diff --git a/.changelog/1a534e045e204b3e8d29c7a580ae83cb.json b/.changelog/1a534e045e204b3e8d29c7a580ae83cb.json new file mode 100644 index 00000000000..0569e0a0799 --- /dev/null +++ b/.changelog/1a534e045e204b3e8d29c7a580ae83cb.json @@ -0,0 +1,8 @@ +{ + "id": "1a534e04-5e20-4b3e-8d29-c7a580ae83cb", + "type": "documentation", + "description": "Documentation update for API description.", + "modules": [ + "service/guardduty" + ] +} \ No newline at end of file diff --git a/.changelog/27db8b0ebb644ca9a653603aa631ee3a.json b/.changelog/27db8b0ebb644ca9a653603aa631ee3a.json new file mode 100644 index 00000000000..715179fcd3d --- /dev/null +++ b/.changelog/27db8b0ebb644ca9a653603aa631ee3a.json @@ -0,0 +1,8 @@ +{ + "id": "27db8b0e-bb64-4ca9-a653-603aa631ee3a", + "type": "documentation", + "description": "This release adds documentation updates for Audit Manager. We provided examples of how to use the Custom_ prefix for the keywordValue attribute. We also provided more details about the DeleteAssessmentReport operation.", + "modules": [ + "service/auditmanager" + ] +} \ No newline at end of file diff --git a/.changelog/4c92fc09f1c641349c382117188b6007.json b/.changelog/4c92fc09f1c641349c382117188b6007.json new file mode 100644 index 00000000000..5030950b91a --- /dev/null +++ b/.changelog/4c92fc09f1c641349c382117188b6007.json @@ -0,0 +1,8 @@ +{ + "id": "4c92fc09-f1c6-4134-9c38-2117188b6007", + "type": "feature", + "description": "AWS Network Firewall adds support for stateful threat signature AWS managed rule groups.", + "modules": [ + "service/networkfirewall" + ] +} \ No newline at end of file diff --git a/.changelog/5dee2dafaa524f8e9d9e11b7d1d7124a.json b/.changelog/5dee2dafaa524f8e9d9e11b7d1d7124a.json new file mode 100644 index 00000000000..c0afd6d8581 --- /dev/null +++ b/.changelog/5dee2dafaa524f8e9d9e11b7d1d7124a.json @@ -0,0 +1,8 @@ +{ + "id": "5dee2daf-aa52-4f8e-9d9e-11b7d1d7124a", + "type": "feature", + "description": "This release adds support to query the public key and creation date of EC2 Key Pairs. Additionally, the format (pem or ppk) of a key pair can be specified when creating a new key pair.", + "modules": [ + "service/ec2" + ] +} \ No newline at end of file diff --git a/.changelog/dc6291da41f44c51b103c7b90ed347a8.json b/.changelog/dc6291da41f44c51b103c7b90ed347a8.json new file mode 100644 index 00000000000..81c67bc877d --- /dev/null +++ b/.changelog/dc6291da41f44c51b103c7b90ed347a8.json @@ -0,0 +1,8 @@ +{ + "id": "dc6291da-41f4-4c51-b103-c7b90ed347a8", + "type": "feature", + "description": "This release introduces an API for changing the current agent status of a user in Connect.", + "modules": [ + "service/connect" + ] +} \ No newline at end of file diff --git a/.changelog/e1b9d271d7b44d1d987666fefa146e35.json b/.changelog/e1b9d271d7b44d1d987666fefa146e35.json new file mode 100644 index 00000000000..6b2d3b48252 --- /dev/null +++ b/.changelog/e1b9d271d7b44d1d987666fefa146e35.json @@ -0,0 +1,8 @@ +{ + "id": "e1b9d271-d7b4-4d1d-9876-66fefa146e35", + "type": "feature", + "description": "This release enables Braket Hybrid Jobs with Embedded Simulators to have multiple instances.", + "modules": [ + "service/braket" + ] +} \ No newline at end of file diff --git a/service/auditmanager/api_op_DeleteAssessmentReport.go b/service/auditmanager/api_op_DeleteAssessmentReport.go index c5d672412d4..1dd128f7b83 100644 --- a/service/auditmanager/api_op_DeleteAssessmentReport.go +++ b/service/auditmanager/api_op_DeleteAssessmentReport.go @@ -10,7 +10,31 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Deletes an assessment report from an assessment in Audit Manager. +// Deletes an assessment report in Audit Manager. When you run the +// DeleteAssessmentReport operation, Audit Manager attempts to delete the following +// data: +// +// * The specified assessment report that’s stored in your S3 bucket +// +// * The +// associated metadata that’s stored in Audit Manager +// +// If Audit Manager can’t +// access the assessment report in your S3 bucket, the report isn’t deleted. In +// this event, the DeleteAssessmentReport operation doesn’t fail. Instead, it +// proceeds to delete the associated metadata only. You must then delete the +// assessment report from the S3 bucket yourself. This scenario happens when Audit +// Manager receives a 403 (Forbidden) or 404 (Not Found) error from Amazon S3. To +// avoid this, make sure that your S3 bucket is available, and that you configured +// the correct permissions for Audit Manager to delete resources in your S3 bucket. +// For an example permissions policy that you can use, see Assessment report +// destination permissions +// (https://docs.aws.amazon.com/audit-manager/latest/userguide/security_iam_id-based-policy-examples.html#full-administrator-access-assessment-report-destination) +// in the Audit Manager User Guide. For information about the issues that could +// cause a 403 (Forbidden) or 404 (Not Found) error from Amazon S3, see List of +// Error Codes +// (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) +// in the Amazon Simple Storage Service API Reference. func (c *Client) DeleteAssessmentReport(ctx context.Context, params *DeleteAssessmentReportInput, optFns ...func(*Options)) (*DeleteAssessmentReportOutput, error) { if params == nil { params = &DeleteAssessmentReportInput{} diff --git a/service/auditmanager/types/types.go b/service/auditmanager/types/types.go index d214323c384..c90297c4759 100644 --- a/service/auditmanager/types/types.go +++ b/service/auditmanager/types/types.go @@ -1291,12 +1291,51 @@ type Settings struct { // and Amazon Web Services API names. type SourceKeyword struct { - // The method of input for the keyword. + // The input method for the keyword. KeywordInputType KeywordInputType - // The value of the keyword that's used to search CloudTrail logs, Config rules, - // Security Hub checks, and Amazon Web Services API names when mapping a control - // data source. + // The value of the keyword that's used when mapping a control data source. For + // example, this can be a CloudTrail event name, a rule name for Config, a Security + // Hub control, or the name of an Amazon Web Services API call. If you’re mapping a + // data source to a rule in Config, the keywordValue that you specify depends on + // the type of rule: + // + // * For managed rules + // (https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html), + // you can use the rule identifier as the keywordValue. You can find the rule + // identifier from the list of Config managed rules + // (https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html). + // + // * + // Managed rule name: s3-bucket-acl-prohibited + // (https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-acl-prohibited.html)keywordValue: + // S3_BUCKET_ACL_PROHIBITED + // + // * For custom rules + // (https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html), + // you form the keywordValue by adding the Custom_ prefix to the rule name. This + // prefix distinguishes the rule from a managed rule. + // + // * Custom rule name: + // my-custom-config-rule keywordValue: Custom_my-custom-config-rule + // + // * For + // service-linked rules + // (https://docs.aws.amazon.com/config/latest/developerguide/service-linked-awsconfig-rules.html), + // you form the keywordValue by adding the Custom_ prefix to the rule name. In + // addition, you remove the suffix ID that appears at the end of the rule name. + // + // * + // Service-linked rule name: CustomRuleForAccount-conformance-pack-szsm1uv0w + // keywordValue: Custom_CustomRuleForAccount-conformance-pack + // + // * Service-linked + // rule name: securityhub-api-gw-cache-encrypted-101104e1 keywordValue: + // Custom_securityhub-api-gw-cache-encrypted + // + // * Service-linked rule name: + // OrgConfigRule-s3-bucket-versioning-enabled-dbgzf8ba keywordValue: + // Custom_OrgConfigRule-s3-bucket-versioning-enabled KeywordValue *string noSmithyDocumentSerde diff --git a/service/braket/api_op_GetDevice.go b/service/braket/api_op_GetDevice.go index 4e2f3eb4c9b..4e2c77231ef 100644 --- a/service/braket/api_op_GetDevice.go +++ b/service/braket/api_op_GetDevice.go @@ -11,7 +11,15 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Retrieves the devices available in Amazon Braket. +// Retrieves the devices available in Amazon Braket. For backwards compatibility +// with older versions of BraketSchemas, OpenQASM information is omitted from +// GetDevice API calls. To get this information the user-agent needs to present a +// recent version of the BraketSchemas (1.8.0 or later). The Braket SDK +// automatically reports this for you. If you do not see OpenQASM results in the +// GetDevice response when using a Braket SDK, you may need to set +// AWS_EXECUTION_ENV environment variable to configure user-agent. See the code +// examples provided below for how to do this for the AWS CLI, Boto3, and the Go, +// Java, and JavaScript/TypeScript SDKs. func (c *Client) GetDevice(ctx context.Context, params *GetDeviceInput, optFns ...func(*Options)) (*GetDeviceOutput, error) { if params == nil { params = &GetDeviceInput{} diff --git a/service/braket/deserializers.go b/service/braket/deserializers.go index 9bb9a8515dc..31607b302b6 100644 --- a/service/braket/deserializers.go +++ b/service/braket/deserializers.go @@ -3209,6 +3209,19 @@ func awsRestjson1_deserializeDocumentInstanceConfig(v **types.InstanceConfig, va for key, value := range shape { switch key { + case "instanceCount": + if value != nil { + jtv, ok := value.(json.Number) + if !ok { + return fmt.Errorf("expected Integer to be json.Number, got %T instead", value) + } + i64, err := jtv.Int64() + if err != nil { + return err + } + sv.InstanceCount = ptr.Int32(int32(i64)) + } + case "instanceType": if value != nil { jtv, ok := value.(string) diff --git a/service/braket/doc.go b/service/braket/doc.go index 3f1abd30006..0436d253703 100644 --- a/service/braket/doc.go +++ b/service/braket/doc.go @@ -4,5 +4,9 @@ // Braket. // // The Amazon Braket API Reference provides information about the operations and -// structures supported in Amazon Braket. +// structures supported in Amazon Braket. Additional Resources: +// +// * Amazon Braket +// Developer Guide +// (https://docs.aws.amazon.com/braket/latest/developerguide/what-is-braket.html) package braket diff --git a/service/braket/serializers.go b/service/braket/serializers.go index 6ce98b1d6bf..ccc467fc09c 100644 --- a/service/braket/serializers.go +++ b/service/braket/serializers.go @@ -1134,6 +1134,11 @@ func awsRestjson1_serializeDocumentInstanceConfig(v *types.InstanceConfig, value object := value.Object() defer object.Close() + if v.InstanceCount != nil { + ok := object.Key("instanceCount") + ok.Integer(*v.InstanceCount) + } + if len(v.InstanceType) > 0 { ok := object.Key("instanceType") ok.String(string(v.InstanceType)) diff --git a/service/braket/types/types.go b/service/braket/types/types.go index ef8f5f529fc..183fc75012e 100644 --- a/service/braket/types/types.go +++ b/service/braket/types/types.go @@ -121,6 +121,10 @@ type InstanceConfig struct { // This member is required. VolumeSizeInGb *int32 + // Configures the number of resource instances to use while running an Amazon + // Braket job on Amazon Braket. The default value is 1. + InstanceCount *int32 + noSmithyDocumentSerde } diff --git a/service/connect/api_op_PutUserStatus.go b/service/connect/api_op_PutUserStatus.go new file mode 100644 index 00000000000..58da8c7bcaf --- /dev/null +++ b/service/connect/api_op_PutUserStatus.go @@ -0,0 +1,133 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package connect + +import ( + "context" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Changes the current status of a user or agent in Amazon Connect. If the agent is +// currently handling a contact, this sets the agent's next status. For more +// information, see Agent status +// (https://docs.aws.amazon.com/connect/latest/adminguide/metrics-agent-status.html) +// and Set your next status +// (https://docs.aws.amazon.com/connect/latest/adminguide/set-next-status.html) in +// the Amazon Connect Administrator Guide. +func (c *Client) PutUserStatus(ctx context.Context, params *PutUserStatusInput, optFns ...func(*Options)) (*PutUserStatusOutput, error) { + if params == nil { + params = &PutUserStatusInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "PutUserStatus", params, optFns, c.addOperationPutUserStatusMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*PutUserStatusOutput) + out.ResultMetadata = metadata + return out, nil +} + +type PutUserStatusInput struct { + + // The identifier of the agent status. + // + // This member is required. + AgentStatusId *string + + // The identifier of the Amazon Connect instance. You can find the instanceId in + // the ARN of the instance. + // + // This member is required. + InstanceId *string + + // The identifier of the user. + // + // This member is required. + UserId *string + + noSmithyDocumentSerde +} + +type PutUserStatusOutput struct { + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationPutUserStatusMiddlewares(stack *middleware.Stack, options Options) (err error) { + err = stack.Serialize.Add(&awsRestjson1_serializeOpPutUserStatus{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestjson1_deserializeOpPutUserStatus{}, middleware.After) + if err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + return err + } + if err = addRetryMiddlewares(stack, options); err != nil { + return err + } + if err = addHTTPSignerV4Middleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + return err + } + if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addOpPutUserStatusValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opPutUserStatus(options.Region), middleware.Before); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + return nil +} + +func newServiceMetadataMiddleware_opPutUserStatus(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + SigningName: "connect", + OperationName: "PutUserStatus", + } +} diff --git a/service/connect/deserializers.go b/service/connect/deserializers.go index 1789e1d83df..eaa64470823 100644 --- a/service/connect/deserializers.go +++ b/service/connect/deserializers.go @@ -14167,6 +14167,104 @@ func awsRestjson1_deserializeOpDocumentListUsersOutput(v **ListUsersOutput, valu return nil } +type awsRestjson1_deserializeOpPutUserStatus struct { +} + +func (*awsRestjson1_deserializeOpPutUserStatus) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestjson1_deserializeOpPutUserStatus) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestjson1_deserializeOpErrorPutUserStatus(response, &metadata) + } + output := &PutUserStatusOutput{} + out.Result = output + + return out, metadata, err +} + +func awsRestjson1_deserializeOpErrorPutUserStatus(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + code := response.Header.Get("X-Amzn-ErrorType") + if len(code) != 0 { + errorCode = restjson.SanitizeErrorCode(code) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + code, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(code) != 0 { + errorCode = restjson.SanitizeErrorCode(code) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("InternalServiceException", errorCode): + return awsRestjson1_deserializeErrorInternalServiceException(response, errorBody) + + case strings.EqualFold("InvalidParameterException", errorCode): + return awsRestjson1_deserializeErrorInvalidParameterException(response, errorBody) + + case strings.EqualFold("InvalidRequestException", errorCode): + return awsRestjson1_deserializeErrorInvalidRequestException(response, errorBody) + + case strings.EqualFold("ResourceNotFoundException", errorCode): + return awsRestjson1_deserializeErrorResourceNotFoundException(response, errorBody) + + case strings.EqualFold("ThrottlingException", errorCode): + return awsRestjson1_deserializeErrorThrottlingException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + type awsRestjson1_deserializeOpReleasePhoneNumber struct { } diff --git a/service/connect/generated.json b/service/connect/generated.json index 7c7bcca76ec..478a0996bf6 100644 --- a/service/connect/generated.json +++ b/service/connect/generated.json @@ -103,6 +103,7 @@ "api_op_ListUseCases.go", "api_op_ListUserHierarchyGroups.go", "api_op_ListUsers.go", + "api_op_PutUserStatus.go", "api_op_ReleasePhoneNumber.go", "api_op_ResumeContactRecording.go", "api_op_SearchAvailablePhoneNumbers.go", diff --git a/service/connect/serializers.go b/service/connect/serializers.go index 2df0e24f3d1..425cc136df6 100644 --- a/service/connect/serializers.go +++ b/service/connect/serializers.go @@ -7354,6 +7354,96 @@ func awsRestjson1_serializeOpHttpBindingsListUsersInput(v *ListUsersInput, encod return nil } +type awsRestjson1_serializeOpPutUserStatus struct { +} + +func (*awsRestjson1_serializeOpPutUserStatus) ID() string { + return "OperationSerializer" +} + +func (m *awsRestjson1_serializeOpPutUserStatus) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*PutUserStatusInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/users/{InstanceId}/{UserId}/status") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "PUT" + restEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if err := awsRestjson1_serializeOpHttpBindingsPutUserStatusInput(input, restEncoder); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + restEncoder.SetHeader("Content-Type").String("application/json") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsRestjson1_serializeOpDocumentPutUserStatusInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestjson1_serializeOpHttpBindingsPutUserStatusInput(v *PutUserStatusInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + if v.InstanceId == nil || len(*v.InstanceId) == 0 { + return &smithy.SerializationError{Err: fmt.Errorf("input member InstanceId must not be empty")} + } + if v.InstanceId != nil { + if err := encoder.SetURI("InstanceId").String(*v.InstanceId); err != nil { + return err + } + } + + if v.UserId == nil || len(*v.UserId) == 0 { + return &smithy.SerializationError{Err: fmt.Errorf("input member UserId must not be empty")} + } + if v.UserId != nil { + if err := encoder.SetURI("UserId").String(*v.UserId); err != nil { + return err + } + } + + return nil +} + +func awsRestjson1_serializeOpDocumentPutUserStatusInput(v *PutUserStatusInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.AgentStatusId != nil { + ok := object.Key("AgentStatusId") + ok.String(*v.AgentStatusId) + } + + return nil +} + type awsRestjson1_serializeOpReleasePhoneNumber struct { } diff --git a/service/connect/validators.go b/service/connect/validators.go index c3fcaf04021..834d6c14066 100644 --- a/service/connect/validators.go +++ b/service/connect/validators.go @@ -1870,6 +1870,26 @@ func (m *validateOpListUsers) HandleInitialize(ctx context.Context, in middlewar return next.HandleInitialize(ctx, in) } +type validateOpPutUserStatus struct { +} + +func (*validateOpPutUserStatus) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpPutUserStatus) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*PutUserStatusInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpPutUserStatusInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + type validateOpReleasePhoneNumber struct { } @@ -3182,6 +3202,10 @@ func addOpListUsersValidationMiddleware(stack *middleware.Stack) error { return stack.Initialize.Add(&validateOpListUsers{}, middleware.After) } +func addOpPutUserStatusValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpPutUserStatus{}, middleware.After) +} + func addOpReleasePhoneNumberValidationMiddleware(stack *middleware.Stack) error { return stack.Initialize.Add(&validateOpReleasePhoneNumber{}, middleware.After) } @@ -5619,6 +5643,27 @@ func validateOpListUsersInput(v *ListUsersInput) error { } } +func validateOpPutUserStatusInput(v *PutUserStatusInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "PutUserStatusInput"} + if v.UserId == nil { + invalidParams.Add(smithy.NewErrParamRequired("UserId")) + } + if v.InstanceId == nil { + invalidParams.Add(smithy.NewErrParamRequired("InstanceId")) + } + if v.AgentStatusId == nil { + invalidParams.Add(smithy.NewErrParamRequired("AgentStatusId")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + func validateOpReleasePhoneNumberInput(v *ReleasePhoneNumberInput) error { if v == nil { return nil diff --git a/service/ec2/api_op_CreateKeyPair.go b/service/ec2/api_op_CreateKeyPair.go index 41812c6d004..2ce74cb7db1 100644 --- a/service/ec2/api_op_CreateKeyPair.go +++ b/service/ec2/api_op_CreateKeyPair.go @@ -11,15 +11,16 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Creates an ED25519 or 2048-bit RSA key pair with the specified name. Amazon EC2 -// stores the public key and displays the private key for you to save to a file. -// The private key is returned as an unencrypted PEM encoded PKCS#1 private key. If -// a key with the specified name already exists, Amazon EC2 returns an error. The -// key pair returned to you is available only in the Amazon Web Services Region in -// which you create it. If you prefer, you can create your own key pair using a -// third-party tool and upload it to any Region using ImportKeyPair. You can have -// up to 5,000 key pairs per Amazon Web Services Region. For more information, see -// Amazon EC2 key pairs +// Creates an ED25519 or 2048-bit RSA key pair with the specified name and in the +// specified PEM or PPK format. Amazon EC2 stores the public key and displays the +// private key for you to save to a file. The private key is returned as an +// unencrypted PEM encoded PKCS#1 private key or an unencrypted PPK formatted +// private key for use with PuTTY. If a key with the specified name already exists, +// Amazon EC2 returns an error. The key pair returned to you is available only in +// the Amazon Web Services Region in which you create it. If you prefer, you can +// create your own key pair using a third-party tool and upload it to any Region +// using ImportKeyPair. You can have up to 5,000 key pairs per Amazon Web Services +// Region. For more information, see Amazon EC2 key pairs // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) in the // Amazon Elastic Compute Cloud User Guide. func (c *Client) CreateKeyPair(ctx context.Context, params *CreateKeyPairInput, optFns ...func(*Options)) (*CreateKeyPairOutput, error) { @@ -50,6 +51,9 @@ type CreateKeyPairInput struct { // UnauthorizedOperation. DryRun *bool + // The format of the key pair. Default: pem + KeyFormat types.KeyFormat + // The type of key pair. Note that ED25519 keys are not supported for Windows // instances. Default: rsa KeyType types.KeyType diff --git a/service/ec2/api_op_DescribeKeyPairs.go b/service/ec2/api_op_DescribeKeyPairs.go index b365118aa91..bd847cbdcfd 100644 --- a/service/ec2/api_op_DescribeKeyPairs.go +++ b/service/ec2/api_op_DescribeKeyPairs.go @@ -66,6 +66,9 @@ type DescribeKeyPairsInput struct { // specify tag:Owner for the filter name and TeamA for the filter value. Filters []types.Filter + // If true, the public key material is included in the response. Default: false + IncludePublicKey *bool + // The key pair names. Default: Describes all of your key pairs. KeyNames []string diff --git a/service/ec2/deserializers.go b/service/ec2/deserializers.go index df95ccbe4c8..c39d730ed70 100644 --- a/service/ec2/deserializers.go +++ b/service/ec2/deserializers.go @@ -79649,6 +79649,23 @@ func awsEc2query_deserializeDocumentKeyPairInfo(v **types.KeyPairInfo, decoder s originalDecoder := decoder decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) switch { + case strings.EqualFold("createTime", t.Name.Local): + val, err := decoder.Value() + if err != nil { + return err + } + if val == nil { + break + } + { + xtv := string(val) + t, err := smithytime.ParseDateTime(xtv) + if err != nil { + return err + } + sv.CreateTime = ptr.Time(t) + } + case strings.EqualFold("keyFingerprint", t.Name.Local): val, err := decoder.Value() if err != nil { @@ -79701,6 +79718,19 @@ func awsEc2query_deserializeDocumentKeyPairInfo(v **types.KeyPairInfo, decoder s sv.KeyType = types.KeyType(xtv) } + case strings.EqualFold("publicKey", t.Name.Local): + val, err := decoder.Value() + if err != nil { + return err + } + if val == nil { + break + } + { + xtv := string(val) + sv.PublicKey = ptr.String(xtv) + } + case strings.EqualFold("tagSet", t.Name.Local): nodeDecoder := smithyxml.WrapNodeDecoder(decoder.Decoder, t) if