
+ return err
+ }
+ err = stack.Deserialize.Add(&awsRestjson1_deserializeOpCreateBillOfMaterialsImportJob{}, middleware.After)
+ if err != nil {
+ return err
+ }
+ if err := addProtocolFinalizerMiddlewares(stack, options, "CreateBillOfMaterialsImportJob"); err != nil {
+ return fmt.Errorf("add protocol finalizers: %v", err)
+ }
+
+ if err = addlegacyEndpointContextSetter(stack, options); err != nil {
+ return err
+ }
+ if err = addSetLoggerMiddleware(stack, options); err != nil {
+ return err
+ }
+ if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil {
+ return err
+ }
+ if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil {
+ return err
+ }
+ if err = addResolveEndpointMiddleware(stack, options); err != nil {
+ return err
+ }
+ if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil {
+ return err
+ }
+ if err = addRetryMiddlewares(stack, options); err != nil {
+ return err
+ }
+ if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil {
+ return err
+ }
+ if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil {
+ return err
+ }
+ if err = addClientUserAgent(stack, options); err != nil {
+ return err
+ }
+ if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
+ return err
+ }
+ if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
+ return err
+ }
+ if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
+ return err
+ }
+ if err = addIdempotencyToken_opCreateBillOfMaterialsImportJobMiddleware(stack, options); err != nil {
+ return err
+ }
+ if err = addOpCreateBillOfMaterialsImportJobValidationMiddleware(stack); err != nil {
+ return err
+ }
+ if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateBillOfMaterialsImportJob(options.Region), middleware.Before); err != nil {
+ return err
+ }
+ if err = awsmiddleware.AddRecursionDetection(stack); err != nil {
+ return err
+ }
+ if err = addRequestIDRetrieverMiddleware(stack); err != nil {
+ return err
+ }
+ if err = addResponseErrorMiddleware(stack); err != nil {
+ return err
+ }
+ if err = addRequestResponseLogging(stack, options); err != nil {
+ return err
+ }
+ if err = addDisableHTTPSMiddleware(stack, options); err != nil {
+ return err
+ }
+ return nil
+}
+
+type idempotencyToken_initializeOpCreateBillOfMaterialsImportJob struct {
+ tokenProvider IdempotencyTokenProvider
+}
+
+func (*idempotencyToken_initializeOpCreateBillOfMaterialsImportJob) ID() string {
+ return "OperationIdempotencyTokenAutoFill"
+}
+
+func (m *idempotencyToken_initializeOpCreateBillOfMaterialsImportJob) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) (
+ out middleware.InitializeOutput, metadata middleware.Metadata, err error,
+) {
+ if m.tokenProvider == nil {
+ return next.HandleInitialize(ctx, in)
+ }
+
+ input, ok := in.Parameters.(*CreateBillOfMaterialsImportJobInput)
+ if !ok {
+ return out, metadata, fmt.Errorf("expected middleware input to be of type *CreateBillOfMaterialsImportJobInput ")
+ }
+
+ if input.ClientToken == nil {
+ t, err := m.tokenProvider.GetIdempotencyToken()
+ if err != nil {
+ return out, metadata, err
+ }
+ input.ClientToken = &t
+ }
+ return next.HandleInitialize(ctx, in)
+}
+func addIdempotencyToken_opCreateBillOfMaterialsImportJobMiddleware(stack *middleware.Stack, cfg Options) error {
+ return stack.Initialize.Add(&idempotencyToken_initializeOpCreateBillOfMaterialsImportJob{tokenProvider: cfg.IdempotencyTokenProvider}, middleware.Before)
+}
+
+func newServiceMetadataMiddleware_opCreateBillOfMaterialsImportJob(region string) *awsmiddleware.RegisterServiceMetadata {
+ return &awsmiddleware.RegisterServiceMetadata{
+ Region: region,
+ ServiceID: ServiceID,
+ OperationName: "CreateBillOfMaterialsImportJob",
+ }
+}
diff --git a/service/supplychain/api_op_GetBillOfMaterialsImportJob.go b/service/supplychain/api_op_GetBillOfMaterialsImportJob.go
new file mode 100644
index 00000000000..dccdff6f28a
--- /dev/null
+++ b/service/supplychain/api_op_GetBillOfMaterialsImportJob.go
@@ -0,0 +1,146 @@
+// Code generated by smithy-go-codegen DO NOT EDIT.
+
+package supplychain
+
+import (
+ "context"
+ "fmt"
+ awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
+ "github.com/aws/aws-sdk-go-v2/aws/signer/v4"
+ "github.com/aws/aws-sdk-go-v2/service/supplychain/types"
+ "github.com/aws/smithy-go/middleware"
+ smithyhttp "github.com/aws/smithy-go/transport/http"
+)
+
+// Get status and details of a BillOfMaterialsImportJob.
+func (c *Client) GetBillOfMaterialsImportJob(ctx context.Context, params *GetBillOfMaterialsImportJobInput, optFns ...func(*Options)) (*GetBillOfMaterialsImportJobOutput, error) {
+ if params == nil {
+ params = &GetBillOfMaterialsImportJobInput{}
+ }
+
+ result, metadata, err := c.invokeOperation(ctx, "GetBillOfMaterialsImportJob", params, optFns, c.addOperationGetBillOfMaterialsImportJobMiddlewares)
+ if err != nil {
+ return nil, err
+ }
+
+ out := result.(*GetBillOfMaterialsImportJobOutput)
+ out.ResultMetadata = metadata
+ return out, nil
+}
+
+// The request parameters for GetBillOfMaterialsImportJob.
+type GetBillOfMaterialsImportJobInput struct {
+
+ // The AWS Supply Chain instance identifier.
+ //
+ // This member is required.
+ InstanceId *string
+
+ // The BillOfMaterialsImportJob identifier.
+ //
+ // This member is required.
+ JobId *string
+
+ noSmithyDocumentSerde
+}
+
+// The response parameters for GetBillOfMaterialsImportJob.
+type GetBillOfMaterialsImportJobOutput struct {
+
+ // The BillOfMaterialsImportJob.
+ //
+ // This member is required.
+ Job *types.BillOfMaterialsImportJob
+
+ // Metadata pertaining to the operation's result.
+ ResultMetadata middleware.Metadata
+
+ noSmithyDocumentSerde
+}
+
+func (c *Client) addOperationGetBillOfMaterialsImportJobMiddlewares(stack *middleware.Stack, options Options) (err error) {
+ if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
+ return err
+ }
+ err = stack.Serialize.Add(&awsRestjson1_serializeOpGetBillOfMaterialsImportJob{}, middleware.After)
+ if err != nil {
+ return err
+ }
+ err = stack.Deserialize.Add(&awsRestjson1_deserializeOpGetBillOfMaterialsImportJob{}, middleware.After)
+ if err != nil {
+ return err
+ }
+ if err := addProtocolFinalizerMiddlewares(stack, options, "GetBillOfMaterialsImportJob"); err != nil {
+ return fmt.Errorf("add protocol finalizers: %v", err)
+ }
+
+ if err = addlegacyEndpointContextSetter(stack, options); err != nil {
+ return err
+ }
+ if err = addSetLoggerMiddleware(stack, options); err != nil {
+ return err
+ }
+ if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil {
+ return err
+ }
+ if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil {
+ return err
+ }
+ if err = addResolveEndpointMiddleware(stack, options); err != nil {
+ return err
+ }
+ if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil {
+ return err
+ }
+ if err = addRetryMiddlewares(stack, options); err != nil {
+ return err
+ }
+ if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil {
+ return err
+ }
+ if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil {
+ return err
+ }
+ if err = addClientUserAgent(stack, options); err != nil {
+ return err
+ }
+ if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
+ return err
+ }
+ if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
+ return err
+ }
+ if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
+ return err
+ }
+ if err = addOpGetBillOfMaterialsImportJobValidationMiddleware(stack); err != nil {
+ return err
+ }
+ if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetBillOfMaterialsImportJob(options.Region), middleware.Before); err != nil {
+ return err
+ }
+ if err = awsmiddleware.AddRecursionDetection(stack); err != nil {
+ return err
+ }
+ if err = addRequestIDRetrieverMiddleware(stack); err != nil {
+ return err
+ }
+ if err = addResponseErrorMiddleware(stack); err != nil {
+ return err
+ }
+ if err = addRequestResponseLogging(stack, options); err != nil {
+ return err
+ }
+ if err = addDisableHTTPSMiddleware(stack, options); err != nil {
+ return err
+ }
+ return nil
+}
+
+func newServiceMetadataMiddleware_opGetBillOfMaterialsImportJob(region string) *awsmiddleware.RegisterServiceMetadata {
+ return &awsmiddleware.RegisterServiceMetadata{
+ Region: region,
+ ServiceID: ServiceID,
+ OperationName: "GetBillOfMaterialsImportJob",
+ }
+}
diff --git a/service/supplychain/auth.go b/service/supplychain/auth.go
new file mode 100644
index 00000000000..dd9c57b6702
--- /dev/null
+++ b/service/supplychain/auth.go
@@ -0,0 +1,284 @@
+// Code generated by smithy-go-codegen DO NOT EDIT.
+
+package supplychain
+
+import (
+ "context"
+ "fmt"
+ awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
+ smithy "github.com/aws/smithy-go"
+ smithyauth "github.com/aws/smithy-go/auth"
+ "github.com/aws/smithy-go/middleware"
+ smithyhttp "github.com/aws/smithy-go/transport/http"
+)
+
+func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) {
+ params.Region = options.Region
+}
+
+type setLegacyContextSigningOptionsMiddleware struct {
+}
+
+func (*setLegacyContextSigningOptionsMiddleware) ID() string {
+ return "setLegacyContextSigningOptions"
+}
+
+func (m *setLegacyContextSigningOptionsMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
+ out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
+) {
+ rscheme := getResolvedAuthScheme(ctx)
+ schemeID := rscheme.Scheme.SchemeID()
+
+ if sn := awsmiddleware.GetSigningName(ctx); sn != "" {
+ if schemeID == "aws.auth#sigv4" {
+ smithyhttp.SetSigV4SigningName(&rscheme.SignerProperties, sn)
+ } else if schemeID == "aws.auth#sigv4a" {
+ smithyhttp.SetSigV4ASigningName(&rscheme.SignerProperties, sn)
+ }
+ }
+
+ if sr := awsmiddleware.GetSigningRegion(ctx); sr != "" {
+ if schemeID == "aws.auth#sigv4" {
+ smithyhttp.SetSigV4SigningRegion(&rscheme.SignerProperties, sr)
+ } else if schemeID == "aws.auth#sigv4a" {
+ smithyhttp.SetSigV4ASigningRegions(&rscheme.SignerProperties, []string{sr})
+ }
+ }
+
+ return next.HandleFinalize(ctx, in)
+}
+
+func addSetLegacyContextSigningOptionsMiddleware(stack *middleware.Stack) error {
+ return stack.Finalize.Insert(&setLegacyContextSigningOptionsMiddleware{}, "Signing", middleware.Before)
+}
+
+type withAnonymous struct {
+ resolver AuthSchemeResolver
+}
+
+var _ AuthSchemeResolver = (*withAnonymous)(nil)
+
+func (v *withAnonymous) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) {
+ opts, err := v.resolver.ResolveAuthSchemes(ctx, params)
+ if err != nil {
+ return nil, err
+ }
+
+ opts = append(opts, &smithyauth.Option{
+ SchemeID: smithyauth.SchemeIDAnonymous,
+ })
+ return opts, nil
+}
+
+func wrapWithAnonymousAuth(options *Options) {
+ if _, ok := options.AuthSchemeResolver.(*defaultAuthSchemeResolver); !ok {
+ return
+ }
+
+ options.AuthSchemeResolver = &withAnonymous{
+ resolver: options.AuthSchemeResolver,
+ }
+}
+
+// AuthResolverParameters contains the set of inputs necessary for auth scheme
+// resolution.
+type AuthResolverParameters struct {
+ // The name of the operation being invoked.
+ Operation string
+
+ // The region in which the operation is being invoked.
+ Region string
+}
+
+func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters {
+ params := &AuthResolverParameters{
+ Operation: operation,
+ }
+
+ bindAuthParamsRegion(params, input, options)
+
+ return params
+}
+
+// AuthSchemeResolver returns a set of possible authentication options for an
+// operation.
+type AuthSchemeResolver interface {
+ ResolveAuthSchemes(context.Context, *AuthResolverParameters) ([]*smithyauth.Option, error)
+}
+
+type defaultAuthSchemeResolver struct{}
+
+var _ AuthSchemeResolver = (*defaultAuthSchemeResolver)(nil)
+
+func (*defaultAuthSchemeResolver) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) {
+ if overrides, ok := operationAuthOptions[params.Operation]; ok {
+ return overrides(params), nil
+ }
+ return serviceAuthOptions(params), nil
+}
+
+var operationAuthOptions = map[string]func(*AuthResolverParameters) []*smithyauth.Option{}
+
+func serviceAuthOptions(params *AuthResolverParameters) []*smithyauth.Option {
+ return []*smithyauth.Option{
+ {
+ SchemeID: smithyauth.SchemeIDSigV4,
+ SignerProperties: func() smithy.Properties {
+ var props smithy.Properties
+ smithyhttp.SetSigV4SigningName(&props, "scn")
+ smithyhttp.SetSigV4SigningRegion(&props, params.Region)
+ return props
+ }(),
+ },
+ }
+}
+
+type resolveAuthSchemeMiddleware struct {
+ operation string
+ options Options
+}
+
+func (*resolveAuthSchemeMiddleware) ID() string {
+ return "ResolveAuthScheme"
+}
+
+func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
+ out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
+) {
+ params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options)
+ options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params)
+ if err != nil {
+ return out, metadata, fmt.Errorf("resolve auth scheme: %w", err)
+ }
+
+ scheme, ok := m.selectScheme(options)
+ if !ok {
+ return out, metadata, fmt.Errorf("could not select an auth scheme")
+ }
+
+ ctx = setResolvedAuthScheme(ctx, scheme)
+ return next.HandleFinalize(ctx, in)
+}
+
+func (m *resolveAuthSchemeMiddleware) selectScheme(options []*smithyauth.Option) (*resolvedAuthScheme, bool) {
+ for _, option := range options {
+ if option.SchemeID == smithyauth.SchemeIDAnonymous {
+ return newResolvedAuthScheme(smithyhttp.NewAnonymousScheme(), option), true
+ }
+
+ for _, scheme := range m.options.AuthSchemes {
+ if scheme.SchemeID() != option.SchemeID {
+ continue
+ }
+
+ if scheme.IdentityResolver(m.options) != nil {
+ return newResolvedAuthScheme(scheme, option), true
+ }
+ }
+ }
+
+ return nil, false
+}
+
+type resolvedAuthSchemeKey struct{}
+
+type resolvedAuthScheme struct {
+ Scheme smithyhttp.AuthScheme
+ IdentityProperties smithy.Properties
+ SignerProperties smithy.Properties
+}
+
+func newResolvedAuthScheme(scheme smithyhttp.AuthScheme, option *smithyauth.Option) *resolvedAuthScheme {
+ return &resolvedAuthScheme{
+ Scheme: scheme,
+ IdentityProperties: option.IdentityProperties,
+ SignerProperties: option.SignerProperties,
+ }
+}
+
+func setResolvedAuthScheme(ctx context.Context, scheme *resolvedAuthScheme) context.Context {
+ return middleware.WithStackValue(ctx, resolvedAuthSchemeKey{}, scheme)
+}
+
+func getResolvedAuthScheme(ctx context.Context) *resolvedAuthScheme {
+ v, _ := middleware.GetStackValue(ctx, resolvedAuthSchemeKey{}).(*resolvedAuthScheme)
+ return v
+}
+
+type getIdentityMiddleware struct {
+ options Options
+}
+
+func (*getIdentityMiddleware) ID() string {
+ return "GetIdentity"
+}
+
+func (m *getIdentityMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
+ out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
+) {
+ rscheme := getResolvedAuthScheme(ctx)
+ if rscheme == nil {
+ return out, metadata, fmt.Errorf("no resolved auth scheme")
+ }
+
+ resolver := rscheme.Scheme.IdentityResolver(m.options)
+ if resolver == nil {
+ return out, metadata, fmt.Errorf("no identity resolver")
+ }
+
+ identity, err := resolver.GetIdentity(ctx, rscheme.IdentityProperties)
+ if err != nil {
+ return out, metadata, fmt.Errorf("get identity: %w", err)
+ }
+
+ ctx = setIdentity(ctx, identity)
+ return next.HandleFinalize(ctx, in)
+}
+
+type identityKey struct{}
+
+func setIdentity(ctx context.Context, identity smithyauth.Identity) context.Context {
+ return middleware.WithStackValue(ctx, identityKey{}, identity)
+}
+
+func getIdentity(ctx context.Context) smithyauth.Identity {
+ v, _ := middleware.GetStackValue(ctx, identityKey{}).(smithyauth.Identity)
+ return v
+}
+
+type signRequestMiddleware struct {
+}
+
+func (*signRequestMiddleware) ID() string {
+ return "Signing"
+}
+
+func (m *signRequestMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
+ out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
+) {
+ req, ok := in.Request.(*smithyhttp.Request)
+ if !ok {
+ return out, metadata, fmt.Errorf("unexpected transport type %T", in.Request)
+ }
+
+ rscheme := getResolvedAuthScheme(ctx)
+ if rscheme == nil {
+ return out, metadata, fmt.Errorf("no resolved auth scheme")
+ }
+
+ identity := getIdentity(ctx)
+ if identity == nil {
+ return out, metadata, fmt.Errorf("no identity")
+ }
+
+ signer := rscheme.Scheme.Signer()
+ if signer == nil {
+ return out, metadata, fmt.Errorf("no signer")
+ }
+
+ if err := signer.SignRequest(ctx, req, identity, rscheme.SignerProperties); err != nil {
+ return out, metadata, fmt.Errorf("sign request: %w", err)
+ }
+
+ return next.HandleFinalize(ctx, in)
+}
diff --git a/service/supplychain/deserializers.go b/service/supplychain/deserializers.go
new file mode 100644
index 00000000000..a7798829890
--- /dev/null
+++ b/service/supplychain/deserializers.go
@@ -0,0 +1,961 @@
+// Code generated by smithy-go-codegen DO NOT EDIT.
