Release v1.53.12 (2024-05-29) (#5273)

Release v1.53.12 (2024-05-29)
===

### Service Client Updates
* `service/athena`: Updates service API and documentation
  * Throwing validation errors on CreateNotebook with Name containing `/`,`:`,`\`
* `service/codebuild`: Updates service API and documentation
  * AWS CodeBuild now supports manually creating GitHub webhooks
* `service/connect`: Updates service API and documentation
* `service/glue`: Updates service API and documentation
  * Add optional field JobMode to CreateJob and UpdateJob APIs.
* `service/securityhub`: Updates service API

CHANGELOG.md

@@ -1,3 +1,16 @@
+Release v1.53.12 (2024-05-29)
+===
+
+### Service Client Updates
+* `service/athena`: Updates service API and documentation
+  * Throwing validation errors on CreateNotebook with Name containing `/`,`:`,`\`
+* `service/codebuild`: Updates service API and documentation
+  * AWS CodeBuild now supports manually creating GitHub webhooks
+* `service/connect`: Updates service API and documentation
+* `service/glue`: Updates service API and documentation
+  * Add optional field JobMode to CreateJob and UpdateJob APIs.
+* `service/securityhub`: Updates service API
+
 Release v1.53.11 (2024-05-28)
 ===
 

aws/version.go

@@ -5,4 +5,4 @@ package aws
 const SDKName = "aws-sdk-go"
 
 // SDKVersion is the version of this SDK
-const SDKVersion = "1.53.11"
+const SDKVersion = "1.53.12"

models/apis/athena/2017-05-18/api-2.json

@@ -5,6 +5,7 @@
     "endpointPrefix":"athena",
     "jsonVersion":"1.1",
     "protocol":"json",
+    "protocols":["json"],
     "serviceFullName":"Amazon Athena",
     "serviceId":"Athena",
     "signatureVersion":"v4",
@@ -2474,7 +2475,7 @@
       "type":"string",
       "max":255,
       "min":1,
-      "pattern":"[\\u0020-\\uD7FF\\uE000-\\uFFFD\\uD800\\uDC00-\\uDBFF\\uDFFF\\t]+"
+      "pattern":"(?!.*[/:\\\\])[\\u0020-\\uD7FF\\uE000-\\uFFFD\\uD800\\uDC00-\\uDBFF\\uDFFF\\t]+"
     },
     "NotebookSessionSummary":{
       "type":"structure",

