Amazon Web Services-managed provisioning: Proton makes direct calls to provision your resources.
+ *+ * Amazon Web Services-managed provisioning – Proton makes direct calls to provision your resources.
+ *+ * Self-managed provisioning – Proton makes pull requests on your repository to provide compiled + * infrastructure as code (IaC) files that your IaC engine uses to provision resources.
*Self-managed provisioning: Proton makes pull requests on your repository to provide compiled infrastructure as code (IaC) files that your IaC - * engine uses to provision resources.
+ *+ * CodeBuild-based provisioning – Proton uses CodeBuild to run shell commands that you provide. Your commands can + * read inputs that Proton provides, and are responsible for provisioning or deprovisioning infrastructure and generating output values.
*For more information, see Environments and Provisioning methods in the Proton User @@ -2525,8 +2532,19 @@ export class Proton extends ProtonClient { } /** - *
Notify Proton of status changes to a provisioned resource when you use self-managed provisioning.
- *For more information, see Self-managed provisioning in the Proton User Guide.
+ *Notify Proton of the following information related to a provisioned resource (environment, service instance, or service pipeline):
+ *For CodeBuild-based + * provisioning, provide your provisioned resource output values to Proton.
+ *For self-managed
+ * provisioning, notify Proton about the status of your provisioned resource. To disambiguate between different deployments of the same
+ * resource, set deploymentId to a unique deployment ID of your choice.
Update an environment.
*If the environment is associated with an environment account connection, don't update or include the
- * protonServiceRoleArn and provisioningRepository parameter to update or connect to an environment account connection.
protonServiceRoleArn, codebuildRoleArn, and provisioningRepository parameters.
* You can only update to a new environment account connection if that connection was created in the same environment account that the current * environment account connection was created in. The account connection must also be associated with the current environment.
*If the environment isn't associated with an environment account connection, don't update or include the
* environmentAccountConnectionId parameter. You can't update or connect the environment to an environment account
* connection if it isn't already associated with an environment connection.
You can update either the environmentAccountConnectionId or protonServiceRoleArn parameter and value. You can’t update
- * both.
If the environment was configured for Amazon Web Services-managed provisioning, omit the provisioningRepository parameter.
You can update either environmentAccountConnectionId or one or more of protonServiceRoleArn, codebuildRoleArn,
+ * and provisioningRepository.
If the environment was configured for Amazon Web Services-managed or CodeBuild-based provisioning, omit the provisioningRepository parameter.
If the environment was configured for self-managed provisioning, specify the provisioningRepository parameter and omit the
- * protonServiceRoleArn and environmentAccountConnectionId parameters.
protonServiceRoleArn, codebuildRoleArn, and provisioningRepository parameters.
* For more information, see Environments and Provisioning methods in the Proton User * Guide.
*There are four modes for updating an environment. The deploymentType field defines the mode.
Amazon Web Services-managed provisioning: Proton makes direct calls to provision your resources.
+ *+ * Amazon Web Services-managed provisioning – Proton makes direct calls to provision your resources.
*Self-managed provisioning: Proton makes pull requests on your repository to provide compiled infrastructure as code (IaC) files that your IaC - * engine uses to provision resources.
+ *+ * Self-managed provisioning – Proton makes pull requests on your repository to provide compiled + * infrastructure as code (IaC) files that your IaC engine uses to provision resources.
+ *+ * CodeBuild-based provisioning – Proton uses CodeBuild to run shell commands that you provide. Your commands can + * read inputs that Proton provides, and are responsible for provisioning or deprovisioning infrastructure and generating output values.
*For more information, see Environments and Provisioning methods in the Proton User diff --git a/clients/client-proton/src/commands/NotifyResourceDeploymentStatusChangeCommand.ts b/clients/client-proton/src/commands/NotifyResourceDeploymentStatusChangeCommand.ts index 0704866883a6..b1c2001a8f33 100644 --- a/clients/client-proton/src/commands/NotifyResourceDeploymentStatusChangeCommand.ts +++ b/clients/client-proton/src/commands/NotifyResourceDeploymentStatusChangeCommand.ts @@ -31,8 +31,19 @@ export interface NotifyResourceDeploymentStatusChangeCommandOutput __MetadataBearer {} /** - *
Notify Proton of status changes to a provisioned resource when you use self-managed provisioning.
- *For more information, see Self-managed provisioning in the Proton User Guide.
+ *Notify Proton of the following information related to a provisioned resource (environment, service instance, or service pipeline):
+ *For CodeBuild-based + * provisioning, provide your provisioned resource output values to Proton.
+ *For self-managed
+ * provisioning, notify Proton about the status of your provisioned resource. To disambiguate between different deployments of the same
+ * resource, set deploymentId to a unique deployment ID of your choice.