+
+package supplychain
+
+import (
+ "bytes"
+ "context"
+ "encoding/json"
+ "fmt"
+ "github.com/aws/aws-sdk-go-v2/aws/protocol/restjson"
+ "github.com/aws/aws-sdk-go-v2/service/supplychain/types"
+ smithy "github.com/aws/smithy-go"
+ smithyio "github.com/aws/smithy-go/io"
+ "github.com/aws/smithy-go/middleware"
+ "github.com/aws/smithy-go/ptr"
+ smithyhttp "github.com/aws/smithy-go/transport/http"
+ "io"
+ "strings"
+)
+
+type awsRestjson1_deserializeOpCreateBillOfMaterialsImportJob struct {
+}
+
+func (*awsRestjson1_deserializeOpCreateBillOfMaterialsImportJob) ID() string {
+ return "OperationDeserializer"
+}
+
+func (m *awsRestjson1_deserializeOpCreateBillOfMaterialsImportJob) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) (
+ out middleware.DeserializeOutput, metadata middleware.Metadata, err error,
+) {
+ out, metadata, err = next.HandleDeserialize(ctx, in)
+ if err != nil {
+ return out, metadata, err
+ }
+
+ response, ok := out.RawResponse.(*smithyhttp.Response)
+ if !ok {
+ return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)}
+ }
+
+ if response.StatusCode < 200 || response.StatusCode >= 300 {
+ return out, metadata, awsRestjson1_deserializeOpErrorCreateBillOfMaterialsImportJob(response, &metadata)
+ }
+ output := &CreateBillOfMaterialsImportJobOutput{}
+ out.Result = output
+
+ var buff [1024]byte
+ ringBuffer := smithyio.NewRingBuffer(buff[:])
+
+ body := io.TeeReader(response.Body, ringBuffer)
+
+ decoder := json.NewDecoder(body)
+ decoder.UseNumber()
+ var shape interface{}
+ if err := decoder.Decode(&shape); err != nil && err != io.EOF {
+ var snapshot bytes.Buffer
+ io.Copy(&snapshot, ringBuffer)
+ err = &smithy.DeserializationError{
+ Err: fmt.Errorf("failed to decode response body, %w", err),
+ Snapshot: snapshot.Bytes(),
+ }
+ return out, metadata, err
+ }
+
+ err = awsRestjson1_deserializeOpDocumentCreateBillOfMaterialsImportJobOutput(&output, shape)
+ if err != nil {
+ var snapshot bytes.Buffer
+ io.Copy(&snapshot, ringBuffer)
+ return out, metadata, &smithy.DeserializationError{
+ Err: fmt.Errorf("failed to decode response body with invalid JSON, %w", err),
+ Snapshot: snapshot.Bytes(),
+ }
+ }
+
+ return out, metadata, err
+}
+
+func awsRestjson1_deserializeOpErrorCreateBillOfMaterialsImportJob(response *smithyhttp.Response, metadata *middleware.Metadata) error {
+ var errorBuffer bytes.Buffer
+ if _, err := io.Copy(&errorBuffer, response.Body); err != nil {
+ return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)}
+ }
+ errorBody := bytes.NewReader(errorBuffer.Bytes())
+
+ errorCode := "UnknownError"
+ errorMessage := errorCode
+
+ headerCode := response.Header.Get("X-Amzn-ErrorType")
+ if len(headerCode) != 0 {
+ errorCode = restjson.SanitizeErrorCode(headerCode)
+ }
+
+ var buff [1024]byte
+ ringBuffer := smithyio.NewRingBuffer(buff[:])
+
+ body := io.TeeReader(errorBody, ringBuffer)
+ decoder := json.NewDecoder(body)
+ decoder.UseNumber()
+ jsonCode, message, err := restjson.GetErrorInfo(decoder)
+ if err != nil {
+ var snapshot bytes.Buffer
+ io.Copy(&snapshot, ringBuffer)
+ err = &smithy.DeserializationError{
+ Err: fmt.Errorf("failed to decode response body, %w", err),
+ Snapshot: snapshot.Bytes(),
+ }
+ return err
+ }
+
+ errorBody.Seek(0, io.SeekStart)
+ if len(headerCode) == 0 && len(jsonCode) != 0 {
+ errorCode = restjson.SanitizeErrorCode(jsonCode)
+ }
+ if len(message) != 0 {
+ errorMessage = message
+ }
+
+ switch {
+ case strings.EqualFold("AccessDeniedException", errorCode):
+ return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody)
+
+ case strings.EqualFold("ConflictException", errorCode):
+ return awsRestjson1_deserializeErrorConflictException(response, errorBody)
+
+ case strings.EqualFold("InternalServerException", errorCode):
+ return awsRestjson1_deserializeErrorInternalServerException(response, errorBody)
+
+ case strings.EqualFold("ResourceNotFoundException", errorCode):
+ return awsRestjson1_deserializeErrorResourceNotFoundException(response, errorBody)
+
+ case strings.EqualFold("ServiceQuotaExceededException", errorCode):
+ return awsRestjson1_deserializeErrorServiceQuotaExceededException(response, errorBody)
+
+ case strings.EqualFold("ThrottlingException", errorCode):
+ return awsRestjson1_deserializeErrorThrottlingException(response, errorBody)
+
+ case strings.EqualFold("ValidationException", errorCode):
+ return awsRestjson1_deserializeErrorValidationException(response, errorBody)
+
+ default:
+ genericError := &smithy.GenericAPIError{
+ Code: errorCode,
+ Message: errorMessage,
+ }
+ return genericError
+
+ }
+}
+
+func awsRestjson1_deserializeOpDocumentCreateBillOfMaterialsImportJobOutput(v **CreateBillOfMaterialsImportJobOutput, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.(map[string]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var sv *CreateBillOfMaterialsImportJobOutput
+ if *v == nil {
+ sv = &CreateBillOfMaterialsImportJobOutput{}
+ } else {
+ sv = *v
+ }
+
+ for key, value := range shape {
+ switch key {
+ case "jobId":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected UUID to be of type string, got %T instead", value)
+ }
+ sv.JobId = ptr.String(jtv)
+ }
+
+ default:
+ _, _ = key, value
+
+ }
+ }
+ *v = sv
+ return nil
+}
+
+type awsRestjson1_deserializeOpGetBillOfMaterialsImportJob struct {
+}
+
+func (*awsRestjson1_deserializeOpGetBillOfMaterialsImportJob) ID() string {
+ return "OperationDeserializer"
+}
+
+func (m *awsRestjson1_deserializeOpGetBillOfMaterialsImportJob) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) (
+ out middleware.DeserializeOutput, metadata middleware.Metadata, err error,
+) {
+ out, metadata, err = next.HandleDeserialize(ctx, in)
+ if err != nil {
+ return out, metadata, err
+ }
+
+ response, ok := out.RawResponse.(*smithyhttp.Response)
+ if !ok {
+ return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)}
+ }
+
+ if response.StatusCode < 200 || response.StatusCode >= 300 {
+ return out, metadata, awsRestjson1_deserializeOpErrorGetBillOfMaterialsImportJob(response, &metadata)
+ }
+ output := &GetBillOfMaterialsImportJobOutput{}
+ out.Result = output
+
+ var buff [1024]byte
+ ringBuffer := smithyio.NewRingBuffer(buff[:])
+
+ body := io.TeeReader(response.Body, ringBuffer)
+
+ decoder := json.NewDecoder(body)
+ decoder.UseNumber()
+ var shape interface{}
+ if err := decoder.Decode(&shape); err != nil && err != io.EOF {
+ var snapshot bytes.Buffer
+ io.Copy(&snapshot, ringBuffer)
+ err = &smithy.DeserializationError{
+ Err: fmt.Errorf("failed to decode response body, %w", err),
+ Snapshot: snapshot.Bytes(),
+ }
+ return out, metadata, err
+ }
+
+ err = awsRestjson1_deserializeOpDocumentGetBillOfMaterialsImportJobOutput(&output, shape)
+ if err != nil {
+ var snapshot bytes.Buffer
+ io.Copy(&snapshot, ringBuffer)
+ return out, metadata, &smithy.DeserializationError{
+ Err: fmt.Errorf("failed to decode response body with invalid JSON, %w", err),
+ Snapshot: snapshot.Bytes(),
+ }
+ }
+
+ return out, metadata, err
+}
+
+func awsRestjson1_deserializeOpErrorGetBillOfMaterialsImportJob(response *smithyhttp.Response, metadata *middleware.Metadata) error {
+ var errorBuffer bytes.Buffer
+ if _, err := io.Copy(&errorBuffer, response.Body); err != nil {
+ return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)}
+ }
+ errorBody := bytes.NewReader(errorBuffer.Bytes())
+
+ errorCode := "UnknownError"
+ errorMessage := errorCode
+
+ headerCode := response.Header.Get("X-Amzn-ErrorType")
+ if len(headerCode) != 0 {
+ errorCode = restjson.SanitizeErrorCode(headerCode)
+ }
+
+ var buff [1024]byte
+ ringBuffer := smithyio.NewRingBuffer(buff[:])
+
+ body := io.TeeReader(errorBody, ringBuffer)
+ decoder := json.NewDecoder(body)
+ decoder.UseNumber()
+ jsonCode, message, err := restjson.GetErrorInfo(decoder)
+ if err != nil {
+ var snapshot bytes.Buffer
+ io.Copy(&snapshot, ringBuffer)
+ err = &smithy.DeserializationError{
+ Err: fmt.Errorf("failed to decode response body, %w", err),
+ Snapshot: snapshot.Bytes(),
+ }
+ return err
+ }
+
+ errorBody.Seek(0, io.SeekStart)
+ if len(headerCode) == 0 && len(jsonCode) != 0 {
+ errorCode = restjson.SanitizeErrorCode(jsonCode)
+ }
+ if len(message) != 0 {
+ errorMessage = message
+ }
+
+ switch {
+ case strings.EqualFold("AccessDeniedException", errorCode):
+ return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody)
+
+ case strings.EqualFold("ConflictException", errorCode):
+ return awsRestjson1_deserializeErrorConflictException(response, errorBody)
+
+ case strings.EqualFold("InternalServerException", errorCode):
+ return awsRestjson1_deserializeErrorInternalServerException(response, errorBody)
+
+ case strings.EqualFold("ResourceNotFoundException", errorCode):
+ return awsRestjson1_deserializeErrorResourceNotFoundException(response, errorBody)
+
+ case strings.EqualFold("ServiceQuotaExceededException", errorCode):
+ return awsRestjson1_deserializeErrorServiceQuotaExceededException(response, errorBody)
+
+ case strings.EqualFold("ThrottlingException", errorCode):
+ return awsRestjson1_deserializeErrorThrottlingException(response, errorBody)
+
+ case strings.EqualFold("ValidationException", errorCode):
+ return awsRestjson1_deserializeErrorValidationException(response, errorBody)
+
+ default:
+ genericError := &smithy.GenericAPIError{
+ Code: errorCode,
+ Message: errorMessage,
+ }
+ return genericError
+
+ }
+}
+
+func awsRestjson1_deserializeOpDocumentGetBillOfMaterialsImportJobOutput(v **GetBillOfMaterialsImportJobOutput, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.(map[string]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var sv *GetBillOfMaterialsImportJobOutput
+ if *v == nil {
+ sv = &GetBillOfMaterialsImportJobOutput{}
+ } else {
+ sv = *v
+ }
+
+ for key, value := range shape {
+ switch key {
+ case "job":
+ if err := awsRestjson1_deserializeDocumentBillOfMaterialsImportJob(&sv.Job, value); err != nil {
+ return err
+ }
+
+ default:
+ _, _ = key, value
+
+ }
+ }
+ *v = sv
+ return nil
+}
+
+func awsRestjson1_deserializeErrorAccessDeniedException(response *smithyhttp.Response, errorBody *bytes.Reader) error {
+ output := &types.AccessDeniedException{}
+ var buff [1024]byte
+ ringBuffer := smithyio.NewRingBuffer(buff[:])
+
+ body := io.TeeReader(errorBody, ringBuffer)
+ decoder := json.NewDecoder(body)
+ decoder.UseNumber()
+ var shape interface{}
+ if err := decoder.Decode(&shape); err != nil && err != io.EOF {
+ var snapshot bytes.Buffer
+ io.Copy(&snapshot, ringBuffer)
+ err = &smithy.DeserializationError{
+ Err: fmt.Errorf("failed to decode response body, %w", err),
+ Snapshot: snapshot.Bytes(),
+ }
+ return err
+ }
+
+ err := awsRestjson1_deserializeDocumentAccessDeniedException(&output, shape)
+
+ if err != nil {
+ var snapshot bytes.Buffer
+ io.Copy(&snapshot, ringBuffer)
+ err = &smithy.DeserializationError{
+ Err: fmt.Errorf("failed to decode response body, %w", err),
+ Snapshot: snapshot.Bytes(),
+ }
+ return err
+ }
+
+ errorBody.Seek(0, io.SeekStart)
+
+ return output
+}
+
+func awsRestjson1_deserializeErrorConflictException(response *smithyhttp.Response, errorBody *bytes.Reader) error {
+ output := &types.ConflictException{}
+ var buff [1024]byte
+ ringBuffer := smithyio.NewRingBuffer(buff[:])
+
+ body := io.TeeReader(errorBody, ringBuffer)
+ decoder := json.NewDecoder(body)
+ decoder.UseNumber()
+ var shape interface{}
+ if err := decoder.Decode(&shape); err != nil && err != io.EOF {
+ var snapshot bytes.Buffer
+ io.Copy(&snapshot, ringBuffer)
+ err = &smithy.DeserializationError{
+ Err: fmt.Errorf("failed to decode response body, %w", err),
+ Snapshot: snapshot.Bytes(),
+ }
+ return err
+ }
+
+ err := awsRestjson1_deserializeDocumentConflictException(&output, shape)
+
+ if err != nil {
+ var snapshot bytes.Buffer
+ io.Copy(&snapshot, ringBuffer)
+ err = &smithy.DeserializationError{
+ Err: fmt.Errorf("failed to decode response body, %w", err),
+ Snapshot: snapshot.Bytes(),
+ }
+ return err
+ }
+
+ errorBody.Seek(0, io.SeekStart)
+
+ return output
+}
+
+func awsRestjson1_deserializeErrorInternalServerException(response *smithyhttp.Response, errorBody *bytes.Reader) error {
+ output := &types.InternalServerException{}
+ var buff [1024]byte
+ ringBuffer := smithyio.NewRingBuffer(buff[:])
+
+ body := io.TeeReader(errorBody, ringBuffer)
+ decoder := json.NewDecoder(body)
+ decoder.UseNumber()
+ var shape interface{}
+ if err := decoder.Decode(&shape); err != nil && err != io.EOF {
+ var snapshot bytes.Buffer
+ io.Copy(&snapshot, ringBuffer)
+ err = &smithy.DeserializationError{
+ Err: fmt.Errorf("failed to decode response body, %w", err),
+ Snapshot: snapshot.Bytes(),
+ }
+ return err
+ }
+
+ err := awsRestjson1_deserializeDocumentInternalServerException(&output, shape)
+
+ if err != nil {
+ var snapshot bytes.Buffer
+ io.Copy(&snapshot, ringBuffer)
+ err = &smithy.DeserializationError{
+ Err: fmt.Errorf("failed to decode response body, %w", err),
+ Snapshot: snapshot.Bytes(),
+ }
+ return err
+ }
+
+ errorBody.Seek(0, io.SeekStart)
+
+ return output
+}
+
+func awsRestjson1_deserializeErrorResourceNotFoundException(response *smithyhttp.Response, errorBody *bytes.Reader) error {
+ output := &types.ResourceNotFoundException{}
+ var buff [1024]byte
+ ringBuffer := smithyio.NewRingBuffer(buff[:])
+
+ body := io.TeeReader(errorBody, ringBuffer)
+ decoder := json.NewDecoder(body)
+ decoder.UseNumber()
+ var shape interface{}
+ if err := decoder.Decode(&shape); err != nil && err != io.EOF {
+ var snapshot bytes.Buffer
+ io.Copy(&snapshot, ringBuffer)
+ err = &smithy.DeserializationError{
+ Err: fmt.Errorf("failed to decode response body, %w", err),
+ Snapshot: snapshot.Bytes(),
+ }
+ return err
+ }
+
+ err := awsRestjson1_deserializeDocumentResourceNotFoundException(&output, shape)
+
+ if err != nil {
+ var snapshot bytes.Buffer
+ io.Copy(&snapshot, ringBuffer)
+ err = &smithy.DeserializationError{
+ Err: fmt.Errorf("failed to decode response body, %w", err),
+ Snapshot: snapshot.Bytes(),
+ }
+ return err
+ }
+
+ errorBody.Seek(0, io.SeekStart)
+
+ return output
+}
+
+func awsRestjson1_deserializeErrorServiceQuotaExceededException(response *smithyhttp.Response, errorBody *bytes.Reader) error {
+ output := &types.ServiceQuotaExceededException{}
+ var buff [1024]byte
+ ringBuffer := smithyio.NewRingBuffer(buff[:])
+
+ body := io.TeeReader(errorBody, ringBuffer)
+ decoder := json.NewDecoder(body)
+ decoder.UseNumber()
+ var shape interface{}
+ if err := decoder.Decode(&shape); err != nil && err != io.EOF {
+ var snapshot bytes.Buffer
+ io.Copy(&snapshot, ringBuffer)
+ err = &smithy.DeserializationError{
+ Err: fmt.Errorf("failed to decode response body, %w", err),
+ Snapshot: snapshot.Bytes(),
+ }
+ return err
+ }
+