models/apis/athena/2017-05-18/docs-2.json

@@ -32,7 +32,7 @@
     "GetPreparedStatement": "<p>Retrieves the prepared statement with the specified name from the specified workgroup.</p>",
     "GetQueryExecution": "<p>Returns information about a single execution of a query if you have access to the workgroup in which the query ran. Each time a query executes, information about the query execution is saved with a unique ID.</p>",
     "GetQueryResults": "<p>Streams the results of a single query execution specified by <code>QueryExecutionId</code> from the Athena query results location in Amazon S3. For more information, see <a href=\"https://docs.aws.amazon.com/athena/latest/ug/querying.html\">Working with query results, recent queries, and output files</a> in the <i>Amazon Athena User Guide</i>. This request does not execute the query but returns results. Use <a>StartQueryExecution</a> to run a query.</p> <p>To stream query results successfully, the IAM principal with permission to call <code>GetQueryResults</code> also must have permissions to the Amazon S3 <code>GetObject</code> action for the Athena query results location.</p> <important> <p>IAM principals with permission to the Amazon S3 <code>GetObject</code> action for the query results location are able to retrieve query results from Amazon S3 even if permission to the <code>GetQueryResults</code> action is denied. To restrict user or role access, ensure that Amazon S3 permissions to the Athena query location are denied.</p> </important>",
-    "GetQueryRuntimeStatistics": "<p>Returns query execution runtime statistics related to a single execution of a query if you have access to the workgroup in which the query ran. Query execution runtime statistics are returned only when <a>QueryExecutionStatus$State</a> is in a SUCCEEDED or FAILED state. Stage-level input and output row count and data size statistics are not shown when a query has row-level filters defined in Lake Formation.</p>",
+    "GetQueryRuntimeStatistics": "<p>Returns query execution runtime statistics related to a single execution of a query if you have access to the workgroup in which the query ran. Statistics from the <code>Timeline</code> section of the response object are available as soon as <a>QueryExecutionStatus$State</a> is in a SUCCEEDED or FAILED state. The remaining non-timeline statistics in the response (like stage-level input and output row count and data size) are updated asynchronously and may not be available immediately after a query completes. The non-timeline statistics are also not included when a query has row-level filters defined in Lake Formation.</p>",
     "GetSession": "<p>Gets the full details of a previously created session, including the session status and configuration.</p>",
     "GetSessionStatus": "<p>Gets the current status of a session.</p>",
     "GetTableMetadata": "<p>Returns table metadata for the specified catalog, database, and table.</p>",
@@ -1663,7 +1663,7 @@
       "refs": {
         "QueryExecution$ResultConfiguration": "<p>The location in Amazon S3 where query and calculation results are stored and the encryption option, if any, used for query results. These are known as \"client-side settings\". If workgroup settings override client-side settings, then the query uses the location for the query results and the encryption configuration that are specified for the workgroup.</p>",
         "StartQueryExecutionInput$ResultConfiguration": "<p>Specifies information about where and how to save the results of the query execution. If the query runs in a workgroup, then workgroup's settings may override query settings. This affects the query results location. The workgroup settings override is specified in EnforceWorkGroupConfiguration (true/false) in the WorkGroupConfiguration. See <a>WorkGroupConfiguration$EnforceWorkGroupConfiguration</a>.</p>",