Update an environment.
*If the environment is associated with an environment account connection, don't update or include the
- * protonServiceRoleArn and provisioningRepository parameter to update or connect to an environment account connection.
protonServiceRoleArn, codebuildRoleArn, and provisioningRepository parameters.
* You can only update to a new environment account connection if that connection was created in the same environment account that the current * environment account connection was created in. The account connection must also be associated with the current environment.
*If the environment isn't associated with an environment account connection, don't update or include the
* environmentAccountConnectionId parameter. You can't update or connect the environment to an environment account
* connection if it isn't already associated with an environment connection.
You can update either the environmentAccountConnectionId or protonServiceRoleArn parameter and value. You can’t update
- * both.
If the environment was configured for Amazon Web Services-managed provisioning, omit the provisioningRepository parameter.
You can update either environmentAccountConnectionId or one or more of protonServiceRoleArn, codebuildRoleArn,
+ * and provisioningRepository.
If the environment was configured for Amazon Web Services-managed or CodeBuild-based provisioning, omit the provisioningRepository parameter.
If the environment was configured for self-managed provisioning, specify the provisioningRepository parameter and omit the
- * protonServiceRoleArn and environmentAccountConnectionId parameters.
protonServiceRoleArn, codebuildRoleArn, and provisioningRepository parameters.
* For more information, see Environments and Provisioning methods in the Proton User * Guide.
*There are four modes for updating an environment. The deploymentType field defines the mode.
The IAM service role that's associated with the environment account connection.
+ *The Amazon Resource Name (ARN) of an IAM service role in the environment account. Proton uses this role to provision infrastructure resources + * using Amazon Web Services-managed provisioning and CloudFormation in the associated environment account.
*/ roleArn: string | undefined; @@ -75,6 +76,12 @@ export interface EnvironmentAccountConnection { * Proton User Guide. */ componentRoleArn?: string; + + /** + *The Amazon Resource Name (ARN) of an IAM service role in the environment account. Proton uses this role to provision infrastructure resources + * using CodeBuild-based provisioning in the associated environment account.
+ */ + codebuildRoleArn?: string; } export interface AcceptEnvironmentAccountConnectionOutput { @@ -238,8 +245,8 @@ export interface RepositoryBranch { */ export interface AccountSettings { /** - *The Amazon Resource Name (ARN) of the service role you want to use for provisioning pipelines. Assumed by Proton for Amazon Web Services-managed provisioning, and by - * customer-owned automation for self-managed provisioning.
+ *The Amazon Resource Name (ARN) of the service role that Proton uses for provisioning pipelines. Proton assumes this role for Amazon Web Services-managed + * provisioning.
*/ pipelineServiceRoleArn?: string; @@ -248,6 +255,12 @@ export interface AccountSettings { * pipelines. A linked repository is a repository that has been registered with Proton. For more information, see CreateRepository. */ pipelineProvisioningRepository?: RepositoryBranch; + + /** + *The Amazon Resource Name (ARN) of the service role that Proton uses for provisioning pipelines. Proton assumes this role for CodeBuild-based + * provisioning.
+ */ + pipelineCodebuildRoleArn?: string; } export interface GetAccountSettingsInput {} @@ -300,6 +313,12 @@ export interface UpdateAccountSettingsInput { * pipeline repository. */ deletePipelineProvisioningRepository?: boolean; + + /** + *The Amazon Resource Name (ARN) of the service role you want to use for provisioning pipelines. Proton assumes this role for CodeBuild-based + * provisioning.
+ */ + pipelineCodebuildRoleArn?: string; } export interface UpdateAccountSettingsOutput { @@ -478,12 +497,13 @@ export interface Environment { deploymentStatusMessage?: string; /** - *The Amazon Resource Name (ARN) of the Proton service role that allows Proton to make calls to other services on your behalf.
+ *The Amazon Resource Name (ARN) of the IAM service role that allows Proton to provision infrastructure using Amazon Web Services-managed provisioning and CloudFormation + * on your behalf.
*/ protonServiceRoleArn?: string; /** - *The ID of the environment account connection that's used to provision infrastructure resources in an environment account.
+ *The ID of the environment account connection that Proton uses to provision infrastructure resources in an environment account.
*/ environmentAccountConnectionId?: string; @@ -517,6 +537,12 @@ export interface Environment { * Proton User Guide. */ componentRoleArn?: string; + + /** + *The Amazon Resource Name (ARN) of the IAM service role that allows Proton to provision infrastructure using CodeBuild-based provisioning on your + * behalf.
+ */ + codebuildRoleArn?: string; } export interface CancelEnvironmentDeploymentOutput { @@ -1097,8 +1123,8 @@ export interface CreateEnvironmentAccountConnectionInput { managementAccountId: string | undefined; /** - *The Amazon Resource Name (ARN) of the IAM service role that's created in the environment account. Proton uses this role to provision infrastructure - * resources in the associated environment account.