+ err := awsRestjson1_deserializeDocumentServiceQuotaExceededException(&output, shape)
+
+ if err != nil {
+ var snapshot bytes.Buffer
+ io.Copy(&snapshot, ringBuffer)
+ err = &smithy.DeserializationError{
+ Err: fmt.Errorf("failed to decode response body, %w", err),
+ Snapshot: snapshot.Bytes(),
+ }
+ return err
+ }
+
+ errorBody.Seek(0, io.SeekStart)
+
+ return output
+}
+
+func awsRestjson1_deserializeErrorThrottlingException(response *smithyhttp.Response, errorBody *bytes.Reader) error {
+ output := &types.ThrottlingException{}
+ var buff [1024]byte
+ ringBuffer := smithyio.NewRingBuffer(buff[:])
+
+ body := io.TeeReader(errorBody, ringBuffer)
+ decoder := json.NewDecoder(body)
+ decoder.UseNumber()
+ var shape interface{}
+ if err := decoder.Decode(&shape); err != nil && err != io.EOF {
+ var snapshot bytes.Buffer
+ io.Copy(&snapshot, ringBuffer)
+ err = &smithy.DeserializationError{
+ Err: fmt.Errorf("failed to decode response body, %w", err),
+ Snapshot: snapshot.Bytes(),
+ }
+ return err
+ }
+
+ err := awsRestjson1_deserializeDocumentThrottlingException(&output, shape)
+
+ if err != nil {
+ var snapshot bytes.Buffer
+ io.Copy(&snapshot, ringBuffer)
+ err = &smithy.DeserializationError{
+ Err: fmt.Errorf("failed to decode response body, %w", err),
+ Snapshot: snapshot.Bytes(),
+ }
+ return err
+ }
+
+ errorBody.Seek(0, io.SeekStart)
+
+ return output
+}
+
+func awsRestjson1_deserializeErrorValidationException(response *smithyhttp.Response, errorBody *bytes.Reader) error {
+ output := &types.ValidationException{}
+ var buff [1024]byte
+ ringBuffer := smithyio.NewRingBuffer(buff[:])
+
+ body := io.TeeReader(errorBody, ringBuffer)
+ decoder := json.NewDecoder(body)
+ decoder.UseNumber()
+ var shape interface{}
+ if err := decoder.Decode(&shape); err != nil && err != io.EOF {
+ var snapshot bytes.Buffer
+ io.Copy(&snapshot, ringBuffer)
+ err = &smithy.DeserializationError{
+ Err: fmt.Errorf("failed to decode response body, %w", err),
+ Snapshot: snapshot.Bytes(),
+ }
+ return err
+ }
+
+ err := awsRestjson1_deserializeDocumentValidationException(&output, shape)
+
+ if err != nil {
+ var snapshot bytes.Buffer
+ io.Copy(&snapshot, ringBuffer)
+ err = &smithy.DeserializationError{
+ Err: fmt.Errorf("failed to decode response body, %w", err),
+ Snapshot: snapshot.Bytes(),
+ }
+ return err
+ }
+
+ errorBody.Seek(0, io.SeekStart)
+
+ return output
+}
+
+func awsRestjson1_deserializeDocumentAccessDeniedException(v **types.AccessDeniedException, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.(map[string]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var sv *types.AccessDeniedException
+ if *v == nil {
+ sv = &types.AccessDeniedException{}
+ } else {
+ sv = *v
+ }
+
+ for key, value := range shape {
+ switch key {
+ case "message":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected String to be of type string, got %T instead", value)
+ }
+ sv.Message = ptr.String(jtv)
+ }
+
+ default:
+ _, _ = key, value
+
+ }
+ }
+ *v = sv
+ return nil
+}
+
+func awsRestjson1_deserializeDocumentBillOfMaterialsImportJob(v **types.BillOfMaterialsImportJob, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.(map[string]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var sv *types.BillOfMaterialsImportJob
+ if *v == nil {
+ sv = &types.BillOfMaterialsImportJob{}
+ } else {
+ sv = *v
+ }
+
+ for key, value := range shape {
+ switch key {
+ case "instanceId":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected UUID to be of type string, got %T instead", value)
+ }
+ sv.InstanceId = ptr.String(jtv)
+ }
+
+ case "jobId":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected UUID to be of type string, got %T instead", value)
+ }
+ sv.JobId = ptr.String(jtv)
+ }
+
+ case "message":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected String to be of type string, got %T instead", value)
+ }
+ sv.Message = ptr.String(jtv)
+ }
+
+ case "s3uri":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected ConfigurationS3Uri to be of type string, got %T instead", value)
+ }
+ sv.S3uri = ptr.String(jtv)
+ }
+
+ case "status":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected ConfigurationJobStatus to be of type string, got %T instead", value)
+ }
+ sv.Status = types.ConfigurationJobStatus(jtv)
+ }
+
+ default:
+ _, _ = key, value
+
+ }
+ }
+ *v = sv
+ return nil
+}
+
+func awsRestjson1_deserializeDocumentConflictException(v **types.ConflictException, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.(map[string]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var sv *types.ConflictException
+ if *v == nil {
+ sv = &types.ConflictException{}
+ } else {
+ sv = *v
+ }
+
+ for key, value := range shape {
+ switch key {
+ case "message":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected String to be of type string, got %T instead", value)
+ }
+ sv.Message = ptr.String(jtv)
+ }
+
+ default:
+ _, _ = key, value
+
+ }
+ }
+ *v = sv
+ return nil
+}
+
+func awsRestjson1_deserializeDocumentInternalServerException(v **types.InternalServerException, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.(map[string]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var sv *types.InternalServerException
+ if *v == nil {
+ sv = &types.InternalServerException{}
+ } else {
+ sv = *v
+ }
+
+ for key, value := range shape {
+ switch key {
+ case "message":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected String to be of type string, got %T instead", value)
+ }
+ sv.Message = ptr.String(jtv)
+ }
+
+ default:
+ _, _ = key, value
+
+ }
+ }
+ *v = sv
+ return nil
+}
+
+func awsRestjson1_deserializeDocumentResourceNotFoundException(v **types.ResourceNotFoundException, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.(map[string]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var sv *types.ResourceNotFoundException
+ if *v == nil {
+ sv = &types.ResourceNotFoundException{}
+ } else {
+ sv = *v
+ }
+
+ for key, value := range shape {
+ switch key {
+ case "message":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected String to be of type string, got %T instead", value)
+ }
+ sv.Message = ptr.String(jtv)
+ }
+
+ default:
+ _, _ = key, value
+
+ }
+ }
+ *v = sv
+ return nil
+}
+
+func awsRestjson1_deserializeDocumentServiceQuotaExceededException(v **types.ServiceQuotaExceededException, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.(map[string]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var sv *types.ServiceQuotaExceededException
+ if *v == nil {
+ sv = &types.ServiceQuotaExceededException{}
+ } else {
+ sv = *v
+ }
+
+ for key, value := range shape {
+ switch key {
+ case "message":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected String to be of type string, got %T instead", value)
+ }
+ sv.Message = ptr.String(jtv)
+ }
+
+ default:
+ _, _ = key, value
+
+ }
+ }
+ *v = sv
+ return nil
+}
+
+func awsRestjson1_deserializeDocumentThrottlingException(v **types.ThrottlingException, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.(map[string]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var sv *types.ThrottlingException
+ if *v == nil {
+ sv = &types.ThrottlingException{}
+ } else {
+ sv = *v
+ }
+
+ for key, value := range shape {
+ switch key {
+ case "message":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected String to be of type string, got %T instead", value)
+ }
+ sv.Message = ptr.String(jtv)
+ }
+
+ default:
+ _, _ = key, value
+
+ }
+ }
+ *v = sv
+ return nil
+}
+
+func awsRestjson1_deserializeDocumentValidationException(v **types.ValidationException, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.(map[string]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var sv *types.ValidationException
+ if *v == nil {
+ sv = &types.ValidationException{}
+ } else {
+ sv = *v
+ }
+
+ for key, value := range shape {
+ switch key {
+ case "message":
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected String to be of type string, got %T instead", value)
+ }
+ sv.Message = ptr.String(jtv)
+ }
+
+ default:
+ _, _ = key, value
+
+ }
+ }
+ *v = sv
+ return nil
+}
diff --git a/service/supplychain/doc.go b/service/supplychain/doc.go
new file mode 100644
index 00000000000..f8f06d87c60
--- /dev/null
+++ b/service/supplychain/doc.go
@@ -0,0 +1,15 @@
+// Code generated by smithy-go-codegen DO NOT EDIT.
+
+// Package supplychain provides the API client, operations, and parameter types
+// for AWS Supply Chain.
+//
+// AWS Supply Chain is a cloud-based application that works with your enterprise
+// resource planning (ERP) and supply chain management systems. Using AWS Supply
+// Chain, you can connect and extract your inventory, supply, and demand related
+// data from existing ERP or supply chain systems into a single data model. The AWS
+// Supply Chain API supports configuration data import for Supply Planning. All AWS
+// Supply chain API operations are Amazon-authenticated and certificate-signed.
+// They not only require the use of the AWS SDK, but also allow for the exclusive
+// use of AWS Identity and Access Management users and roles to help facilitate
+// access, trust, and permission policies.
+package supplychain
diff --git a/service/supplychain/endpoints.go b/service/supplychain/endpoints.go
new file mode 100644
index 00000000000..b8e7fc27f5d
--- /dev/null
+++ b/service/supplychain/endpoints.go
@@ -0,0 +1,509 @@
+// Code generated by smithy-go-codegen DO NOT EDIT.
+
+package supplychain
+
+import (
+ "context"
+ "errors"
+ "fmt"
+ "github.com/aws/aws-sdk-go-v2/aws"
+ awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
+ internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources"
+ "github.com/aws/aws-sdk-go-v2/internal/endpoints"
+ "github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn"
+ internalendpoints "github.com/aws/aws-sdk-go-v2/service/supplychain/internal/endpoints"
+ smithyauth "github.com/aws/smithy-go/auth"
+ smithyendpoints "github.com/aws/smithy-go/endpoints"
+ "github.com/aws/smithy-go/middleware"
+ "github.com/aws/smithy-go/ptr"
+ smithyhttp "github.com/aws/smithy-go/transport/http"
+ "net/http"
+ "net/url"
+ "os"
+ "strings"
+)
+
+// EndpointResolverOptions is the service endpoint resolver options
+type EndpointResolverOptions = internalendpoints.Options
+
+// EndpointResolver interface for resolving service endpoints.
+type EndpointResolver interface {
+ ResolveEndpoint(region string, options EndpointResolverOptions) (aws.Endpoint, error)
+}
+
+var _ EndpointResolver = &internalendpoints.Resolver{}
+
+// NewDefaultEndpointResolver constructs a new service endpoint resolver
+func NewDefaultEndpointResolver() *internalendpoints.Resolver {
+ return internalendpoints.New()
+}
+
+// EndpointResolverFunc is a helper utility that wraps a function so it satisfies
+// the EndpointResolver interface. This is useful when you want to add additional
+// endpoint resolving logic, or stub out specific endpoints with custom values.
+type EndpointResolverFunc func(region string, options EndpointResolverOptions) (aws.Endpoint, error)
+
+func (fn EndpointResolverFunc) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error) {
+ return fn(region, options)
+}
+
+// EndpointResolverFromURL returns an EndpointResolver configured using the
+// provided endpoint url. By default, the resolved endpoint resolver uses the
+// client region as signing region, and the endpoint source is set to
+// EndpointSourceCustom.You can provide functional options to configure endpoint
+// values for the resolved endpoint.
+func EndpointResolverFromURL(url string, optFns ...func(*aws.Endpoint)) EndpointResolver {
+ e := aws.Endpoint{URL: url, Source: aws.EndpointSourceCustom}
+ for _, fn := range optFns {
+ fn(&e)
+ }
+
+ return EndpointResolverFunc(
+ func(region string, options EndpointResolverOptions) (aws.Endpoint, error) {
+ if len(e.SigningRegion) == 0 {
+ e.SigningRegion = region
+ }
+ return e, nil
+ },
+ )
+}
+
+type ResolveEndpoint struct {
+ Resolver EndpointResolver
+ Options EndpointResolverOptions
+}
+
+func (*ResolveEndpoint) ID() string {
+ return "ResolveEndpoint"
+}
+
+func (m *ResolveEndpoint) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
+ out middleware.SerializeOutput, metadata middleware.Metadata, err error,
+) {
+ if !awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
+ return next.HandleSerialize(ctx, in)
+ }
+
+ req, ok := in.Request.(*smithyhttp.Request)
+ if !ok {
+ return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
+ }
+
+ if m.Resolver == nil {
+ return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
+ }
+
+ eo := m.Options
+ eo.Logger = middleware.GetLogger(ctx)
+
+ var endpoint aws.Endpoint
+ endpoint, err = m.Resolver.ResolveEndpoint(awsmiddleware.GetRegion(ctx), eo)
+ if err != nil {
+ nf := (&aws.EndpointNotFoundError{})
+ if errors.As(err, &nf) {
+ ctx = awsmiddleware.SetRequiresLegacyEndpoints(ctx, false)
+ return next.HandleSerialize(ctx, in)
+ }
+ return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
+ }
+
+ req.URL, err = url.Parse(endpoint.URL)
+ if err != nil {
+ return out, metadata, fmt.Errorf("failed to parse endpoint URL: %w", err)
+ }
+
+ if len(awsmiddleware.GetSigningName(ctx)) == 0 {
+ signingName := endpoint.SigningName
+ if len(signingName) == 0 {
+ signingName = "scn"
+ }
+ ctx = awsmiddleware.SetSigningName(ctx, signingName)
+ }
+ ctx = awsmiddleware.SetEndpointSource(ctx, endpoint.Source)
+ ctx = smithyhttp.SetHostnameImmutable(ctx, endpoint.HostnameImmutable)
+ ctx = awsmiddleware.SetSigningRegion(ctx, endpoint.SigningRegion)
+ ctx = awsmiddleware.SetPartitionID(ctx, endpoint.PartitionID)
+ return next.HandleSerialize(ctx, in)
+}
+func addResolveEndpointMiddleware(stack *middleware.Stack, o Options) error {
+ return stack.Serialize.Insert(&ResolveEndpoint{
+ Resolver: o.EndpointResolver,
+ Options: o.EndpointOptions,
+ }, "OperationSerializer", middleware.Before)
+}
+
+func removeResolveEndpointMiddleware(stack *middleware.Stack) error {
+ _, err := stack.Serialize.Remove((&ResolveEndpoint{}).ID())
+ return err
+}
+
+type wrappedEndpointResolver struct {
+ awsResolver aws.EndpointResolverWithOptions
+}
+
+func (w *wrappedEndpointResolver) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error) {
+ return w.awsResolver.ResolveEndpoint(ServiceID, region, options)
+}
+
+type awsEndpointResolverAdaptor func(service, region string) (aws.Endpoint, error)
+
+func (a awsEndpointResolverAdaptor) ResolveEndpoint(service, region string, options ...interface{}) (aws.Endpoint, error) {
+ return a(service, region)
+}
+
+var _ aws.EndpointResolverWithOptions = awsEndpointResolverAdaptor(nil)
+
+// withEndpointResolver returns an aws.EndpointResolverWithOptions that first delegates endpoint resolution to the awsResolver.