-        "WorkGroupConfiguration$ResultConfiguration": "<p>The configuration for the workgroup, which includes the location in Amazon S3 where query and calculation results are stored and the encryption option, if any, used for query and calculation results. To run the query, you must specify the query results location using one of the ways: either in the workgroup using this setting, or for individual queries (client-side), using <a>ResultConfiguration$OutputLocation</a>. If none of them is set, Athena issues an error that no output location is provided. For more information, see <a href=\"https://docs.aws.amazon.com/athena/latest/ug/querying.html\">Working with query results, recent queries, and output files</a>.</p>"
+        "WorkGroupConfiguration$ResultConfiguration": "<p>The configuration for the workgroup, which includes the location in Amazon S3 where query and calculation results are stored and the encryption option, if any, used for query and calculation results. To run the query, you must specify the query results location using one of the ways: either in the workgroup using this setting, or for individual queries (client-side), using <a>ResultConfiguration$OutputLocation</a>. If none of them is set, Athena issues an error that no output location is provided.</p>"
       }
     },
     "ResultConfigurationUpdates": {
@@ -1675,8 +1675,8 @@
     "ResultOutputLocation": {
       "base": null,
       "refs": {
-        "ResultConfiguration$OutputLocation": "<p>The location in Amazon S3 where your query and calculation results are stored, such as <code>s3://path/to/query/bucket/</code>. To run the query, you must specify the query results location using one of the ways: either for individual queries using either this setting (client-side), or in the workgroup, using <a>WorkGroupConfiguration</a>. If none of them is set, Athena issues an error that no output location is provided. For more information, see <a href=\"https://docs.aws.amazon.com/athena/latest/ug/querying.html\">Working with query results, recent queries, and output files</a>. If workgroup settings override client-side settings, then the query uses the settings specified for the workgroup. See <a>WorkGroupConfiguration$EnforceWorkGroupConfiguration</a>.</p>",
-        "ResultConfigurationUpdates$OutputLocation": "<p>The location in Amazon S3 where your query and calculation results are stored, such as <code>s3://path/to/query/bucket/</code>. For more information, see <a href=\"https://docs.aws.amazon.com/athena/latest/ug/querying.html\">Working with query results, recent queries, and output files</a>. If workgroup settings override client-side settings, then the query uses the location for the query results and the encryption configuration that are specified for the workgroup. The \"workgroup settings override\" is specified in <code>EnforceWorkGroupConfiguration</code> (true/false) in the <code>WorkGroupConfiguration</code>. See <a>WorkGroupConfiguration$EnforceWorkGroupConfiguration</a>.</p>",
+        "ResultConfiguration$OutputLocation": "<p>The location in Amazon S3 where your query and calculation results are stored, such as <code>s3://path/to/query/bucket/</code>. To run the query, you must specify the query results location using one of the ways: either for individual queries using either this setting (client-side), or in the workgroup, using <a>WorkGroupConfiguration</a>. If none of them is set, Athena issues an error that no output location is provided. If workgroup settings override client-side settings, then the query uses the settings specified for the workgroup. See <a>WorkGroupConfiguration$EnforceWorkGroupConfiguration</a>.</p>",
+        "ResultConfigurationUpdates$OutputLocation": "<p>The location in Amazon S3 where your query and calculation results are stored, such as <code>s3://path/to/query/bucket/</code>. If workgroup settings override client-side settings, then the query uses the location for the query results and the encryption configuration that are specified for the workgroup. The \"workgroup settings override\" is specified in <code>EnforceWorkGroupConfiguration</code> (true/false) in the <code>WorkGroupConfiguration</code>. See <a>WorkGroupConfiguration$EnforceWorkGroupConfiguration</a>.</p>",
         "SessionConfiguration$WorkingDirectory": "<p>The Amazon S3 location that stores information for the notebook.</p>"
       }
     },