err := awsEc2query_deserializeDocumentTagList(&sv.Tags, nodeDecoder); err != nil { diff --git a/service/ec2/serializers.go b/service/ec2/serializers.go index dc74d142b22..55e74dc0c09 100644 --- a/service/ec2/serializers.go +++ b/service/ec2/serializers.go @@ -44517,6 +44517,11 @@ func awsEc2query_serializeOpDocumentCreateKeyPairInput(v *CreateKeyPairInput, va objectKey.Boolean(*v.DryRun) } + if len(v.KeyFormat) > 0 { + objectKey := object.Key("KeyFormat") + objectKey.String(string(v.KeyFormat)) + } + if v.KeyName != nil { objectKey := object.Key("KeyName") objectKey.String(*v.KeyName) @@ -49653,6 +49658,11 @@ func awsEc2query_serializeOpDocumentDescribeKeyPairsInput(v *DescribeKeyPairsInp } } + if v.IncludePublicKey != nil { + objectKey := object.Key("IncludePublicKey") + objectKey.Boolean(*v.IncludePublicKey) + } + if v.KeyNames != nil { objectKey := object.FlatKey("KeyName") if err := awsEc2query_serializeDocumentKeyNameStringList(v.KeyNames, objectKey); err != nil { diff --git a/service/ec2/types/enums.go b/service/ec2/types/enums.go index 3db62b23b59..8901e7d3d4f 100644 --- a/service/ec2/types/enums.go +++ b/service/ec2/types/enums.go @@ -3976,6 +3976,24 @@ func (Ipv6SupportValue) Values() []Ipv6SupportValue { } } +type KeyFormat string + +// Enum values for KeyFormat +const ( + KeyFormatPem KeyFormat = "pem" + KeyFormatPpk KeyFormat = "ppk" +) + +// Values returns all known values for KeyFormat. Note that this can be expanded in +// the future, and so it is only as up to date as the client. The ordering of this +// slice is not guaranteed to be stable across updates. +func (KeyFormat) Values() []KeyFormat { + return []KeyFormat{ + "pem", + "ppk", + } +} + type KeyType string // Enum values for KeyType diff --git a/service/ec2/types/types.go b/service/ec2/types/types.go index cece986d8c9..2b5d95ce7da 100644 --- a/service/ec2/types/types.go +++ b/service/ec2/types/types.go @@ -7190,6 +7190,14 @@ type Ipv6Range struct { // Describes a key pair. type KeyPairInfo struct { + // If you used Amazon EC2 to create the key pair, this is the date and time when + // the key was created, in ISO 8601 date-time format + // (https://www.iso.org/iso-8601-date-and-time-format.html), in the UTC time zone. + // If you imported an existing key pair to Amazon EC2, this is the date and time + // the key was imported, in ISO 8601 date-time format + // (https://www.iso.org/iso-8601-date-and-time-format.html), in the UTC time zone. + CreateTime *time.Time + // If you used CreateKeyPair to create the key pair: // // * For RSA key pairs, the key @@ -7221,6 +7229,9 @@ type KeyPairInfo struct { // The type of key pair. KeyType KeyType + // The public key material. + PublicKey *string + // Any tags applied to the key pair. Tags []Tag diff --git a/service/guardduty/api_op_CreateFilter.go b/service/guardduty/api_op_CreateFilter.go index 0322fc95f7f..4e5ff19a844 100644 --- a/service/guardduty/api_op_CreateFilter.go +++ b/service/guardduty/api_op_CreateFilter.go @@ -113,6 +113,9 @@ type CreateFilterInput struct { // service.action.awsApiCallAction.errorCode // // * + // service.action.awsApiCallAction.userAgent + // + // * // service.action.awsApiCallAction.remoteIpDetails.city.cityName // // * diff --git a/service/guardduty/api_op_DisassociateMembers.go b/service/guardduty/api_op_DisassociateMembers.go index 8f735f8e288..bc32fa46875 100644 --- a/service/guardduty/api_op_DisassociateMembers.go +++ b/service/guardduty/api_op_DisassociateMembers.go @@ -12,7 +12,10 @@ import ( ) // Disassociates GuardDuty member accounts (to the current GuardDuty administrator -// account) specified by the account IDs. +// account) specified by the account IDs. Member accounts added through Invitation +// (https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_invitations.html) get +// deleted from the current GuardDuty administrator account after 30 days of +// disassociation. func (c *Client) DisassociateMembers(ctx context.Context, params *DisassociateMembersInput, optFns ...func(*Options)) (*DisassociateMembersOutput, error) { if params == nil { params = &DisassociateMembersInput{} diff --git a/service/guardduty/types/types.go b/service/guardduty/types/types.go index 50b19a0699a..10f107d46d6 100644 --- a/service/guardduty/types/types.go +++ b/service/guardduty/types/types.go @@ -127,6 +127,7 @@ type AwsApiCallAction struct { // The Amazon Web Services service name whose API was invoked. ServiceName *string + // The agent through which the API request was made. UserAgent *string noSmithyDocumentSerde diff --git a/service/networkfirewall/api_op_CreateRuleGroup.go b/service/networkfirewall/api_op_CreateRuleGroup.go index a7a30f557c7..a03da3ee403 100644 --- a/service/networkfirewall/api_op_CreateRuleGroup.go +++ b/service/networkfirewall/api_op_CreateRuleGroup.go @@ -110,6 +110,11 @@ type CreateRuleGroupInput struct { // Network Firewall has populated from your string. Rules *string + // A complex type that contains metadata about the rule group that your own rule + // group is copied from. You can use the metadata to keep track of updates made to + // the originating rule group. + SourceMetadata *types.SourceMetadata + // The key:value pairs to associate with the resource. Tags []types.Tag diff --git a/service/networkfirewall/api_op_DescribeRuleGroupMetadata.go b/service/networkfirewall/api_op_DescribeRuleGroupMetadata.go index 85210ae750e..a9c5f3b8563 100644 --- a/service/networkfirewall/api_op_DescribeRuleGroupMetadata.go +++ b/service/networkfirewall/api_op_DescribeRuleGroupMetadata.go @@ -9,6 +9,7 @@ import ( "github.com/aws/aws-sdk-go-v2/service/networkfirewall/types" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" + "time" ) // High-level information about a rule group, returned by operations like create @@ -78,6 +79,9 @@ type DescribeRuleGroupMetadataOutput struct { // Returns the metadata objects for the specified rule group. Description *string + // The last time that the rule group was changed. + LastModifiedTime *time.Time + // Additional options governing how Network Firewall handles the rule group. You // can only use these for