+// If awsResolver returns aws.EndpointNotFoundError error, the v1 resolver middleware will swallow the error,
+// and set an appropriate context flag such that fallback will occur when EndpointResolverV2 is invoked
+// via its middleware.
+//
+// If another error (besides aws.EndpointNotFoundError) is returned, then that error will be propagated.
+func withEndpointResolver(awsResolver aws.EndpointResolver, awsResolverWithOptions aws.EndpointResolverWithOptions) EndpointResolver {
+ var resolver aws.EndpointResolverWithOptions
+
+ if awsResolverWithOptions != nil {
+ resolver = awsResolverWithOptions
+ } else if awsResolver != nil {
+ resolver = awsEndpointResolverAdaptor(awsResolver.ResolveEndpoint)
+ }
+
+ return &wrappedEndpointResolver{
+ awsResolver: resolver,
+ }
+}
+
+func finalizeClientEndpointResolverOptions(options *Options) {
+ options.EndpointOptions.LogDeprecated = options.ClientLogMode.IsDeprecatedUsage()
+
+ if len(options.EndpointOptions.ResolvedRegion) == 0 {
+ const fipsInfix = "-fips-"
+ const fipsPrefix = "fips-"
+ const fipsSuffix = "-fips"
+
+ if strings.Contains(options.Region, fipsInfix) ||
+ strings.Contains(options.Region, fipsPrefix) ||
+ strings.Contains(options.Region, fipsSuffix) {
+ options.EndpointOptions.ResolvedRegion = strings.ReplaceAll(strings.ReplaceAll(strings.ReplaceAll(
+ options.Region, fipsInfix, "-"), fipsPrefix, ""), fipsSuffix, "")
+ options.EndpointOptions.UseFIPSEndpoint = aws.FIPSEndpointStateEnabled
+ }
+ }
+
+}
+
+func resolveEndpointResolverV2(options *Options) {
+ if options.EndpointResolverV2 == nil {
+ options.EndpointResolverV2 = NewDefaultEndpointResolverV2()
+ }
+}
+
+func resolveBaseEndpoint(cfg aws.Config, o *Options) {
+ if cfg.BaseEndpoint != nil {
+ o.BaseEndpoint = cfg.BaseEndpoint
+ }
+
+ _, g := os.LookupEnv("AWS_ENDPOINT_URL")
+ _, s := os.LookupEnv("AWS_ENDPOINT_URL_SUPPLYCHAIN")
+
+ if g && !s {
+ return
+ }
+
+ value, found, err := internalConfig.ResolveServiceBaseEndpoint(context.Background(), "SupplyChain", cfg.ConfigSources)
+ if found && err == nil {
+ o.BaseEndpoint = &value
+ }
+}
+
+// EndpointParameters provides the parameters that influence how endpoints are
+// resolved.
+type EndpointParameters struct {
+ // The AWS region used to dispatch the request.
+ //
+ // Parameter is
+ // required.
+ //
+ // AWS::Region
+ Region *string
+
+ // When true, use the dual-stack endpoint. If the configured endpoint does not
+ // support dual-stack, dispatching the request MAY return an error.
+ //
+ // Defaults to
+ // false if no value is provided.
+ //
+ // AWS::UseDualStack
+ UseDualStack *bool
+
+ // When true, send this request to the FIPS-compliant regional endpoint. If the
+ // configured endpoint does not have a FIPS compliant endpoint, dispatching the
+ // request will return an error.
+ //
+ // Defaults to false if no value is
+ // provided.
+ //
+ // AWS::UseFIPS
+ UseFIPS *bool
+
+ // Override the endpoint used to send this request
+ //
+ // Parameter is
+ // required.
+ //
+ // SDK::Endpoint
+ Endpoint *string
+}
+
+// ValidateRequired validates required parameters are set.
+func (p EndpointParameters) ValidateRequired() error {
+ if p.UseDualStack == nil {
+ return fmt.Errorf("parameter UseDualStack is required")
+ }
+
+ if p.UseFIPS == nil {
+ return fmt.Errorf("parameter UseFIPS is required")
+ }
+
+ return nil
+}
+
+// WithDefaults returns a shallow copy of EndpointParameterswith default values
+// applied to members where applicable.
+func (p EndpointParameters) WithDefaults() EndpointParameters {
+ if p.UseDualStack == nil {
+ p.UseDualStack = ptr.Bool(false)
+ }
+
+ if p.UseFIPS == nil {
+ p.UseFIPS = ptr.Bool(false)
+ }
+ return p
+}
+
+// EndpointResolverV2 provides the interface for resolving service endpoints.
+type EndpointResolverV2 interface {
+ // ResolveEndpoint attempts to resolve the endpoint with the provided options,
+ // returning the endpoint if found. Otherwise an error is returned.
+ ResolveEndpoint(ctx context.Context, params EndpointParameters) (
+ smithyendpoints.Endpoint, error,
+ )
+}
+
+// resolver provides the implementation for resolving endpoints.
+type resolver struct{}
+
+func NewDefaultEndpointResolverV2() EndpointResolverV2 {
+ return &resolver{}
+}
+
+// ResolveEndpoint attempts to resolve the endpoint with the provided options,
+// returning the endpoint if found. Otherwise an error is returned.
+func (r *resolver) ResolveEndpoint(
+ ctx context.Context, params EndpointParameters,
+) (
+ endpoint smithyendpoints.Endpoint, err error,
+) {
+ params = params.WithDefaults()
+ if err = params.ValidateRequired(); err != nil {
+ return endpoint, fmt.Errorf("endpoint parameters are not valid, %w", err)
+ }
+ _UseDualStack := *params.UseDualStack
+ _UseFIPS := *params.UseFIPS
+
+ if exprVal := params.Endpoint; exprVal != nil {
+ _Endpoint := *exprVal
+ _ = _Endpoint
+ if _UseFIPS == true {
+ return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: FIPS and custom endpoint are not supported")
+ }
+ if _UseDualStack == true {
+ return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Dualstack and custom endpoint are not supported")
+ }
+ uriString := _Endpoint
+
+ uri, err := url.Parse(uriString)
+ if err != nil {
+ return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
+ }
+
+ return smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ }, nil
+ }
+ if exprVal := params.Region; exprVal != nil {
+ _Region := *exprVal
+ _ = _Region
+ if exprVal := awsrulesfn.GetPartition(_Region); exprVal != nil {
+ _PartitionResult := *exprVal
+ _ = _PartitionResult
+ if _UseFIPS == true {
+ if _UseDualStack == true {
+ if true == _PartitionResult.SupportsFIPS {
+ if true == _PartitionResult.SupportsDualStack {
+ uriString := func() string {
+ var out strings.Builder
+ out.WriteString("https://scn-fips.")
+ out.WriteString(_Region)
+ out.WriteString(".")
+ out.WriteString(_PartitionResult.DualStackDnsSuffix)
+ return out.String()
+ }()
+
+ uri, err := url.Parse(uriString)
+ if err != nil {
+ return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
+ }
+
+ return smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ }, nil
+ }
+ }
+ return endpoint, fmt.Errorf("endpoint rule error, %s", "FIPS and DualStack are enabled, but this partition does not support one or both")
+ }
+ }
+ if _UseFIPS == true {
+ if _PartitionResult.SupportsFIPS == true {
+ uriString := func() string {
+ var out strings.Builder
+ out.WriteString("https://scn-fips.")
+ out.WriteString(_Region)
+ out.WriteString(".")
+ out.WriteString(_PartitionResult.DnsSuffix)
+ return out.String()
+ }()
+
+ uri, err := url.Parse(uriString)
+ if err != nil {
+ return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
+ }
+
+ return smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ }, nil
+ }
+ return endpoint, fmt.Errorf("endpoint rule error, %s", "FIPS is enabled but this partition does not support FIPS")
+ }
+ if _UseDualStack == true {
+ if true == _PartitionResult.SupportsDualStack {
+ uriString := func() string {
+ var out strings.Builder
+ out.WriteString("https://scn.")
+ out.WriteString(_Region)
+ out.WriteString(".")
+ out.WriteString(_PartitionResult.DualStackDnsSuffix)
+ return out.String()
+ }()
+
+ uri, err := url.Parse(uriString)
+ if err != nil {
+ return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
+ }
+
+ return smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ }, nil
+ }
+ return endpoint, fmt.Errorf("endpoint rule error, %s", "DualStack is enabled but this partition does not support DualStack")
+ }
+ uriString := func() string {
+ var out strings.Builder
+ out.WriteString("https://scn.")
+ out.WriteString(_Region)
+ out.WriteString(".")
+ out.WriteString(_PartitionResult.DnsSuffix)
+ return out.String()
+ }()
+
+ uri, err := url.Parse(uriString)
+ if err != nil {
+ return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
+ }
+
+ return smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ }, nil
+ }
+ return endpoint, fmt.Errorf("Endpoint resolution failed. Invalid operation or environment input.")
+ }
+ return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Missing Region")
+}
+
+type endpointParamsBinder interface {
+ bindEndpointParams(*EndpointParameters)
+}
+
+func bindEndpointParams(input interface{}, options Options) *EndpointParameters {
+ params := &EndpointParameters{}
+
+ params.Region = aws.String(endpoints.MapFIPSRegion(options.Region))
+ params.UseDualStack = aws.Bool(options.EndpointOptions.UseDualStackEndpoint == aws.DualStackEndpointStateEnabled)
+ params.UseFIPS = aws.Bool(options.EndpointOptions.UseFIPSEndpoint == aws.FIPSEndpointStateEnabled)
+ params.Endpoint = options.BaseEndpoint
+
+ if b, ok := input.(endpointParamsBinder); ok {
+ b.bindEndpointParams(params)
+ }
+
+ return params
+}
+
+type resolveEndpointV2Middleware struct {
+ options Options
+}
+
+func (*resolveEndpointV2Middleware) ID() string {
+ return "ResolveEndpointV2"
+}
+
+func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
+ out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
+) {
+ if awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
+ return next.HandleFinalize(ctx, in)
+ }
+
+ req, ok := in.Request.(*smithyhttp.Request)
+ if !ok {
+ return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
+ }
+
+ if m.options.EndpointResolverV2 == nil {
+ return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
+ }
+
+ params := bindEndpointParams(getOperationInput(ctx), m.options)
+ endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params)
+ if err != nil {
+ return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
+ }
+
+ if endpt.URI.RawPath == "" && req.URL.RawPath != "" {
+ endpt.URI.RawPath = endpt.URI.Path
+ }
+ req.URL.Scheme = endpt.URI.Scheme
+ req.URL.Host = endpt.URI.Host
+ req.URL.Path = smithyhttp.JoinPath(endpt.URI.Path, req.URL.Path)
+ req.URL.RawPath = smithyhttp.JoinPath(endpt.URI.RawPath, req.URL.RawPath)
+ for k := range endpt.Headers {
+ req.Header.Set(k, endpt.Headers.Get(k))
+ }
+
+ rscheme := getResolvedAuthScheme(ctx)
+ if rscheme == nil {
+ return out, metadata, fmt.Errorf("no resolved auth scheme")
+ }
+
+ opts, _ := smithyauth.GetAuthOptions(&endpt.Properties)
+ for _, o := range opts {
+ rscheme.SignerProperties.SetAll(&o.SignerProperties)
+ }
+
+ return next.HandleFinalize(ctx, in)
+}
diff --git a/service/supplychain/endpoints_config_test.go b/service/supplychain/endpoints_config_test.go
new file mode 100644
index 00000000000..6bfe3aa8554
--- /dev/null
+++ b/service/supplychain/endpoints_config_test.go
@@ -0,0 +1,139 @@
+// Code generated by smithy-go-codegen DO NOT EDIT.
+
+package supplychain
+
+import (
+ "context"
+ "github.com/aws/aws-sdk-go-v2/aws"
+ "os"
+ "reflect"
+ "testing"
+)
+
+type mockConfigSource struct {
+ global string
+ service string
+ ignore bool
+}
+
+// GetIgnoreConfiguredEndpoints is used in knowing when to disable configured
+// endpoints feature.
+func (m mockConfigSource) GetIgnoreConfiguredEndpoints(context.Context) (bool, bool, error) {
+ return m.ignore, m.ignore, nil
+}
+
+// GetServiceBaseEndpoint is used to retrieve a normalized SDK ID for use
+// with configured endpoints.
+func (m mockConfigSource) GetServiceBaseEndpoint(ctx context.Context, sdkID string) (string, bool, error) {
+ if m.service != "" {
+ return m.service, true, nil
+ }
+ return "", false, nil
+}
+
+func TestResolveBaseEndpoint(t *testing.T) {
+ cases := map[string]struct {
+ envGlobal string
+ envService string
+ envIgnore bool
+ configGlobal string
+ configService string
+ configIgnore bool
+ clientEndpoint *string
+ expectURL *string
+ }{
+ "env ignore": {
+ envGlobal: "https://env-global.dev",
+ envService: "https://env-supplychain.dev",
+ envIgnore: true,
+ configGlobal: "http://config-global.dev",
+ configService: "http://config-supplychain.dev",
+ expectURL: nil,
+ },
+ "env global": {
+ envGlobal: "https://env-global.dev",
+ configGlobal: "http://config-global.dev",
+ configService: "http://config-supplychain.dev",
+ expectURL: aws.String("https://env-global.dev"),
+ },
+ "env service": {
+ envGlobal: "https://env-global.dev",
+ envService: "https://env-supplychain.dev",
+ configGlobal: "http://config-global.dev",
+ configService: "http://config-supplychain.dev",
+ expectURL: aws.String("https://env-supplychain.dev"),
+ },
+ "config ignore": {
+ envGlobal: "https://env-global.dev",
+ envService: "https://env-supplychain.dev",
+ configGlobal: "http://config-global.dev",
+ configService: "http://config-supplychain.dev",
+ configIgnore: true,
+ expectURL: nil,
+ },
+ "config global": {
+ configGlobal: "http://config-global.dev",
+ expectURL: aws.String("http://config-global.dev"),
+ },
+ "config service": {
+ configGlobal: "http://config-global.dev",
+ configService: "http://config-supplychain.dev",
+ expectURL: aws.String("http://config-supplychain.dev"),
+ },
+ "client": {
+ envGlobal: "https://env-global.dev",
+ envService: "https://env-supplychain.dev",
+ configGlobal: "http://config-global.dev",
+ configService: "http://config-supplychain.dev",
+ clientEndpoint: aws.String("https://client-supplychain.dev"),
+ expectURL: aws.String("https://client-supplychain.dev"),
+ },
+ }
+
+ for name, c := range cases {
+ t.Run(name, func(t *testing.T) {
+ os.Clearenv()
+
+ awsConfig := aws.Config{}
+ ignore := c.envIgnore || c.configIgnore
+
+ if c.configGlobal != "" && !ignore {
+ awsConfig.BaseEndpoint = aws.String(c.configGlobal)
+ }
+
+ if c.envGlobal != "" {
+ t.Setenv("AWS_ENDPOINT_URL", c.envGlobal)
+ if !ignore {
+ awsConfig.BaseEndpoint = aws.String(c.envGlobal)
+ }
+ }
+
+ if c.envService != "" {
+ t.Setenv("AWS_ENDPOINT_URL_SUPPLYCHAIN", c.envService)
+ }
+
+ awsConfig.ConfigSources = []interface{}{
+ mockConfigSource{
+ global: c.envGlobal,
+ service: c.envService,
+ ignore: c.envIgnore,
+ },
+ mockConfigSource{
+ global: c.configGlobal,
+ service: c.configService,
+ ignore: c.configIgnore,
+ },
+ }
+
+ client := NewFromConfig(awsConfig, func(o *Options) {
+ if c.clientEndpoint != nil {
+ o.BaseEndpoint = c.clientEndpoint
+ }
+ })
+
+ if e, a := c.expectURL, client.options.BaseEndpoint; !reflect.DeepEqual(e, a) {
+ t.Errorf("expect endpoint %v , got %v", e, a)
+ }
+ })
+ }
+}
diff --git a/service/supplychain/endpoints_test.go b/service/supplychain/endpoints_test.go
new file mode 100644
index 00000000000..81551b6356e
--- /dev/null
+++ b/service/supplychain/endpoints_test.go
@@ -0,0 +1,856 @@
+// Code generated by smithy-go-codegen DO NOT EDIT.