models/apis/codebuild/2016-10-06/api-2.json

@@ -1204,7 +1204,8 @@
         "projectName":{"shape":"ProjectName"},
         "branchFilter":{"shape":"String"},
         "filterGroups":{"shape":"FilterGroups"},
-        "buildType":{"shape":"WebhookBuildType"}
+        "buildType":{"shape":"WebhookBuildType"},
+        "manualCreation":{"shape":"WrapperBoolean"}
       }
     },
     "CreateWebhookOutput":{
@@ -2846,6 +2847,7 @@
         "branchFilter":{"shape":"String"},
         "filterGroups":{"shape":"FilterGroups"},
         "buildType":{"shape":"WebhookBuildType"},
+        "manualCreation":{"shape":"WrapperBoolean"},
         "lastModifiedSecret":{"shape":"Timestamp"}
       }
     },

models/apis/codebuild/2016-10-06/docs-2.json

@@ -1028,7 +1028,7 @@
         "CodeCoverage$reportARN": "<p>The ARN of the report.</p>",
         "CodeCoverage$filePath": "<p>The path of the test report file.</p>",
         "ComputeTypesAllowed$member": null,
-        "CreateFleetInput$fleetServiceRole": "<p>The service role associated with the compute fleet.</p>",
+        "CreateFleetInput$fleetServiceRole": "<p>The service role associated with the compute fleet. For more information, see <a href=\"https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-permission-policy-fleet-service-role.html\"> Allow a user to add a permission policy for a fleet service role</a> in the <i>CodeBuild User Guide</i>.</p>",
         "CreateProjectInput$serviceRole": "<p>The ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account.</p>",
         "CreateProjectInput$encryptionKey": "<p>The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.</p> <note> <p>You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. </p> </note> <p>You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format <code>alias/&lt;alias-name&gt;</code>). </p>",
         "DebugSession$sessionTarget": "<p>Contains the identifier of the Session Manager session used for the build. To work with the paused build, you open this session to examine, control, and resume the build.</p>",
@@ -1045,7 +1045,7 @@
         "ExportedEnvironmentVariable$name": "<p>The name of the exported environment variable.</p>",
         "Fleet$arn": "<p>The ARN of the compute fleet.</p>",
         "Fleet$id": "<p>The ID of the compute fleet.</p>",
-        "Fleet$fleetServiceRole": "<p>The service role associated with the compute fleet.</p>",
+        "Fleet$fleetServiceRole": "<p>The service role associated with the compute fleet. For more information, see <a href=\"https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-permission-policy-fleet-service-role.html\"> Allow a user to add a permission policy for a fleet service role</a> in the <i>CodeBuild User Guide</i>.</p>",
         "FleetArns$member": null,
         "FleetNames$member": null,
         "GetReportGroupTrendInput$reportGroupArn": "<p>The ARN of the report group that contains the reports to analyze.</p>",
@@ -1098,7 +1098,7 @@
         "Subnets$member": null,
         "TestCase$reportArn": "<p> The ARN of the report to which the test case belongs. </p>",
         "UpdateFleetInput$arn": "<p>The ARN of the compute fleet.</p>",
-        "UpdateFleetInput$fleetServiceRole": "<p>The service role associated with the compute fleet.</p>",
+        "UpdateFleetInput$fleetServiceRole": "<p>The service role associated with the compute fleet. For more information, see <a href=\"https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-permission-policy-fleet-service-role.html\"> Allow a user to add a permission policy for a fleet service role</a> in the <i>CodeBuild User Guide</i>.</p>",
         "UpdateProjectInput$name": "<p>The name of the build project.</p> <note> <p>You cannot change a build project's name.</p> </note>",
         "UpdateProjectInput$serviceRole": "<p>The replacement ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account.</p>",
         "UpdateProjectInput$encryptionKey": "<p>The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.</p> <note> <p> You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. </p> </note> <p>You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format <code>alias/&lt;alias-name&gt;</code>). </p>",
@@ -2057,6 +2057,7 @@
         "BuildArtifacts$encryptionDisabled": "<p> Information that tells you if encryption for build artifacts is disabled. </p>",
         "BuildBatch$debugSessionEnabled": "<p>Specifies if session debugging is enabled for this batch build. For more information, see <a href=\"https://docs.aws.amazon.com/codebuild/latest/userguide/session-manager.html\">Viewing a running build in Session Manager</a>. Batch session debugging is not supported for matrix batch builds.</p>",
         "CreateProjectInput$badgeEnabled": "<p>Set this to true to generate a publicly accessible URL for your project's build badge.</p>",
+        "CreateWebhookInput$manualCreation": "<p>If manualCreation is true, CodeBuild doesn't create a webhook in GitHub and instead returns <code>payloadUrl</code> and <code>secret</code> values for the webhook. The <code>payloadUrl</code> and <code>secret</code> values in the output can be used to manually create a webhook within GitHub.</p> <note> <p>manualCreation is only available for GitHub webhooks.</p> </note>",
         "DebugSession$sessionEnabled": "<p>Specifies if session debugging is enabled for this build.</p>",
         "GitSubmodulesConfig$fetchSubmodules": "<p> Set to true to fetch Git submodules for your CodeBuild build project. </p>",
         "ImportSourceCredentialsInput$shouldOverwrite": "<p> Set to <code>false</code> to prevent overwriting the repository source credentials. Set to <code>true</code> to overwrite the repository source credentials. The default value is <code>true</code>. </p>",
@@ -2078,6 +2079,7 @@
         "StartBuildInput$privilegedModeOverride": "<p>Enable this flag to override privileged mode in the build project.</p>",
         "StartBuildInput$debugSessionEnabled": "<p>Specifies if session debugging is enabled for this build. For more information, see <a href=\"https://docs.aws.amazon.com/codebuild/latest/userguide/session-manager.html\">Viewing a running build in Session Manager</a>.</p>",
         "UpdateProjectInput$badgeEnabled": "<p>Set this to true to generate a publicly accessible URL for your project's build badge.</p>",
+        "Webhook$manualCreation": "<p>If manualCreation is true, CodeBuild doesn't create a webhook in GitHub and instead returns <code>payloadUrl</code> and <code>secret</code> values for the webhook. The <code>payloadUrl</code> and <code>secret</code> values in the output can be used to manually create a webhook within GitHub.</p> <note> <p>manualCreation is only available for GitHub webhooks.</p> </note>",
         "WebhookFilter$excludeMatchedPattern": "<p> Used to indicate that the <code>pattern</code> determines which webhook events do not trigger a build. If true, then a webhook event that does not match the <code>pattern</code> triggers a build. If false, then a webhook event that matches the <code>pattern</code> triggers a build. </p>"
       }
     },