stateful rule groups. StatefulRuleOptions *types.StatefulRuleOptions diff --git a/service/networkfirewall/api_op_ListRuleGroups.go b/service/networkfirewall/api_op_ListRuleGroups.go index 8fc1896500f..e620b3a585b 100644 --- a/service/networkfirewall/api_op_ListRuleGroups.go +++ b/service/networkfirewall/api_op_ListRuleGroups.go @@ -32,6 +32,9 @@ func (c *Client) ListRuleGroups(ctx context.Context, params *ListRuleGroupsInput type ListRuleGroupsInput struct { + // Indicates the general category of the Amazon Web Services managed rule group. + ManagedType types.ResourceManagedType + // The maximum number of objects that you want Network Firewall to return for this // request. If more objects are available, in the response, Network Firewall // provides a NextToken value that you can use in a subsequent call to get the next @@ -50,6 +53,11 @@ type ListRuleGroupsInput struct { // available managed rule groups. Scope types.ResourceManagedStatus + // Indicates whether the rule group is stateless or stateful. If the rule group is + // stateless, it contains stateless rules. If it is stateful, it contains stateful + // rules. + Type types.RuleGroupType + noSmithyDocumentSerde } diff --git a/service/networkfirewall/api_op_UpdateFirewallEncryptionConfiguration.go b/service/networkfirewall/api_op_UpdateFirewallEncryptionConfiguration.go index 579b055d989..3b8e7f69aa0 100644 --- a/service/networkfirewall/api_op_UpdateFirewallEncryptionConfiguration.go +++ b/service/networkfirewall/api_op_UpdateFirewallEncryptionConfiguration.go @@ -149,6 +149,9 @@ func (c *Client) addOperationUpdateFirewallEncryptionConfigurationMiddlewares(st if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } + if err = addOpUpdateFirewallEncryptionConfigurationValidationMiddleware(stack); err != nil { + return err + } if err = stack.Initialize.Add(newServiceMetadataMiddleware_opUpdateFirewallEncryptionConfiguration(options.Region), middleware.Before); err != nil { return err } diff --git a/service/networkfirewall/api_op_UpdateRuleGroup.go b/service/networkfirewall/api_op_UpdateRuleGroup.go index ce65e2985fe..ef519a92157 100644 --- a/service/networkfirewall/api_op_UpdateRuleGroup.go +++ b/service/networkfirewall/api_op_UpdateRuleGroup.go @@ -85,6 +85,11 @@ type UpdateRuleGroupInput struct { // Network Firewall has populated from your string. Rules *string + // A complex type that contains metadata about the rule group that your own rule + // group is copied from. You can use the metadata to keep track of updates made to + // the originating rule group. + SourceMetadata *types.SourceMetadata + // Indicates whether the rule group is stateless or stateful. If the rule group is // stateless, it contains stateless rules. If it is stateful, it contains stateful // rules. This setting is required for requests that do not include the diff --git a/service/networkfirewall/deserializers.go b/service/networkfirewall/deserializers.go index e5b795db30c..aa52b9e190a 100644 --- a/service/networkfirewall/deserializers.go +++ b/service/networkfirewall/deserializers.go @@ -13,6 +13,7 @@ import ( smithyio "github.com/aws/smithy-go/io" "github.com/aws/smithy-go/middleware" "github.com/aws/smithy-go/ptr" + smithytime "github.com/aws/smithy-go/time" smithyhttp "github.com/aws/smithy-go/transport/http" "io" "strings" @@ -5038,6 +5039,22 @@ func awsAwsjson10_deserializeDocumentFirewallPolicyResponse(v **types.FirewallPo sv.FirewallPolicyStatus = types.ResourceStatus(jtv) } + case "LastModifiedTime": + if value != nil { + switch jtv := value.(type) { + case json.Number: + f64, err := jtv.Float64() + if err != nil { + return err + } + sv.LastModifiedTime = ptr.Time(smithytime.ParseEpochSeconds(f64)) + + default: + return fmt.Errorf("expected LastUpdateTime to be a JSON Number, got %T instead", value) + + } + } + case "NumberOfAssociations": if value != nil { jtv, ok := value.(json.Number) @@ -6451,6 +6468,22 @@ func awsAwsjson10_deserializeDocumentRuleGroupResponse(v **types.RuleGroupRespon return err } + case "LastModifiedTime": + if value != nil { + switch jtv := value.(type) { + case json.Number: + f64, err := jtv.Float64() + if err != nil { + return err + } + sv.LastModifiedTime = ptr.Time(smithytime.ParseEpochSeconds(f64)) + + default: + return fmt.Errorf("expected LastUpdateTime to be a JSON Number, got %T instead", value) + + } + } + case "NumberOfAssociations": if value != nil { jtv, ok := value.(json.Number) @@ -6500,6 +6533,20 @@ func awsAwsjson10_deserializeDocumentRuleGroupResponse(v **types.RuleGroupRespon sv.RuleGroupStatus = types.ResourceStatus(jtv) } + case "SnsTopic": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ResourceArn to be of type string, got %T instead", value) + } + sv.SnsTopic = ptr.String(jtv) + } + + case "SourceMetadata": + if err := awsAwsjson10_deserializeDocumentSourceMetadata(&sv.SourceMetadata, value); err != nil { + return err + } + case "Tags": if err := awsAwsjson10_deserializeDocumentTagList(&sv.Tags, value); err != nil { return err @@ -6854,6 +6901,55 @@ func awsAwsjson10_deserializeDocumentSettings(v *[]string, value interface{}) er return nil } +func awsAwsjson10_deserializeDocumentSourceMetadata(v **types.SourceMetadata, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.SourceMetadata + if *v == nil { + sv = &types.SourceMetadata{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "SourceArn": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ResourceArn to be of type string, got %T instead", value) + } + sv.SourceArn = ptr.String(jtv) + } + + case "SourceUpdateToken": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected UpdateToken to be of type string, got %T instead", value) + } + sv.SourceUpdateToken = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + func awsAwsjson10_deserializeDocumentStatefulActions(v *[]string, value interface{}) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) @@ -8562,6 +8658,22 @@ func awsAwsjson10_deserializeOpDocumentDescribeRuleGroupMetadataOutput(v **Descr sv.Description = ptr.String(jtv) } + case "LastModifiedTime": + if value != nil { + switch jtv := value.