+
+package supplychain
+
+import (
+ "context"
+ smithy "github.com/aws/smithy-go"
+ smithyendpoints "github.com/aws/smithy-go/endpoints"
+ "github.com/aws/smithy-go/ptr"
+ "github.com/google/go-cmp/cmp"
+ "net/http"
+ "net/url"
+ "strings"
+ "testing"
+)
+
+// For region us-east-1 with FIPS enabled and DualStack enabled
+func TestEndpointCase0(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("us-east-1"),
+ UseFIPS: ptr.Bool(true),
+ UseDualStack: ptr.Bool(true),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
+ }
+
+ uri, _ := url.Parse("https://scn-fips.us-east-1.api.aws")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: smithy.Properties{},
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
+ }
+}
+
+// For region us-east-1 with FIPS enabled and DualStack disabled
+func TestEndpointCase1(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("us-east-1"),
+ UseFIPS: ptr.Bool(true),
+ UseDualStack: ptr.Bool(false),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
+ }
+
+ uri, _ := url.Parse("https://scn-fips.us-east-1.amazonaws.com")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: smithy.Properties{},
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
+ }
+}
+
+// For region us-east-1 with FIPS disabled and DualStack enabled
+func TestEndpointCase2(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("us-east-1"),
+ UseFIPS: ptr.Bool(false),
+ UseDualStack: ptr.Bool(true),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
+ }
+
+ uri, _ := url.Parse("https://scn.us-east-1.api.aws")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: smithy.Properties{},
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
+ }
+}
+
+// For region us-east-1 with FIPS disabled and DualStack disabled
+func TestEndpointCase3(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("us-east-1"),
+ UseFIPS: ptr.Bool(false),
+ UseDualStack: ptr.Bool(false),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
+ }
+
+ uri, _ := url.Parse("https://scn.us-east-1.amazonaws.com")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: smithy.Properties{},
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
+ }
+}
+
+// For region cn-north-1 with FIPS enabled and DualStack enabled
+func TestEndpointCase4(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("cn-north-1"),
+ UseFIPS: ptr.Bool(true),
+ UseDualStack: ptr.Bool(true),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
+ }
+
+ uri, _ := url.Parse("https://scn-fips.cn-north-1.api.amazonwebservices.com.cn")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: smithy.Properties{},
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
+ }
+}
+
+// For region cn-north-1 with FIPS enabled and DualStack disabled
+func TestEndpointCase5(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("cn-north-1"),
+ UseFIPS: ptr.Bool(true),
+ UseDualStack: ptr.Bool(false),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
+ }
+
+ uri, _ := url.Parse("https://scn-fips.cn-north-1.amazonaws.com.cn")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: smithy.Properties{},
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
+ }
+}
+
+// For region cn-north-1 with FIPS disabled and DualStack enabled
+func TestEndpointCase6(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("cn-north-1"),
+ UseFIPS: ptr.Bool(false),
+ UseDualStack: ptr.Bool(true),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
+ }
+
+ uri, _ := url.Parse("https://scn.cn-north-1.api.amazonwebservices.com.cn")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: smithy.Properties{},
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
+ }
+}
+
+// For region cn-north-1 with FIPS disabled and DualStack disabled
+func TestEndpointCase7(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("cn-north-1"),
+ UseFIPS: ptr.Bool(false),
+ UseDualStack: ptr.Bool(false),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
+ }
+
+ uri, _ := url.Parse("https://scn.cn-north-1.amazonaws.com.cn")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: smithy.Properties{},
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
+ }
+}
+
+// For region us-gov-east-1 with FIPS enabled and DualStack enabled
+func TestEndpointCase8(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("us-gov-east-1"),
+ UseFIPS: ptr.Bool(true),
+ UseDualStack: ptr.Bool(true),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
+ }
+
+ uri, _ := url.Parse("https://scn-fips.us-gov-east-1.api.aws")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: smithy.Properties{},
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
+ }
+}
+
+// For region us-gov-east-1 with FIPS enabled and DualStack disabled
+func TestEndpointCase9(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("us-gov-east-1"),
+ UseFIPS: ptr.Bool(true),
+ UseDualStack: ptr.Bool(false),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
+ }
+
+ uri, _ := url.Parse("https://scn-fips.us-gov-east-1.amazonaws.com")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: smithy.Properties{},
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
+ }
+}
+
+// For region us-gov-east-1 with FIPS disabled and DualStack enabled
+func TestEndpointCase10(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("us-gov-east-1"),
+ UseFIPS: ptr.Bool(false),
+ UseDualStack: ptr.Bool(true),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
+ }
+
+ uri, _ := url.Parse("https://scn.us-gov-east-1.api.aws")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: smithy.Properties{},
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
+ }
+}
+
+// For region us-gov-east-1 with FIPS disabled and DualStack disabled
+func TestEndpointCase11(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("us-gov-east-1"),
+ UseFIPS: ptr.Bool(false),
+ UseDualStack: ptr.Bool(false),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
+ }
+
+ uri, _ := url.Parse("https://scn.us-gov-east-1.amazonaws.com")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: smithy.Properties{},
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
+ }
+}
+
+// For region us-iso-east-1 with FIPS enabled and DualStack enabled
+func TestEndpointCase12(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("us-iso-east-1"),
+ UseFIPS: ptr.Bool(true),
+ UseDualStack: ptr.Bool(true),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err == nil {
+ t.Fatalf("expect error, got none")
+ }
+ if e, a := "FIPS and DualStack are enabled, but this partition does not support one or both", err.Error(); !strings.Contains(a, e) {
+ t.Errorf("expect %v error in %v", e, a)
+ }
+}
+
+// For region us-iso-east-1 with FIPS enabled and DualStack disabled
+func TestEndpointCase13(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("us-iso-east-1"),
+ UseFIPS: ptr.Bool(true),
+ UseDualStack: ptr.Bool(false),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
+ }
+
+ uri, _ := url.Parse("https://scn-fips.us-iso-east-1.c2s.ic.gov")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: smithy.Properties{},
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
+ }
+}
+
+// For region us-iso-east-1 with FIPS disabled and DualStack enabled
+func TestEndpointCase14(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("us-iso-east-1"),
+ UseFIPS: ptr.Bool(false),
+ UseDualStack: ptr.Bool(true),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err == nil {
+ t.Fatalf("expect error, got none")
+ }
+ if e, a := "DualStack is enabled but this partition does not support DualStack", err.Error(); !strings.Contains(a, e) {
+ t.Errorf("expect %v error in %v", e, a)
+ }
+}
+
+// For region us-iso-east-1 with FIPS disabled and DualStack disabled
+func TestEndpointCase15(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("us-iso-east-1"),
+ UseFIPS: ptr.Bool(false),
+ UseDualStack: ptr.Bool(false),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
+ }
+
+ uri, _ := url.Parse("https://scn.us-iso-east-1.c2s.ic.gov")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: smithy.Properties{},
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
+ }
+}
+
+// For region us-isob-east-1 with FIPS enabled and DualStack enabled
+func TestEndpointCase16(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("us-isob-east-1"),
+ UseFIPS: ptr.Bool(true),
+ UseDualStack: ptr.Bool(true),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err == nil {
+ t.Fatalf("expect error, got none")
+ }
+ if e, a := "FIPS and DualStack are enabled, but this partition does not support one or both", err.Error(); !strings.Contains(a, e) {
+ t.Errorf("expect %v error in %v", e, a)
+ }
+}
+
+// For region us-isob-east-1 with FIPS enabled and DualStack disabled
+func TestEndpointCase17(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("us-isob-east-1"),
+ UseFIPS: ptr.Bool(true),
+ UseDualStack: ptr.Bool(false),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
+ }
+
+ uri, _ := url.Parse("https://scn-fips.us-isob-east-1.sc2s.sgov.gov")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: smithy.Properties{},
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
+ }
+}
+
+// For region us-isob-east-1 with FIPS disabled and DualStack enabled
+func TestEndpointCase18(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("us-isob-east-1"),
+ UseFIPS: ptr.Bool(false),
+ UseDualStack: ptr.Bool(true),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err == nil {
+ t.Fatalf("expect error, got none")
+ }
+ if e, a := "DualStack is enabled but this partition does not support DualStack", err.Error(); !strings.Contains(a, e) {
+ t.Errorf("expect %v error in %v", e, a)
+ }
+}
+
+// For region us-isob-east-1 with FIPS disabled and DualStack disabled
+func TestEndpointCase19(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("us-isob-east-1"),
+ UseFIPS: ptr.Bool(false),
+ UseDualStack: ptr.Bool(false),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
+ }
+
+ uri, _ := url.Parse("https://scn.us-isob-east-1.sc2s.sgov.gov")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: smithy.Properties{},
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
+ }
+}
+
+// For custom endpoint with region set and fips disabled and dualstack disabled
+func TestEndpointCase20(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("us-east-1"),
+ UseFIPS: ptr.Bool(false),
+ UseDualStack: ptr.Bool(false),
+ Endpoint: ptr.String("https://example.com"),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
+ }
+
+ uri, _ := url.Parse("https://example.com")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: smithy.Properties{},
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
+ }
+}
+
+// For custom endpoint with region not set and fips disabled and dualstack disabled
+func TestEndpointCase21(t *testing.T) {
+ var params = EndpointParameters{
+ UseFIPS: ptr.Bool(false),
+ UseDualStack: ptr.Bool(false),
+ Endpoint: ptr.String("https://example.com"),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err != nil {
+ t.Fatalf("expect no error, got %v", err)
+ }
+
+ uri, _ := url.Parse("https://example.com")
+
+ expectEndpoint := smithyendpoints.Endpoint{
+ URI: *uri,
+ Headers: http.Header{},
+ Properties: smithy.Properties{},
+ }
+
+ if e, a := expectEndpoint.URI, result.URI; e != a {
+ t.Errorf("expect %v URI, got %v", e, a)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Headers, result.Headers); diff != "" {
+ t.Errorf("expect headers to match\n%s", diff)
+ }
+
+ if diff := cmp.Diff(expectEndpoint.Properties, result.Properties,
+ cmp.AllowUnexported(smithy.Properties{}),
+ ); diff != "" {
+ t.Errorf("expect properties to match\n%s", diff)
+ }
+}
+
+// For custom endpoint with fips enabled and dualstack disabled
+func TestEndpointCase22(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("us-east-1"),
+ UseFIPS: ptr.Bool(true),
+ UseDualStack: ptr.Bool(false),
+ Endpoint: ptr.String("https://example.com"),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err == nil {
+ t.Fatalf("expect error, got none")
+ }
+ if e, a := "Invalid Configuration: FIPS and custom endpoint are not supported", err.Error(); !strings.Contains(a, e) {
+ t.Errorf("expect %v error in %v", e, a)
+ }
+}
+
+// For custom endpoint with fips disabled and dualstack enabled
+func TestEndpointCase23(t *testing.T) {
+ var params = EndpointParameters{
+ Region: ptr.String("us-east-1"),
+ UseFIPS: ptr.Bool(false),
+ UseDualStack: ptr.Bool(true),
+ Endpoint: ptr.String("https://example.com"),
+ }
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err == nil {
+ t.Fatalf("expect error, got none")
+ }
+ if e, a := "Invalid Configuration: Dualstack and custom endpoint are not supported", err.Error(); !strings.Contains(a, e) {
+ t.Errorf("expect %v error in %v", e, a)
+ }
+}
+
+// Missing region
+func TestEndpointCase24(t *testing.T) {
+ var params = EndpointParameters{}
+
+ resolver := NewDefaultEndpointResolverV2()
+ result, err := resolver.ResolveEndpoint(context.Background(), params)
+ _, _ = result, err
+
+ if err == nil {
+ t.Fatalf("expect error, got none")
+ }
+ if e, a := "Invalid Configuration: Missing Region", err.Error(); !strings.Contains(a, e) {
+ t.Errorf("expect %v error in %v", e, a)
+ }
+}
diff --git a/service/supplychain/generated.json b/service/supplychain/generated.json
new file mode 100644
index 00000000000..a220e39477e
--- /dev/null
+++ b/service/supplychain/generated.json
@@ -0,0 +1,34 @@
+{
+ "dependencies": {
+ "github.com/aws/aws-sdk-go-v2": "v1.4.0",
+ "github.com/aws/aws-sdk-go-v2/internal/configsources": "v0.0.0-00010101000000-000000000000",
+ "github.com/aws/aws-sdk-go-v2/internal/endpoints/v2": "v2.0.0-00010101000000-000000000000",
+ "github.com/aws/smithy-go": "v1.4.0",
+ "github.com/google/go-cmp": "v0.5.4"
+ },
+ "files": [
+ "api_client.go",
+ "api_client_test.go",
+ "api_op_CreateBillOfMaterialsImportJob.go",
+ "api_op_GetBillOfMaterialsImportJob.go",
+ "auth.go",
+ "deserializers.go",
+ "doc.go",
+ "endpoints.go",
+ "endpoints_config_test.go",
+ "endpoints_test.go",
+ "generated.json",
+ "internal/endpoints/endpoints.go",
+ "internal/endpoints/endpoints_test.go",
+ "options.go",
+ "protocol_test.go",
+ "serializers.go",
+ "types/enums.go",
+ "types/errors.go",
+ "types/types.go",
+ "validators.go"
+ ],
+ "go": "1.15",
+ "module": "github.com/aws/aws-sdk-go-v2/service/supplychain",
+ "unstable": false
+}
diff --git a/service/supplychain/go.mod b/service/supplychain/go.mod
new file mode 100644
index 00000000000..3159331fd5a
--- /dev/null
+++ b/service/supplychain/go.mod
@@ -0,0 +1,17 @@
+module github.com/aws/aws-sdk-go-v2/service/supplychain
+
+go 1.19
+
+require (
+ github.com/aws/aws-sdk-go-v2 v1.24.1
+ github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10
+ github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10
+ github.com/aws/smithy-go v1.19.0
+ github.com/google/go-cmp v0.5.8
+)
+
+replace github.com/aws/aws-sdk-go-v2 => ../../
+
+replace github.com/aws/aws-sdk-go-v2/internal/configsources => ../../internal/configsources/
+
+replace github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 => ../../internal/endpoints/v2/
diff --git a/service/supplychain/go.sum b/service/supplychain/go.sum
new file mode 100644
index 00000000000..5795dbe697e
--- /dev/null
+++ b/service/supplychain/go.sum
@@ -0,0 +1,4 @@
+github.com/aws/smithy-go v1.19.0 h1:KWFKQV80DpP3vJrrA9sVAHQ5gc2z8i4EzrLhLlWXcBM=
+github.com/aws/smithy-go v1.19.0/go.mod h1:NukqUGpCZIILqqiV0NIjeFh24kd/FAa4beRb6nbIUPE=
+github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg=
+github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
diff --git a/service/supplychain/go_module_metadata.go b/service/supplychain/go_module_metadata.go
new file mode 100644
index 00000000000..cfec214d56d
--- /dev/null
+++ b/service/supplychain/go_module_metadata.go
@@ -0,0 +1,6 @@
+// Code generated by internal/repotools/cmd/updatemodulemeta DO NOT EDIT.
+
+package supplychain
+
+// goModuleVersion is the tagged release for this module
+const goModuleVersion = "1.0.0"
diff --git a/service/supplychain/internal/endpoints/endpoints.go b/service/supplychain/internal/endpoints/endpoints.go
new file mode 100644
index 00000000000..1f9bced0ed2
--- /dev/null
+++ b/service/supplychain/internal/endpoints/endpoints.go
@@ -0,0 +1,296 @@
+// Code generated by smithy-go-codegen DO NOT EDIT.