+ *The Amazon Resource Name (ARN) of an IAM service role in the environment account. Proton uses this role to provision infrastructure resources + * using Amazon Web Services-managed provisioning and CloudFormation in the associated environment account.
*/ roleArn: string | undefined; @@ -1115,8 +1141,8 @@ export interface CreateEnvironmentAccountConnectionInput { tags?: Tag[]; /** - *The Amazon Resource Name (ARN) of the IAM service role that Proton uses when provisioning directly defined components in the associated - * environment account. It determines the scope of infrastructure that a component can provision in the account.
+ *The Amazon Resource Name (ARN) of an IAM service role in the environment account. Proton uses this role to provision directly defined components + * in the associated environment account. It determines the scope of infrastructure that a component can provision in the account.
*You must specify componentRoleArn to allow directly defined components to be associated with any environments running in this
* account.
For more information about components, see @@ -1124,6 +1150,12 @@ export interface CreateEnvironmentAccountConnectionInput { * Proton User Guide.
*/ componentRoleArn?: string; + + /** + *The Amazon Resource Name (ARN) of an IAM service role in the environment account. Proton uses this role to provision infrastructure resources + * using CodeBuild-based provisioning in the associated environment account.
+ */ + codebuildRoleArn?: string; } export interface CreateEnvironmentAccountConnectionOutput { @@ -1289,7 +1321,8 @@ export interface UpdateEnvironmentAccountConnectionInput { id: string | undefined; /** - *The Amazon Resource Name (ARN) of the IAM service role that's associated with the environment account connection to update.
+ *The Amazon Resource Name (ARN) of an IAM service role in the environment account. Proton uses this role to provision infrastructure resources + * using Amazon Web Services-managed provisioning and CloudFormation in the associated environment account.
*/ roleArn?: string; @@ -1303,6 +1336,12 @@ export interface UpdateEnvironmentAccountConnectionInput { * Proton User Guide. */ componentRoleArn?: string; + + /** + *The Amazon Resource Name (ARN) of an IAM service role in the environment account. Proton uses this role to provision infrastructure resources + * using CodeBuild-based provisioning in the associated environment account.
+ */ + codebuildRoleArn?: string; } export interface UpdateEnvironmentAccountConnectionOutput { @@ -1397,18 +1436,19 @@ export interface CreateEnvironmentInput { spec: string | undefined; /** - *The Amazon Resource Name (ARN) of the Proton service role that allows Proton to make calls to other services on your behalf.
- *To use Amazon Web Services-managed provisioning for the environment, specify either the environmentAccountConnectionId or
- * protonServiceRoleArn parameter and omit the provisioningRepository parameter.
The Amazon Resource Name (ARN) of the IAM service role that allows Proton to provision infrastructure using Amazon Web Services-managed provisioning and CloudFormation + * on your behalf.
+ *To use Amazon Web Services-managed provisioning for the environment or for any service instance running in the environment, specify either the
+ * environmentAccountConnectionId or protonServiceRoleArn parameter.
The ID of the environment account connection that you provide if you're provisioning your environment infrastructure resources to an environment - * account. For more information, see Environment account - * connections in the Proton User guide.
- *To use Amazon Web Services-managed provisioning for the environment, specify either the environmentAccountConnectionId or
- * protonServiceRoleArn parameter and omit the provisioningRepository parameter.
The ID of the environment account connection that you provide if you want Proton to provision infrastructure resources for your environment or for any + * of the service instances running in it in an environment account. For more information, see Environment account connections in the Proton User + * guide.
+ *If you specify the environmentAccountConnectionId parameter, don't specify protonServiceRoleArn,
+ * codebuildRoleArn, or provisioningRepository.
The linked repository that you use to host your rendered infrastructure templates for self-managed provisioning. A linked repository is a repository * that has been registered with Proton. For more information, see CreateRepository.
- *To use self-managed provisioning for the environment, specify this parameter and omit the environmentAccountConnectionId and
- * protonServiceRoleArn parameters.
To use self-managed provisioning for the environment or for any service instance running in the environment, specify this parameter.
*/ provisioningRepository?: RepositoryBranchInput; @@ -1436,6 +1475,14 @@ export interface CreateEnvironmentInput { * Proton User Guide. */ componentRoleArn?: string; + + /** + *The Amazon Resource Name (ARN) of the IAM service role that allows Proton to provision infrastructure using CodeBuild-based provisioning on your + * behalf.
+ *To use CodeBuild-based provisioning for the environment or for any service instance running in the environment, specify either the
+ * environmentAccountConnectionId or codebuildRoleArn parameter.