(type) { + case json.Number: + f64, err := jtv.Float64() + if err != nil { + return err + } + sv.LastModifiedTime = ptr.Time(smithytime.ParseEpochSeconds(f64)) + + default: + return fmt.Errorf("expected LastUpdateTime to be a JSON Number, got %T instead", value) + + } + } + case "RuleGroupArn": if value != nil { jtv, ok := value.(string) diff --git a/service/networkfirewall/serializers.go b/service/networkfirewall/serializers.go index db86b0fa230..b33a41f26d4 100644 --- a/service/networkfirewall/serializers.go +++ b/service/networkfirewall/serializers.go @@ -2352,6 +2352,23 @@ func awsAwsjson10_serializeDocumentSettings(v []string, value smithyjson.Value) return nil } +func awsAwsjson10_serializeDocumentSourceMetadata(v *types.SourceMetadata, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.SourceArn != nil { + ok := object.Key("SourceArn") + ok.String(*v.SourceArn) + } + + if v.SourceUpdateToken != nil { + ok := object.Key("SourceUpdateToken") + ok.String(*v.SourceUpdateToken) + } + + return nil +} + func awsAwsjson10_serializeDocumentStatefulActions(v []string, value smithyjson.Value) error { array := value.Array() defer array.Close() @@ -2907,6 +2924,13 @@ func awsAwsjson10_serializeOpDocumentCreateRuleGroupInput(v *CreateRuleGroupInpu ok.String(*v.Rules) } + if v.SourceMetadata != nil { + ok := object.Key("SourceMetadata") + if err := awsAwsjson10_serializeDocumentSourceMetadata(v.SourceMetadata, ok); err != nil { + return err + } + } + if v.Tags != nil { ok := object.Key("Tags") if err := awsAwsjson10_serializeDocumentTagList(v.Tags, ok); err != nil { @@ -3171,6 +3195,11 @@ func awsAwsjson10_serializeOpDocumentListRuleGroupsInput(v *ListRuleGroupsInput, object := value.Object() defer object.Close() + if len(v.ManagedType) > 0 { + ok := object.Key("ManagedType") + ok.String(string(v.ManagedType)) + } + if v.MaxResults != nil { ok := object.Key("MaxResults") ok.Integer(*v.MaxResults) @@ -3186,6 +3215,11 @@ func awsAwsjson10_serializeOpDocumentListRuleGroupsInput(v *ListRuleGroupsInput, ok.String(string(v.Scope)) } + if len(v.Type) > 0 { + ok := object.Key("Type") + ok.String(string(v.Type)) + } + return nil } @@ -3489,6 +3523,13 @@ func awsAwsjson10_serializeOpDocumentUpdateRuleGroupInput(v *UpdateRuleGroupInpu ok.String(*v.Rules) } + if v.SourceMetadata != nil { + ok := object.Key("SourceMetadata") + if err := awsAwsjson10_serializeDocumentSourceMetadata(v.SourceMetadata, ok); err != nil { + return err + } + } + if len(v.Type) > 0 { ok := object.Key("Type") ok.String(string(v.Type)) diff --git a/service/networkfirewall/types/enums.go b/service/networkfirewall/types/enums.go index 1438fa34494..66f544e3184 100644 --- a/service/networkfirewall/types/enums.go +++ b/service/networkfirewall/types/enums.go @@ -188,6 +188,24 @@ func (ResourceManagedStatus) Values() []ResourceManagedStatus { } } +type ResourceManagedType string + +// Enum values for ResourceManagedType +const ( + ResourceManagedTypeAwsManagedThreatSignatures ResourceManagedType = "AWS_MANAGED_THREAT_SIGNATURES" + ResourceManagedTypeAwsManagedDomainLists ResourceManagedType = "AWS_MANAGED_DOMAIN_LISTS" +) + +// Values returns all known values for ResourceManagedType. Note that this can be +// expanded in the future, and so it is only as up to date as the client. The +// ordering of this slice is not guaranteed to be stable across updates. +func (ResourceManagedType) Values() []ResourceManagedType { + return []ResourceManagedType{ + "AWS_MANAGED_THREAT_SIGNATURES", + "AWS_MANAGED_DOMAIN_LISTS", + } +} + type ResourceStatus string // Enum values for ResourceStatus diff --git a/service/networkfirewall/types/types.go b/service/networkfirewall/types/types.go index 8e6abeb81dc..29ce08573b5 100644 --- a/service/networkfirewall/types/types.go +++ b/service/networkfirewall/types/types.go @@ -4,6 +4,7 @@ package types import ( smithydocument "github.com/aws/smithy-go/document" + "time" ) // A custom action to use in stateless rule actions settings. This is used in @@ -133,6 +134,12 @@ type Dimension struct { // in the Network Firewall Developer Guide. type EncryptionConfiguration struct { + // The type of Amazon Web Services KMS key to use for encryption of your Network + // Firewall resources. + // + // This member is required. + Type EncryptionType + // The ID of the Amazon Web Services Key Management Service (KMS) customer managed // key. You can use any of the key identifiers that KMS supports, unless you're // using a key that's managed by another account. If you're using a key managed by @@ -141,10 +148,6 @@ type EncryptionConfiguration struct { // the Amazon Web Services KMS Developer Guide. KeyId *string - // The type of Amazon Web Services KMS key to use for encryption of your Network - // Firewall resources. - Type EncryptionType - noSmithyDocumentSerde } @@ -363,6 +366,9 @@ type FirewallPolicyResponse struct { // name or ARN. FirewallPolicyStatus ResourceStatus + // The last time that the firewall policy was changed. + LastModifiedTime *time.Time + // The number of firewalls that are associated with this firewall policy. NumberOfAssociations *int32 @@ -781,12 +787,28 @@ type RuleGroupResponse struct { // configuration settings for your rule group. EncryptionConfiguration *EncryptionConfiguration + // The last time that the rule group was changed. + LastModifiedTime *time.Time + // The number of firewall policies that use this rule group. NumberOfAssociations *int32 // Detailed information about the current status of a rule group. RuleGroupStatus ResourceStatus + // The Amazon resource name (ARN) of the Amazon Simple Notification Service SNS + // topic that's used to record changes to the managed rule group. You can subscribe + // to the SNS topic to receive notifications when the managed rule group is + // modified, such as for new versions and for version expiration. For more + // information, see the Amazon Simple Notification Service Developer Guide. + // (https://docs.aws.amazon.com/sns/latest/dg/welcome.html). + SnsTopic *string + + // A complex type that contains metadata about the rule group that your own rule + // group is copied from. You can