+
+package endpoints
+
+import (
+ "github.com/aws/aws-sdk-go-v2/aws"
+ endpoints "github.com/aws/aws-sdk-go-v2/internal/endpoints/v2"
+ "github.com/aws/smithy-go/logging"
+ "regexp"
+)
+
+// Options is the endpoint resolver configuration options
+type Options struct {
+ // Logger is a logging implementation that log events should be sent to.
+ Logger logging.Logger
+
+ // LogDeprecated indicates that deprecated endpoints should be logged to the
+ // provided logger.
+ LogDeprecated bool
+
+ // ResolvedRegion is used to override the region to be resolved, rather then the
+ // using the value passed to the ResolveEndpoint method. This value is used by the
+ // SDK to translate regions like fips-us-east-1 or us-east-1-fips to an alternative
+ // name. You must not set this value directly in your application.
+ ResolvedRegion string
+
+ // DisableHTTPS informs the resolver to return an endpoint that does not use the
+ // HTTPS scheme.
+ DisableHTTPS bool
+
+ // UseDualStackEndpoint specifies the resolver must resolve a dual-stack endpoint.
+ UseDualStackEndpoint aws.DualStackEndpointState
+
+ // UseFIPSEndpoint specifies the resolver must resolve a FIPS endpoint.
+ UseFIPSEndpoint aws.FIPSEndpointState
+}
+
+func (o Options) GetResolvedRegion() string {
+ return o.ResolvedRegion
+}
+
+func (o Options) GetDisableHTTPS() bool {
+ return o.DisableHTTPS
+}
+
+func (o Options) GetUseDualStackEndpoint() aws.DualStackEndpointState {
+ return o.UseDualStackEndpoint
+}
+
+func (o Options) GetUseFIPSEndpoint() aws.FIPSEndpointState {
+ return o.UseFIPSEndpoint
+}
+
+func transformToSharedOptions(options Options) endpoints.Options {
+ return endpoints.Options{
+ Logger: options.Logger,
+ LogDeprecated: options.LogDeprecated,
+ ResolvedRegion: options.ResolvedRegion,
+ DisableHTTPS: options.DisableHTTPS,
+ UseDualStackEndpoint: options.UseDualStackEndpoint,
+ UseFIPSEndpoint: options.UseFIPSEndpoint,
+ }
+}
+
+// Resolver SupplyChain endpoint resolver
+type Resolver struct {
+ partitions endpoints.Partitions
+}
+
+// ResolveEndpoint resolves the service endpoint for the given region and options
+func (r *Resolver) ResolveEndpoint(region string, options Options) (endpoint aws.Endpoint, err error) {
+ if len(region) == 0 {
+ return endpoint, &aws.MissingRegionError{}
+ }
+
+ opt := transformToSharedOptions(options)
+ return r.partitions.ResolveEndpoint(region, opt)
+}
+
+// New returns a new Resolver
+func New() *Resolver {
+ return &Resolver{
+ partitions: defaultPartitions,
+ }
+}
+
+var partitionRegexp = struct {
+ Aws *regexp.Regexp
+ AwsCn *regexp.Regexp
+ AwsIso *regexp.Regexp
+ AwsIsoB *regexp.Regexp
+ AwsIsoE *regexp.Regexp
+ AwsIsoF *regexp.Regexp
+ AwsUsGov *regexp.Regexp
+}{
+
+ Aws: regexp.MustCompile("^(us|eu|ap|sa|ca|me|af|il)\\-\\w+\\-\\d+$"),
+ AwsCn: regexp.MustCompile("^cn\\-\\w+\\-\\d+$"),
+ AwsIso: regexp.MustCompile("^us\\-iso\\-\\w+\\-\\d+$"),
+ AwsIsoB: regexp.MustCompile("^us\\-isob\\-\\w+\\-\\d+$"),
+ AwsIsoE: regexp.MustCompile("^eu\\-isoe\\-\\w+\\-\\d+$"),
+ AwsIsoF: regexp.MustCompile("^us\\-isof\\-\\w+\\-\\d+$"),
+ AwsUsGov: regexp.MustCompile("^us\\-gov\\-\\w+\\-\\d+$"),
+}
+
+var defaultPartitions = endpoints.Partitions{
+ {
+ ID: "aws",
+ Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{
+ {
+ Variant: endpoints.DualStackVariant,
+ }: {
+ Hostname: "scn.{region}.api.aws",
+ Protocols: []string{"https"},
+ SignatureVersions: []string{"v4"},
+ },
+ {
+ Variant: endpoints.FIPSVariant,
+ }: {
+ Hostname: "scn-fips.{region}.amazonaws.com",
+ Protocols: []string{"https"},
+ SignatureVersions: []string{"v4"},
+ },
+ {
+ Variant: endpoints.FIPSVariant | endpoints.DualStackVariant,
+ }: {
+ Hostname: "scn-fips.{region}.api.aws",
+ Protocols: []string{"https"},
+ SignatureVersions: []string{"v4"},
+ },
+ {
+ Variant: 0,
+ }: {
+ Hostname: "scn.{region}.amazonaws.com",
+ Protocols: []string{"https"},
+ SignatureVersions: []string{"v4"},
+ },
+ },
+ RegionRegex: partitionRegexp.Aws,
+ IsRegionalized: true,
+ },
+ {
+ ID: "aws-cn",
+ Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{
+ {
+ Variant: endpoints.DualStackVariant,
+ }: {
+ Hostname: "scn.{region}.api.amazonwebservices.com.cn",
+ Protocols: []string{"https"},
+ SignatureVersions: []string{"v4"},
+ },
+ {
+ Variant: endpoints.FIPSVariant,
+ }: {
+ Hostname: "scn-fips.{region}.amazonaws.com.cn",
+ Protocols: []string{"https"},
+ SignatureVersions: []string{"v4"},
+ },
+ {
+ Variant: endpoints.FIPSVariant | endpoints.DualStackVariant,
+ }: {
+ Hostname: "scn-fips.{region}.api.amazonwebservices.com.cn",
+ Protocols: []string{"https"},
+ SignatureVersions: []string{"v4"},
+ },
+ {
+ Variant: 0,
+ }: {
+ Hostname: "scn.{region}.amazonaws.com.cn",
+ Protocols: []string{"https"},
+ SignatureVersions: []string{"v4"},
+ },
+ },
+ RegionRegex: partitionRegexp.AwsCn,
+ IsRegionalized: true,
+ },
+ {
+ ID: "aws-iso",
+ Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{
+ {
+ Variant: endpoints.FIPSVariant,
+ }: {
+ Hostname: "scn-fips.{region}.c2s.ic.gov",
+ Protocols: []string{"https"},
+ SignatureVersions: []string{"v4"},
+ },
+ {
+ Variant: 0,
+ }: {
+ Hostname: "scn.{region}.c2s.ic.gov",
+ Protocols: []string{"https"},
+ SignatureVersions: []string{"v4"},
+ },
+ },
+ RegionRegex: partitionRegexp.AwsIso,
+ IsRegionalized: true,
+ },
+ {
+ ID: "aws-iso-b",
+ Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{
+ {
+ Variant: endpoints.FIPSVariant,
+ }: {
+ Hostname: "scn-fips.{region}.sc2s.sgov.gov",
+ Protocols: []string{"https"},
+ SignatureVersions: []string{"v4"},
+ },
+ {
+ Variant: 0,
+ }: {
+ Hostname: "scn.{region}.sc2s.sgov.gov",
+ Protocols: []string{"https"},
+ SignatureVersions: []string{"v4"},
+ },
+ },
+ RegionRegex: partitionRegexp.AwsIsoB,
+ IsRegionalized: true,
+ },
+ {
+ ID: "aws-iso-e",
+ Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{
+ {
+ Variant: endpoints.FIPSVariant,
+ }: {
+ Hostname: "scn-fips.{region}.cloud.adc-e.uk",
+ Protocols: []string{"https"},
+ SignatureVersions: []string{"v4"},
+ },
+ {
+ Variant: 0,
+ }: {
+ Hostname: "scn.{region}.cloud.adc-e.uk",
+ Protocols: []string{"https"},
+ SignatureVersions: []string{"v4"},
+ },
+ },
+ RegionRegex: partitionRegexp.AwsIsoE,
+ IsRegionalized: true,
+ },
+ {
+ ID: "aws-iso-f",
+ Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{
+ {
+ Variant: endpoints.FIPSVariant,
+ }: {
+ Hostname: "scn-fips.{region}.csp.hci.ic.gov",
+ Protocols: []string{"https"},
+ SignatureVersions: []string{"v4"},
+ },
+ {
+ Variant: 0,
+ }: {
+ Hostname: "scn.{region}.csp.hci.ic.gov",
+ Protocols: []string{"https"},
+ SignatureVersions: []string{"v4"},
+ },
+ },
+ RegionRegex: partitionRegexp.AwsIsoF,
+ IsRegionalized: true,
+ },
+ {
+ ID: "aws-us-gov",
+ Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{
+ {
+ Variant: endpoints.DualStackVariant,
+ }: {
+ Hostname: "scn.{region}.api.aws",
+ Protocols: []string{"https"},
+ SignatureVersions: []string{"v4"},
+ },
+ {
+ Variant: endpoints.FIPSVariant,
+ }: {
+ Hostname: "scn-fips.{region}.amazonaws.com",
+ Protocols: []string{"https"},
+ SignatureVersions: []string{"v4"},
+ },
+ {
+ Variant: endpoints.FIPSVariant | endpoints.DualStackVariant,
+ }: {
+ Hostname: "scn-fips.{region}.api.aws",
+ Protocols: []string{"https"},
+ SignatureVersions: []string{"v4"},
+ },
+ {
+ Variant: 0,
+ }: {
+ Hostname: "scn.{region}.amazonaws.com",
+ Protocols: []string{"https"},
+ SignatureVersions: []string{"v4"},
+ },
+ },
+ RegionRegex: partitionRegexp.AwsUsGov,
+ IsRegionalized: true,
+ },
+}
diff --git a/service/supplychain/internal/endpoints/endpoints_test.go b/service/supplychain/internal/endpoints/endpoints_test.go
new file mode 100644
index 00000000000..08e5da2d833
--- /dev/null
+++ b/service/supplychain/internal/endpoints/endpoints_test.go
@@ -0,0 +1,11 @@
+// Code generated by smithy-go-codegen DO NOT EDIT.
+
+package endpoints
+
+import (
+ "testing"
+)
+
+func TestRegexCompile(t *testing.T) {
+ _ = defaultPartitions
+}
diff --git a/service/supplychain/options.go b/service/supplychain/options.go
new file mode 100644
index 00000000000..197e9c8a081
--- /dev/null
+++ b/service/supplychain/options.go
@@ -0,0 +1,221 @@
+// Code generated by smithy-go-codegen DO NOT EDIT.
+
+package supplychain
+
+import (
+ "context"
+ "github.com/aws/aws-sdk-go-v2/aws"
+ awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
+ internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy"
+ smithyauth "github.com/aws/smithy-go/auth"
+ "github.com/aws/smithy-go/logging"
+ "github.com/aws/smithy-go/middleware"
+ smithyhttp "github.com/aws/smithy-go/transport/http"
+ "net/http"
+)
+
+type HTTPClient interface {
+ Do(*http.Request) (*http.Response, error)
+}
+
+type Options struct {
+ // Set of options to modify how an operation is invoked. These apply to all
+ // operations invoked for this client. Use functional options on operation call to
+ // modify this list for per operation behavior.
+ APIOptions []func(*middleware.Stack) error
+
+ // The optional application specific identifier appended to the User-Agent header.
+ AppID string
+
+ // This endpoint will be given as input to an EndpointResolverV2. It is used for
+ // providing a custom base endpoint that is subject to modifications by the
+ // processing EndpointResolverV2.
+ BaseEndpoint *string
+
+ // Configures the events that will be sent to the configured logger.
+ ClientLogMode aws.ClientLogMode
+
+ // The credentials object to use when signing requests.
+ Credentials aws.CredentialsProvider
+
+ // The configuration DefaultsMode that the SDK should use when constructing the
+ // clients initial default settings.
+ DefaultsMode aws.DefaultsMode
+
+ // The endpoint options to be used when attempting to resolve an endpoint.
+ EndpointOptions EndpointResolverOptions
+
+ // The service endpoint resolver.
+ //
+ // Deprecated: Deprecated: EndpointResolver and WithEndpointResolver. Providing a
+ // value for this field will likely prevent you from using any endpoint-related
+ // service features released after the introduction of EndpointResolverV2 and
+ // BaseEndpoint. To migrate an EndpointResolver implementation that uses a custom
+ // endpoint, set the client option BaseEndpoint instead.
+ EndpointResolver EndpointResolver
+
+ // Resolves the endpoint used for a particular service operation. This should be
+ // used over the deprecated EndpointResolver.
+ EndpointResolverV2 EndpointResolverV2
+
+ // Signature Version 4 (SigV4) Signer
+ HTTPSignerV4 HTTPSignerV4
+
+ // Provides idempotency tokens values that will be automatically populated into
+ // idempotent API operations.
+ IdempotencyTokenProvider IdempotencyTokenProvider
+
+ // The logger writer interface to write logging messages to.
+ Logger logging.Logger
+
+ // The region to send requests to. (Required)
+ Region string
+
+ // RetryMaxAttempts specifies the maximum number attempts an API client will call
+ // an operation that fails with a retryable error. A value of 0 is ignored, and
+ // will not be used to configure the API client created default retryer, or modify
+ // per operation call's retry max attempts. If specified in an operation call's
+ // functional options with a value that is different than the constructed client's
+ // Options, the Client's Retryer will be wrapped to use the operation's specific
+ // RetryMaxAttempts value.
+ RetryMaxAttempts int
+
+ // RetryMode specifies the retry mode the API client will be created with, if
+ // Retryer option is not also specified. When creating a new API Clients this
+ // member will only be used if the Retryer Options member is nil. This value will
+ // be ignored if Retryer is not nil. Currently does not support per operation call
+ // overrides, may in the future.
+ RetryMode aws.RetryMode
+
+ // Retryer guides how HTTP requests should be retried in case of recoverable
+ // failures. When nil the API client will use a default retryer. The kind of
+ // default retry created by the API client can be changed with the RetryMode
+ // option.
+ Retryer aws.Retryer
+
+ // The RuntimeEnvironment configuration, only populated if the DefaultsMode is set
+ // to DefaultsModeAuto and is initialized using config.LoadDefaultConfig . You
+ // should not populate this structure programmatically, or rely on the values here
+ // within your applications.
+ RuntimeEnvironment aws.RuntimeEnvironment
+
+ // The initial DefaultsMode used when the client options were constructed. If the
+ // DefaultsMode was set to aws.DefaultsModeAuto this will store what the resolved
+ // value was at that point in time. Currently does not support per operation call
+ // overrides, may in the future.
+ resolvedDefaultsMode aws.DefaultsMode
+
+ // The HTTP client to invoke API calls with. Defaults to client's default HTTP
+ // implementation if nil.
+ HTTPClient HTTPClient
+
+ // The auth scheme resolver which determines how to authenticate for each
+ // operation.
+ AuthSchemeResolver AuthSchemeResolver
+
+ // The list of auth schemes supported by the client.
+ AuthSchemes []smithyhttp.AuthScheme
+}
+
+// Copy creates a clone where the APIOptions list is deep copied.
+func (o Options) Copy() Options {
+ to := o
+ to.APIOptions = make([]func(*middleware.Stack) error, len(o.APIOptions))
+ copy(to.APIOptions, o.APIOptions)
+
+ return to
+}
+
+func (o Options) GetIdentityResolver(schemeID string) smithyauth.IdentityResolver {
+ if schemeID == "aws.auth#sigv4" {
+ return getSigV4IdentityResolver(o)
+ }
+ if schemeID == "smithy.api#noAuth" {
+ return &smithyauth.AnonymousIdentityResolver{}
+ }
+ return nil
+}
+
+// WithAPIOptions returns a functional option for setting the Client's APIOptions
+// option.
+func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options) {
+ return func(o *Options) {
+ o.APIOptions = append(o.APIOptions, optFns...)
+ }
+}
+
+// Deprecated: EndpointResolver and WithEndpointResolver. Providing a value for
+// this field will likely prevent you from using any endpoint-related service
+// features released after the introduction of EndpointResolverV2 and BaseEndpoint.
+// To migrate an EndpointResolver implementation that uses a custom endpoint, set
+// the client option BaseEndpoint instead.
+func WithEndpointResolver(v EndpointResolver) func(*Options) {
+ return func(o *Options) {
+ o.EndpointResolver = v
+ }
+}
+
+// WithEndpointResolverV2 returns a functional option for setting the Client's
+// EndpointResolverV2 option.
+func WithEndpointResolverV2(v EndpointResolverV2) func(*Options) {
+ return func(o *Options) {
+ o.EndpointResolverV2 = v
+ }
+}
+
+func getSigV4IdentityResolver(o Options) smithyauth.IdentityResolver {
+ if o.Credentials != nil {
+ return &internalauthsmithy.CredentialsProviderAdapter{Provider: o.Credentials}
+ }
+ return nil
+}
+
+// WithSigV4SigningName applies an override to the authentication workflow to
+// use the given signing name for SigV4-authenticated operations.
+//
+// This is an advanced setting. The value here is FINAL, taking precedence over
+// the resolved signing name from both auth scheme resolution and endpoint
+// resolution.
+func WithSigV4SigningName(name string) func(*Options) {
+ fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) (
+ out middleware.InitializeOutput, metadata middleware.Metadata, err error,
+ ) {
+ return next.HandleInitialize(awsmiddleware.SetSigningName(ctx, name), in)
+ }
+ return func(o *Options) {
+ o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error {
+ return s.Initialize.Add(
+ middleware.InitializeMiddlewareFunc("withSigV4SigningName", fn),
+ middleware.Before,
+ )
+ })
+ }
+}
+
+// WithSigV4SigningRegion applies an override to the authentication workflow to
+// use the given signing region for SigV4-authenticated operations.
+//
+// This is an advanced setting. The value here is FINAL, taking precedence over
+// the resolved signing region from both auth scheme resolution and endpoint
+// resolution.
+func WithSigV4SigningRegion(region string) func(*Options) {
+ fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) (
+ out middleware.InitializeOutput, metadata middleware.Metadata, err error,
+ ) {
+ return next.HandleInitialize(awsmiddleware.SetSigningRegion(ctx, region), in)
+ }
+ return func(o *Options) {
+ o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error {
+ return s.Initialize.Add(
+ middleware.InitializeMiddlewareFunc("withSigV4SigningRegion", fn),
+ middleware.Before,
+ )
+ })
+ }
+}
+
+func ignoreAnonymousAuth(options *Options) {
+ if aws.IsCredentialsProvider(options.Credentials, (*aws.AnonymousCredentials)(nil)) {
+ options.Credentials = nil
+ }
+}
diff --git a/service/supplychain/protocol_test.go b/service/supplychain/protocol_test.go
new file mode 100644
index 00000000000..f20f288acb0
--- /dev/null
+++ b/service/supplychain/protocol_test.go
@@ -0,0 +1,3 @@
+// Code generated by smithy-go-codegen DO NOT EDIT.
+
+package supplychain
diff --git a/service/supplychain/serializers.go b/service/supplychain/serializers.go
new file mode 100644
index 00000000000..11563379cc7
--- /dev/null
+++ b/service/supplychain/serializers.go
@@ -0,0 +1,181 @@
+// Code generated by smithy-go-codegen DO NOT EDIT.
+
+package supplychain
+
+import (
+ "bytes"
+ "context"
+ "fmt"
+ smithy "github.com/aws/smithy-go"
+ "github.com/aws/smithy-go/encoding/httpbinding"
+ smithyjson "github.com/aws/smithy-go/encoding/json"
+ "github.com/aws/smithy-go/middleware"
+ smithyhttp "github.com/aws/smithy-go/transport/http"
+)
+
+type awsRestjson1_serializeOpCreateBillOfMaterialsImportJob struct {
+}
+
+func (*awsRestjson1_serializeOpCreateBillOfMaterialsImportJob) ID() string {
+ return "OperationSerializer"
+}
+
+func (m *awsRestjson1_serializeOpCreateBillOfMaterialsImportJob) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
+ out middleware.SerializeOutput, metadata middleware.Metadata, err error,
+) {
+ request, ok := in.Request.(*smithyhttp.Request)
+ if !ok {
+ return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)}
+ }
+
+ input, ok := in.Parameters.(*CreateBillOfMaterialsImportJobInput)
+ _ = input
+ if !ok {
+ return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)}
+ }
+
+ opPath, opQuery := httpbinding.SplitURI("/api/configuration/instances/{instanceId}/bill-of-materials-import-jobs")
+ request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath)
+ request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery)
+ request.Method = "POST"
+ var restEncoder *httpbinding.Encoder
+ if request.URL.RawPath == "" {
+ restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header)
+ } else {
+ request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath)
+ restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header)
+ }
+
+ if err != nil {
+ return out, metadata, &smithy.SerializationError{Err: err}
+ }
+
+ if err := awsRestjson1_serializeOpHttpBindingsCreateBillOfMaterialsImportJobInput(input, restEncoder); err != nil {
+ return out, metadata, &smithy.SerializationError{Err: err}
+ }
+
+ restEncoder.SetHeader("Content-Type").String("application/json")
+
+ jsonEncoder := smithyjson.NewEncoder()
+ if err := awsRestjson1_serializeOpDocumentCreateBillOfMaterialsImportJobInput(input, jsonEncoder.Value); err != nil {
+ return out, metadata, &smithy.SerializationError{Err: err}
+ }
+
+ if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil {
+ return out, metadata, &smithy.SerializationError{Err: err}
+ }
+
+ if request.Request, err = restEncoder.Encode(request.Request); err != nil {
+ return out, metadata, &smithy.SerializationError{Err: err}
+ }
+ in.Request = request
+
+ return next.HandleSerialize(ctx, in)
+}
+func awsRestjson1_serializeOpHttpBindingsCreateBillOfMaterialsImportJobInput(v *CreateBillOfMaterialsImportJobInput, encoder *httpbinding.Encoder) error {
+ if v == nil {
+ return fmt.Errorf("unsupported serialization of nil %T", v)
+ }
+
+ if v.InstanceId == nil || len(*v.InstanceId) == 0 {
+ return &smithy.SerializationError{Err: fmt.Errorf("input member instanceId must not be empty")}
+ }
+ if v.InstanceId != nil {
+ if err := encoder.SetURI("instanceId").String(*v.InstanceId); err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
+func awsRestjson1_serializeOpDocumentCreateBillOfMaterialsImportJobInput(v *CreateBillOfMaterialsImportJobInput, value smithyjson.Value) error {
+ object := value.Object()
+ defer object.Close()
+
+ if v.ClientToken != nil {
+ ok := object.Key("clientToken")
+ ok.String(*v.ClientToken)
+ }
+
+ if v.S3uri != nil {
+ ok := object.Key("s3uri")
+ ok.String(*v.S3uri)
+ }
+
+ return nil
+}
+
+type awsRestjson1_serializeOpGetBillOfMaterialsImportJob struct {
+}
+
+func (*awsRestjson1_serializeOpGetBillOfMaterialsImportJob) ID() string {
+ return "OperationSerializer"
+}
+
+func (m *awsRestjson1_serializeOpGetBillOfMaterialsImportJob) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
+ out middleware.SerializeOutput, metadata middleware.Metadata, err error,
+) {
+ request, ok := in.Request.(*smithyhttp.Request)
+ if !ok {
+ return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)}
+ }
+
+ input, ok := in.Parameters.(*GetBillOfMaterialsImportJobInput)
+ _ = input
+ if !ok {
+ return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)}
+ }
+
+ opPath, opQuery := httpbinding.SplitURI("/api/configuration/instances/{instanceId}/bill-of-materials-import-jobs/{jobId}")
+ request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath)
+ request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery)
+ request.Method = "GET"
+ var restEncoder *httpbinding.Encoder
+ if request.URL.RawPath == "" {
+ restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header)
+ } else {
+ request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath)
+ restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header)
+ }
+
+ if err != nil {
+ return out, metadata, &smithy.SerializationError{Err: err}
+ }
+
+ if err := awsRestjson1_serializeOpHttpBindingsGetBillOfMaterialsImportJobInput(input, restEncoder); err != nil {
+ return out, metadata, &smithy.SerializationError{Err: err}
+ }
+
+ if request.Request, err = restEncoder.Encode(request.Request); err != nil {
+ return out, metadata, &smithy.SerializationError{Err: err}
+ }
+ in.Request = request
+
+ return next.HandleSerialize(ctx, in)
+}
+func awsRestjson1_serializeOpHttpBindingsGetBillOfMaterialsImportJobInput(v *GetBillOfMaterialsImportJobInput, encoder *httpbinding.Encoder) error {
+ if v == nil {
+ return fmt.Errorf("unsupported serialization of nil %T", v)
+ }
+
+ if v.InstanceId == nil || len(*v.InstanceId) == 0 {
+ return &smithy.SerializationError{Err: fmt.Errorf("input member instanceId must not be empty")}
+ }
+ if v.InstanceId != nil {
+ if err := encoder.SetURI("instanceId").String(*v.InstanceId); err != nil {
+ return err
+ }
+ }
+
+ if v.JobId == nil || len(*v.JobId) == 0 {
+ return &smithy.SerializationError{Err: fmt.Errorf("input member jobId must not be empty")}
+ }
+ if v.JobId != nil {
+ if err := encoder.SetURI("jobId").String(*v.JobId); err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
diff --git a/service/supplychain/types/enums.go b/service/supplychain/types/enums.go
new file mode 100644
index 00000000000..b2168ef99cf
--- /dev/null
+++ b/service/supplychain/types/enums.go
@@ -0,0 +1,27 @@
+// Code generated by smithy-go-codegen DO NOT EDIT.
+
+package types
+
+type ConfigurationJobStatus string
+
+// Enum values for ConfigurationJobStatus
+const (
+ ConfigurationJobStatusNew ConfigurationJobStatus = "NEW"
+ ConfigurationJobStatusFailed ConfigurationJobStatus = "FAILED"
+ ConfigurationJobStatusInProgress ConfigurationJobStatus = "IN_PROGRESS"
+ ConfigurationJobStatusQueued ConfigurationJobStatus = "QUEUED"
+ ConfigurationJobStatusSuccess ConfigurationJobStatus = "SUCCESS"
+)
+
+// Values returns all known values for ConfigurationJobStatus. Note that this can
+// be expanded in the future, and so it is only as up to date as the client. The
+// ordering of this slice is not guaranteed to be stable across updates.
+func (ConfigurationJobStatus) Values() []ConfigurationJobStatus {
+ return []ConfigurationJobStatus{
+ "NEW",
+ "FAILED",
+ "IN_PROGRESS",
+ "QUEUED",
+ "SUCCESS",
+ }
+}
diff --git a/service/supplychain/types/errors.go b/service/supplychain/types/errors.go
new file mode 100644
index 00000000000..bed0eb1a4f1
--- /dev/null
+++ b/service/supplychain/types/errors.go
@@ -0,0 +1,190 @@
+// Code generated by smithy-go-codegen DO NOT EDIT.
+
+package types
+
+import (
+ "fmt"
+ smithy "github.com/aws/smithy-go"
+)
+
+// You do not have the required privileges to perform this action.
+type AccessDeniedException struct {
+ Message *string
+
+ ErrorCodeOverride *string
+
+ noSmithyDocumentSerde
+}
+
+func (e *AccessDeniedException) Error() string {
+ return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage())
+}
+func (e *AccessDeniedException) ErrorMessage() string {
+ if e.Message == nil {
+ return ""
+ }
+ return *e.Message
+}
+func (e *AccessDeniedException) ErrorCode() string {
+ if e == nil || e.ErrorCodeOverride == nil {
+ return "AccessDeniedException"
+ }
+ return *e.ErrorCodeOverride
+}
+func (e *AccessDeniedException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient }
+
+// Updating or deleting a resource can cause an inconsistent state.
+type ConflictException struct {
+ Message *string
+
+ ErrorCodeOverride *string
+
+ noSmithyDocumentSerde
+}
+
+func (e *ConflictException) Error() string {
+ return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage())
+}
+func (e *ConflictException) ErrorMessage() string {
+ if e.Message == nil {
+ return ""
+ }
+ return *e.Message
+}
+func (e *ConflictException) ErrorCode() string {
+ if e == nil || e.ErrorCodeOverride == nil {
+ return "ConflictException"
+ }
+ return *e.ErrorCodeOverride
+}
+func (e *ConflictException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient }
+
+// Unexpected error during processing of request.
+type InternalServerException struct {
+ Message *string
+
+ ErrorCodeOverride *string
+
+ noSmithyDocumentSerde
+}
+
+func (e *InternalServerException) Error() string {
+ return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage())
+}
+func (e *InternalServerException) ErrorMessage() string {
+ if e.Message == nil {
+ return ""
+ }
+ return *e.Message
+}
+func (e *InternalServerException) ErrorCode() string {
+ if e == nil || e.ErrorCodeOverride == nil {
+ return "InternalServerException"
+ }
+ return *e.ErrorCodeOverride
+}
+func (e *InternalServerException) ErrorFault() smithy.ErrorFault { return smithy.FaultServer }
+
+// Request references a resource which does not exist.
+type ResourceNotFoundException struct {
+ Message *string
+
+ ErrorCodeOverride *string
+
+ noSmithyDocumentSerde
+}
+
+func (e *ResourceNotFoundException) Error() string {
+ return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage())
+}
+func (e *ResourceNotFoundException) ErrorMessage() string {
+ if e.Message == nil {
+ return ""
+ }
+ return *e.Message
+}
+func (e *ResourceNotFoundException) ErrorCode() string {
+ if e == nil || e.ErrorCodeOverride == nil {
+ return "ResourceNotFoundException"
+ }
+ return *e.ErrorCodeOverride
+}
+func (e *ResourceNotFoundException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient }
+
+// Request would cause a service quota to be exceeded.
+type ServiceQuotaExceededException struct {
+ Message *string
+
+ ErrorCodeOverride *string
+
+ noSmithyDocumentSerde
+}
+
+func (e *ServiceQuotaExceededException) Error() string {
+ return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage())
+}
+func (e *ServiceQuotaExceededException) ErrorMessage() string {
+ if e.Message == nil {
+ return ""
+ }
+ return *e.Message
+}
+func (e *ServiceQuotaExceededException) ErrorCode() string {
+ if e == nil || e.ErrorCodeOverride == nil {
+ return "ServiceQuotaExceededException"
+ }
+ return *e.ErrorCodeOverride
+}
+func (e *ServiceQuotaExceededException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient }
+
+// Request was denied due to request throttling.
+type ThrottlingException struct {
+ Message *string
+
+ ErrorCodeOverride *string
+
+ noSmithyDocumentSerde
+}
+
+func (e *ThrottlingException) Error() string {
+ return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage())
+}
+func (e *ThrottlingException) ErrorMessage() string {
+ if e.Message == nil {
+ return ""
+ }
+ return *e.Message
+}
+func (e *ThrottlingException) ErrorCode() string {
+ if e == nil || e.ErrorCodeOverride == nil {
+ return "ThrottlingException"
+ }
+ return *e.ErrorCodeOverride
+}
+func (e *ThrottlingException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient }
+
+// The input does not satisfy the constraints specified by an AWS service.
+type ValidationException struct {
+ Message *string
+
+ ErrorCodeOverride *string
+
+ noSmithyDocumentSerde
+}
+
+func (e *ValidationException) Error() string {
+ return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage())
+}
+func (e *ValidationException) ErrorMessage() string {
+ if e.Message == nil {
+ return ""
+ }
+ return *e.Message
+}
+func (e *ValidationException) ErrorCode() string {
+ if e == nil || e.ErrorCodeOverride == nil {
+ return "ValidationException"
+ }
+ return *e.ErrorCodeOverride
+}
+func (e *ValidationException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient }
diff --git a/service/supplychain/types/types.go b/service/supplychain/types/types.go
new file mode 100644
index 00000000000..db6517f643b
--- /dev/null
+++ b/service/supplychain/types/types.go
@@ -0,0 +1,39 @@
+// Code generated by smithy-go-codegen DO NOT EDIT.
+
+package types
+
+import (
+ smithydocument "github.com/aws/smithy-go/document"
+)
+
+// The BillOfMaterialsImportJob details.
+type BillOfMaterialsImportJob struct {
+
+ // The BillOfMaterialsImportJob instanceId.
+ //
+ // This member is required.
+ InstanceId *string
+
+ // The BillOfMaterialsImportJob jobId.
+ //
+ // This member is required.
+ JobId *string
+
+ // The S3 URI from which the CSV is read.
+ //
+ // This member is required.
+ S3uri *string
+
+ // The BillOfMaterialsImportJob ConfigurationJobStatus.
+ //
+ // This member is required.
+ Status ConfigurationJobStatus
+
+ // When the BillOfMaterialsImportJob has reached a terminal state, there will be a
+ // message.