use the metadata to track the version updates made + // to the originating rule group. + SourceMetadata *SourceMetadata + // The key:value pairs to associate with the resource. Tags []Tag @@ -895,6 +917,26 @@ type RuleVariables struct { noSmithyDocumentSerde } +// High-level information about the managed rule group that your own rule group is +// copied from. You can use the the metadata to track version updates made to the +// originating rule group. You can retrieve all objects for a rule group by calling +// DescribeRuleGroup +// (https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroup.html). +type SourceMetadata struct { + + // The Amazon Resource Name (ARN) of the rule group that your own rule group is + // copied from. + SourceArn *string + + // The update token of the Amazon Web Services managed rule group that your own + // rule group is copied from. To determine the update token for the managed rule + // group, call DescribeRuleGroup + // (https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroup.html#networkfirewall-DescribeRuleGroup-response-UpdateToken). + SourceUpdateToken *string + + noSmithyDocumentSerde +} + // Configuration settings for the handling of the stateful rule groups in a // firewall policy. type StatefulEngineOptions struct { diff --git a/service/networkfirewall/validators.go b/service/networkfirewall/validators.go index ad9855fc268..9270ae07370 100644 --- a/service/networkfirewall/validators.go +++ b/service/networkfirewall/validators.go @@ -270,6 +270,26 @@ func (m *validateOpUpdateFirewallDeleteProtection) HandleInitialize(ctx context. return next.HandleInitialize(ctx, in) } +type validateOpUpdateFirewallEncryptionConfiguration struct { +} + +func (*validateOpUpdateFirewallEncryptionConfiguration) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpUpdateFirewallEncryptionConfiguration) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*UpdateFirewallEncryptionConfigurationInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpUpdateFirewallEncryptionConfigurationInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + type validateOpUpdateFirewallPolicyChangeProtection struct { } @@ -422,6 +442,10 @@ func addOpUpdateFirewallDeleteProtectionValidationMiddleware(stack *middleware.S return stack.Initialize.Add(&validateOpUpdateFirewallDeleteProtection{}, middleware.After) } +func addOpUpdateFirewallEncryptionConfigurationValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpUpdateFirewallEncryptionConfiguration{}, middleware.After) +} + func addOpUpdateFirewallPolicyChangeProtectionValidationMiddleware(stack *middleware.Stack) error { return stack.Initialize.Add(&validateOpUpdateFirewallPolicyChangeProtection{}, middleware.After) } @@ -562,6 +586,21 @@ func validateDimensions(v []types.Dimension) error { } } +func validateEncryptionConfiguration(v *types.EncryptionConfiguration) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "EncryptionConfiguration"} + if len(v.Type) == 0 { + invalidParams.Add(smithy.NewErrParamRequired("Type")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + func validateFirewallPolicy(v *types.FirewallPolicy) error { if v == nil { return nil @@ -1272,6 +1311,11 @@ func validateOpCreateFirewallInput(v *CreateFirewallInput) error { invalidParams.AddNested("Tags", err.(smithy.InvalidParamsError)) } } + if v.EncryptionConfiguration != nil { + if err := validateEncryptionConfiguration(v.EncryptionConfiguration); err != nil { + invalidParams.AddNested("EncryptionConfiguration", err.(smithy.InvalidParamsError)) + } + } if invalidParams.Len() > 0 { return invalidParams } else { @@ -1299,6 +1343,11 @@ func validateOpCreateFirewallPolicyInput(v *CreateFirewallPolicyInput) error { invalidParams.AddNested("Tags", err.(smithy.InvalidParamsError)) } } + if v.EncryptionConfiguration != nil { + if err := validateEncryptionConfiguration(v.EncryptionConfiguration); err != nil { + invalidParams.AddNested("EncryptionConfiguration", err.(smithy.InvalidParamsError)) + } + } if invalidParams.Len() > 0 { return invalidParams } else { @@ -1330,6 +1379,11 @@ func validateOpCreateRuleGroupInput(v *CreateRuleGroupInput) error { invalidParams.AddNested("Tags", err.(smithy.InvalidParamsError)) } } + if v.EncryptionConfiguration != nil { + if err := validateEncryptionConfiguration(v.EncryptionConfiguration); err != nil { + invalidParams.AddNested("EncryptionConfiguration", err.(smithy.InvalidParamsError)) + } + } if invalidParams.Len() > 0 { return invalidParams } else { @@ -1467,6 +1521,23 @@ func validateOpUpdateFirewallDeleteProtectionInput(v *UpdateFirewallDeleteProtec } } +func validateOpUpdateFirewallEncryptionConfigurationInput(v *UpdateFirewallEncryptionConfigurationInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "UpdateFirewallEncryptionConfigurationInput"} + if v.EncryptionConfiguration != nil { + if err := validateEncryptionConfiguration(v.EncryptionConfiguration); err != nil { + invalidParams.AddNested("EncryptionConfiguration", err.(smithy.InvalidParamsError)) + } + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + func validateOpUpdateFirewallPolicyChangeProtectionInput(v *UpdateFirewallPolicyChangeProtectionInput) error { if v == nil { return nil @@ -1494,6 +1565,11 @@ func validateOpUpdateFirewallPolicyInput(v *UpdateFirewallPolicyInput) error { invalidParams.AddNested("FirewallPolicy", err.(smithy.InvalidParamsError)) } } + if v.EncryptionConfiguration != nil { + if err := validateEncryptionConfiguration(v.EncryptionConfiguration); err != nil { + invalidParams.AddNested("EncryptionConfiguration", err.(smithy.InvalidParamsError)) + } + } if invalidParams.Len() > 0 { return invalidParams } else { @@ -1531,6 +1607,11 @@ func validateOpUpdateRuleGroupInput(v *UpdateRuleGroupInput) error { invalidParams.AddNested("RuleGroup", err.(smithy.InvalidParamsError)) } } + if v.EncryptionConfiguration != nil { + if err := validateEncryptionConfiguration(v.EncryptionConfiguration); err != nil { + invalidParams.AddNested("EncryptionConfiguration", err.(smithy.InvalidParamsError)) + } + } if invalidParams.Len() > 0 { return invalidParams } else {