+ Message *string
+
+ noSmithyDocumentSerde
+}
+
+type noSmithyDocumentSerde = smithydocument.NoSerde
diff --git a/service/supplychain/validators.go b/service/supplychain/validators.go
new file mode 100644
index 00000000000..eb855f4f536
--- /dev/null
+++ b/service/supplychain/validators.go
@@ -0,0 +1,94 @@
+// Code generated by smithy-go-codegen DO NOT EDIT.
+
+package supplychain
+
+import (
+ "context"
+ "fmt"
+ smithy "github.com/aws/smithy-go"
+ "github.com/aws/smithy-go/middleware"
+)
+
+type validateOpCreateBillOfMaterialsImportJob struct {
+}
+
+func (*validateOpCreateBillOfMaterialsImportJob) ID() string {
+ return "OperationInputValidation"
+}
+
+func (m *validateOpCreateBillOfMaterialsImportJob) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) (
+ out middleware.InitializeOutput, metadata middleware.Metadata, err error,
+) {
+ input, ok := in.Parameters.(*CreateBillOfMaterialsImportJobInput)
+ if !ok {
+ return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters)
+ }
+ if err := validateOpCreateBillOfMaterialsImportJobInput(input); err != nil {
+ return out, metadata, err
+ }
+ return next.HandleInitialize(ctx, in)
+}
+
+type validateOpGetBillOfMaterialsImportJob struct {
+}
+
+func (*validateOpGetBillOfMaterialsImportJob) ID() string {
+ return "OperationInputValidation"
+}
+
+func (m *validateOpGetBillOfMaterialsImportJob) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) (
+ out middleware.InitializeOutput, metadata middleware.Metadata, err error,
+) {
+ input, ok := in.Parameters.(*GetBillOfMaterialsImportJobInput)
+ if !ok {
+ return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters)
+ }
+ if err := validateOpGetBillOfMaterialsImportJobInput(input); err != nil {
+ return out, metadata, err
+ }
+ return next.HandleInitialize(ctx, in)
+}
+
+func addOpCreateBillOfMaterialsImportJobValidationMiddleware(stack *middleware.Stack) error {
+ return stack.Initialize.Add(&validateOpCreateBillOfMaterialsImportJob{}, middleware.After)
+}
+
+func addOpGetBillOfMaterialsImportJobValidationMiddleware(stack *middleware.Stack) error {
+ return stack.Initialize.Add(&validateOpGetBillOfMaterialsImportJob{}, middleware.After)
+}
+
+func validateOpCreateBillOfMaterialsImportJobInput(v *CreateBillOfMaterialsImportJobInput) error {
+ if v == nil {
+ return nil
+ }
+ invalidParams := smithy.InvalidParamsError{Context: "CreateBillOfMaterialsImportJobInput"}
+ if v.InstanceId == nil {
+ invalidParams.Add(smithy.NewErrParamRequired("InstanceId"))
+ }
+ if v.S3uri == nil {
+ invalidParams.Add(smithy.NewErrParamRequired("S3uri"))
+ }
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ } else {
+ return nil
+ }
+}
+
+func validateOpGetBillOfMaterialsImportJobInput(v *GetBillOfMaterialsImportJobInput) error {
+ if v == nil {
+ return nil
+ }
+ invalidParams := smithy.InvalidParamsError{Context: "GetBillOfMaterialsImportJobInput"}
+ if v.InstanceId == nil {
+ invalidParams.Add(smithy.NewErrParamRequired("InstanceId"))
+ }
+ if v.JobId == nil {
+ invalidParams.Add(smithy.NewErrParamRequired("JobId"))
+ }
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ } else {
+ return nil
+ }
+}
diff --git a/service/transcribestreaming/internal/testing/go.mod b/service/transcribestreaming/internal/testing/go.mod
index 2010050b684..3d5b40d7af1 100644
--- a/service/transcribestreaming/internal/testing/go.mod
+++ b/service/transcribestreaming/internal/testing/go.mod
@@ -5,14 +5,14 @@ go 1.19
require (
github.com/aws/aws-sdk-go-v2 v1.24.1
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.4
- github.com/aws/aws-sdk-go-v2/service/internal/eventstreamtesting v1.2.17
+ github.com/aws/aws-sdk-go-v2/service/internal/eventstreamtesting v1.2.18
github.com/aws/aws-sdk-go-v2/service/transcribestreaming v1.15.6
github.com/aws/smithy-go v1.19.0
github.com/google/go-cmp v0.5.8
)
require (
- github.com/aws/aws-sdk-go-v2/credentials v1.16.14 // indirect
+ github.com/aws/aws-sdk-go-v2/credentials v1.16.15 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 // indirect
golang.org/x/net v0.19.0 // indirect
diff --git a/service/transfer/CHANGELOG.md b/service/transfer/CHANGELOG.md
index c9b2442d89a..329753ba990 100644
--- a/service/transfer/CHANGELOG.md
+++ b/service/transfer/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.40.0 (2024-01-12)
+
+* **Feature**: AWS Transfer Family now supports static IP addresses for SFTP & AS2 connectors and for async MDNs on AS2 servers.
+
# v1.39.6 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/transfer/deserializers.go b/service/transfer/deserializers.go
index 670bd6ed26a..ce2f960c2da 100644
--- a/service/transfer/deserializers.go
+++ b/service/transfer/deserializers.go
@@ -8250,6 +8250,11 @@ func awsAwsjson11_deserializeDocumentDescribedConnector(v **types.DescribedConne
sv.LoggingRole = ptr.String(jtv)
}
+ case "ServiceManagedEgressIpAddresses":
+ if err := awsAwsjson11_deserializeDocumentServiceManagedEgressIpAddresses(&sv.ServiceManagedEgressIpAddresses, value); err != nil {
+ return err
+ }
+
case "SftpConfig":
if err := awsAwsjson11_deserializeDocumentSftpConnectorConfig(&sv.SftpConfig, value); err != nil {
return err
@@ -8635,6 +8640,11 @@ func awsAwsjson11_deserializeDocumentDescribedServer(v **types.DescribedServer,
sv.Arn = ptr.String(jtv)
}
+ case "As2ServiceManagedEgressIpAddresses":
+ if err := awsAwsjson11_deserializeDocumentServiceManagedEgressIpAddresses(&sv.As2ServiceManagedEgressIpAddresses, value); err != nil {
+ return err
+ }
+
case "Certificate":
if value != nil {
jtv, ok := value.(string)
@@ -11564,6 +11574,42 @@ func awsAwsjson11_deserializeDocumentSecurityPolicyOptions(v *[]string, value in
return nil
}
+func awsAwsjson11_deserializeDocumentServiceManagedEgressIpAddresses(v *[]string, value interface{}) error {
+ if v == nil {
+ return fmt.Errorf("unexpected nil of type %T", v)
+ }
+ if value == nil {
+ return nil
+ }
+
+ shape, ok := value.([]interface{})
+ if !ok {
+ return fmt.Errorf("unexpected JSON type %v", value)
+ }
+
+ var cv []string
+ if *v == nil {
+ cv = []string{}
+ } else {
+ cv = *v
+ }
+
+ for _, value := range shape {
+ var col string
+ if value != nil {
+ jtv, ok := value.(string)
+ if !ok {
+ return fmt.Errorf("expected ServiceManagedEgressIpAddress to be of type string, got %T instead", value)
+ }
+ col = jtv
+ }
+ cv = append(cv, col)
+
+ }
+ *v = cv
+ return nil
+}
+
func awsAwsjson11_deserializeDocumentServiceMetadata(v **types.ServiceMetadata, value interface{}) error {
if v == nil {
return fmt.Errorf("unexpected nil of type %T", v)
diff --git a/service/transfer/go_module_metadata.go b/service/transfer/go_module_metadata.go
index 8ae112bb7f1..e6fc922d48c 100644
--- a/service/transfer/go_module_metadata.go
+++ b/service/transfer/go_module_metadata.go
@@ -3,4 +3,4 @@
package transfer
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.39.6"
+const goModuleVersion = "1.40.0"
diff --git a/service/transfer/types/types.go b/service/transfer/types/types.go
index 5449665fb29..6d2f4563d77 100644
--- a/service/transfer/types/types.go
+++ b/service/transfer/types/types.go
@@ -422,6 +422,10 @@ type DescribedConnector struct {
// set, you can view connector activity in your CloudWatch logs.
LoggingRole *string
+ // The list of egress IP addresses of this connector. These IP addresses are
+ // assigned automatically when you create the connector.
+ ServiceManagedEgressIpAddresses []string
+
// A structure that contains the parameters for an SFTP connector object.
SftpConfig *SftpConnectorConfig
@@ -584,6 +588,13 @@ type DescribedServer struct {
// This member is required.
Arn *string
+ // The list of egress IP addresses of this server. These IP addresses are only
+ // relevant for servers that use the AS2 protocol. They are used for sending
+ // asynchronous MDNs. These IP addresses are assigned automatically when you create
+ // an AS2 server. Additionally, if you update an existing server and add the AS2
+ // protocol, static IP addresses are assigned as well.
+ As2ServiceManagedEgressIpAddresses []string
+
// Specifies the ARN of the Amazon Web ServicesCertificate Manager (ACM)
// certificate. Required when Protocols is set to FTPS .
Certificate *string
@@ -1017,7 +1028,8 @@ type HomeDirectoryMapEntry struct {
// method of authentication.
type IdentityProviderDetails struct {
- // The identifier of the Directory Service directory that you want to stop sharing.
+ // The identifier of the Directory Service directory that you want to use as your
+ // identity provider.
DirectoryId *string
// The ARN for a Lambda function to use for the Identity provider.
diff --git a/service/wisdom/CHANGELOG.md b/service/wisdom/CHANGELOG.md
index b8ae18a7a59..bdb9efc4453 100644
--- a/service/wisdom/CHANGELOG.md
+++ b/service/wisdom/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.21.0 (2024-01-10)
+
+* **Feature**: QueryAssistant and GetRecommendations will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications.
+
# v1.20.6 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/wisdom/api_op_GetRecommendations.go b/service/wisdom/api_op_GetRecommendations.go
index 7147fb43a4c..64ab128951e 100644
--- a/service/wisdom/api_op_GetRecommendations.go
+++ b/service/wisdom/api_op_GetRecommendations.go
@@ -18,6 +18,11 @@ import (
// Short poll is the default behavior and only returns recommendations already
// available. To perform a manual query against an assistant, use QueryAssistant (https://docs.aws.amazon.com/wisdom/latest/APIReference/API_QueryAssistant.html)
// .
+//
+// Deprecated: GetRecommendations API will be discontinued starting June 1, 2024.
+// To receive generative responses after March 1, 2024 you will need to create a
+// new Assistant in the Connect console and integrate the Amazon Q in Connect
+// JavaScript library (amazon-q-connectjs) into your applications.
func (c *Client) GetRecommendations(ctx context.Context, params *GetRecommendationsInput, optFns ...func(*Options)) (*GetRecommendationsOutput, error) {
if params == nil {
params = &GetRecommendationsInput{}
diff --git a/service/wisdom/api_op_QueryAssistant.go b/service/wisdom/api_op_QueryAssistant.go
index be0b41f457b..31f9091560e 100644
--- a/service/wisdom/api_op_QueryAssistant.go
+++ b/service/wisdom/api_op_QueryAssistant.go
@@ -15,6 +15,11 @@ import (
// Performs a manual search against the specified assistant. To retrieve
// recommendations for an assistant, use GetRecommendations (https://docs.aws.amazon.com/wisdom/latest/APIReference/API_GetRecommendations.html)
// .
+//
+// Deprecated: QueryAssistant API will be discontinued starting June 1, 2024. To
+// receive generative responses after March 1, 2024 you will need to create a new
+// Assistant in the Connect console and integrate the Amazon Q in Connect
+// JavaScript library (amazon-q-connectjs) into your applications.
func (c *Client) QueryAssistant(ctx context.Context, params *QueryAssistantInput, optFns ...func(*Options)) (*QueryAssistantOutput, error) {
if params == nil {
params = &QueryAssistantInput{}
diff --git a/service/wisdom/go_module_metadata.go b/service/wisdom/go_module_metadata.go
index 23e90b3f23e..41fccec6af1 100644
--- a/service/wisdom/go_module_metadata.go
+++ b/service/wisdom/go_module_metadata.go
@@ -3,4 +3,4 @@
package wisdom
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.20.6"
+const goModuleVersion = "1.21.0"
diff --git a/service/workspaces/CHANGELOG.md b/service/workspaces/CHANGELOG.md
index 52f3e583c52..0c0f9a73ea4 100644
--- a/service/workspaces/CHANGELOG.md
+++ b/service/workspaces/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.35.8 (2024-01-11)
+
+* **Documentation**: Added AWS Workspaces RebootWorkspaces API - Extended Reboot documentation update
+
# v1.35.7 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
diff --git a/service/workspaces/api_op_CreateWorkspaces.go b/service/workspaces/api_op_CreateWorkspaces.go
index df9691052db..854ac776e3c 100644
--- a/service/workspaces/api_op_CreateWorkspaces.go
+++ b/service/workspaces/api_op_CreateWorkspaces.go
@@ -20,9 +20,6 @@ import (
// .
// - You don't need to specify the PCOIP protocol for Linux bundles because WSP
// is the default protocol for those bundles.
-// - Ensure you review your running mode to ensure you are using a running mode
-// that is optimal for your needs and budget. For more information on switching
-// running modes, see Can I switch between hourly and monthly billing? (https://aws.amazon.com/workspaces/faqs/#:~:text=Q%3A%20Can%20I%20switch%20between%20hourly%20and%20monthly%20billing%3F)
func (c *Client) CreateWorkspaces(ctx context.Context, params *CreateWorkspacesInput, optFns ...func(*Options)) (*CreateWorkspacesOutput, error) {
if params == nil {
params = &CreateWorkspacesInput{}
diff --git a/service/workspaces/api_op_RebootWorkspaces.go b/service/workspaces/api_op_RebootWorkspaces.go
index 09338d7497b..dc1f862b4fc 100644
--- a/service/workspaces/api_op_RebootWorkspaces.go
+++ b/service/workspaces/api_op_RebootWorkspaces.go
@@ -13,8 +13,10 @@ import (
)
// Reboots the specified WorkSpaces. You cannot reboot a WorkSpace unless its
-// state is AVAILABLE or UNHEALTHY . This operation is asynchronous and returns
-// before the WorkSpaces have rebooted.
+// state is AVAILABLE , UNHEALTHY , or REBOOTING . Reboot a WorkSpace in the
+// REBOOTING state only if your WorkSpace has been stuck in the REBOOTING state
+// for over 20 minutes. This operation is asynchronous and returns before the
+// WorkSpaces have rebooted.
func (c *Client) RebootWorkspaces(ctx context.Context, params *RebootWorkspacesInput, optFns ...func(*Options)) (*RebootWorkspacesOutput, error) {
if params == nil {
params = &RebootWorkspacesInput{}
diff --git a/service/workspaces/go_module_metadata.go b/service/workspaces/go_module_metadata.go
index 14a18c19da4..021526b1e48 100644
--- a/service/workspaces/go_module_metadata.go
+++ b/service/workspaces/go_module_metadata.go
@@ -3,4 +3,4 @@
package workspaces
// goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.35.7"
+const goModuleVersion = "1.35.8"
diff --git a/service/workspaces/types/types.go b/service/workspaces/types/types.go
index 73f4f793c20..906088e0899 100644
--- a/service/workspaces/types/types.go
+++ b/service/workspaces/types/types.go
@@ -1269,13 +1269,9 @@ type WorkspaceProperties struct {
RootVolumeSizeGib *int32
// The running mode. For more information, see Manage the WorkSpace Running Mode (https://docs.aws.amazon.com/workspaces/latest/adminguide/running-mode.html)
- // .
- // - The MANUAL value is only supported by Amazon WorkSpaces Core. Contact your
- // account team to be allow-listed to use this value. For more information, see
- // Amazon WorkSpaces Core (http://aws.amazon.com/workspaces/core/) .
- // - Ensure you review your running mode to ensure you are using a running mode
- // that is optimal for your needs and budget. For more information on switching
- // running modes, see Can I switch between hourly and monthly billing? (https://aws.amazon.com/workspaces/faqs/#:~:text=Q%3A%20Can%20I%20switch%20between%20hourly%20and%20monthly%20billing%3F)
+ // . The MANUAL value is only supported by Amazon WorkSpaces Core. Contact your
+ // account team to be allow-listed to use this value. For more information, see
+ // Amazon WorkSpaces Core (http://aws.amazon.com/workspaces/core/) .
RunningMode RunningMode
// The time after a user logs off when WorkSpaces are automatically stopped.