The Amazon Resource Name (ARN) of the Proton service role that allows Proton to make API calls to other services your behalf.
+ *The Amazon Resource Name (ARN) of the IAM service role that allows Proton to provision infrastructure using Amazon Web Services-managed provisioning and CloudFormation + * on your behalf.
*/ protonServiceRoleArn?: string; @@ -1685,7 +1733,9 @@ export interface UpdateEnvironmentInput { deploymentType: DeploymentUpdateType | string | undefined; /** - *The ID of the environment account connection.
+ *The ID of the environment account connection that you provide if you want Proton to provision infrastructure resources for your environment or for any + * of the service instances running in it in an environment account. For more information, see Environment account connections in the Proton User + * guide.
*You can only update to a new environment account connection if it was created in the same environment account that the current environment account * connection was created in and is associated with the current environment.
*/ @@ -1706,6 +1756,12 @@ export interface UpdateEnvironmentInput { * Proton User Guide. */ componentRoleArn?: string; + + /** + *The Amazon Resource Name (ARN) of the IAM service role that allows Proton to provision infrastructure using CodeBuild-based provisioning on your + * behalf.
+ */ + codebuildRoleArn?: string; } export interface UpdateEnvironmentOutput { @@ -2618,22 +2674,22 @@ export enum ResourceDeploymentStatus { export interface NotifyResourceDeploymentStatusChangeInput { /** - *The provisioned resource Amazon Resource Name (ARN).
+ *The Amazon Resource Name (ARN) of your provisioned resource.
*/ resourceArn: string | undefined; /** *The status of your provisioned resource.
*/ - status: ResourceDeploymentStatus | string | undefined; + status?: ResourceDeploymentStatus | string; /** - *The provisioned resource state change detail data that's returned by Proton.
+ *The output values generated by your provisioned resource.
*/ outputs?: Output[]; /** - *The deployment ID for your provisioned resource.
+ *The deployment ID for your provisioned resource. Proton uses it to disambiguate different deployments of the resource. Applicable to self-managed provisioning.
*/ deploymentId?: string; diff --git a/clients/client-proton/src/protocols/Aws_json1_0.ts b/clients/client-proton/src/protocols/Aws_json1_0.ts index d255f47af977..e03016d2f50c 100644 --- a/clients/client-proton/src/protocols/Aws_json1_0.ts +++ b/clients/client-proton/src/protocols/Aws_json1_0.ts @@ -5700,6 +5700,7 @@ const serializeAws_json1_0CreateEnvironmentAccountConnectionInput = ( ): any => { return { clientToken: input.clientToken ?? generateIdempotencyToken(), + ...(input.codebuildRoleArn != null && { codebuildRoleArn: input.codebuildRoleArn }), ...(input.componentRoleArn != null && { componentRoleArn: input.componentRoleArn }), ...(input.environmentName != null && { environmentName: input.environmentName }), ...(input.managementAccountId != null && { managementAccountId: input.managementAccountId }), @@ -5710,6 +5711,7 @@ const serializeAws_json1_0CreateEnvironmentAccountConnectionInput = ( const serializeAws_json1_0CreateEnvironmentInput = (input: CreateEnvironmentInput, context: __SerdeContext): any => { return { + ...(input.codebuildRoleArn != null && { codebuildRoleArn: input.codebuildRoleArn }), ...(input.componentRoleArn != null && { componentRoleArn: input.componentRoleArn }), ...(input.description != null && { description: input.description }), ...(input.environmentAccountConnectionId != null && { @@ -6393,6 +6395,7 @@ const serializeAws_json1_0UpdateAccountSettingsInput = ( ...(input.deletePipelineProvisioningRepository != null && { deletePipelineProvisioningRepository: input.deletePipelineProvisioningRepository, }), + ...(input.pipelineCodebuildRoleArn != null && { pipelineCodebuildRoleArn: input.pipelineCodebuildRoleArn }), ...(input.pipelineProvisioningRepository != null && { pipelineProvisioningRepository: serializeAws_json1_0RepositoryBranchInput( input.pipelineProvisioningRepository, @@ -6420,6 +6423,7 @@ const serializeAws_json1_0UpdateEnvironmentAccountConnectionInput = ( context: __SerdeContext ): any => { return { + ...(input.codebuildRoleArn != null && { codebuildRoleArn: input.codebuildRoleArn }), ...(input.componentRoleArn != null && { componentRoleArn: input.componentRoleArn }), ...(input.id != null && { id: input.id }), ...(input.roleArn != null && { roleArn: input.roleArn }), @@ -6428,6 +6432,7 @@ const serializeAws_json1_0UpdateEnvironmentAccountConnectionInput = ( const serializeAws_json1_0UpdateEnvironmentInput = (input: UpdateEnvironmentInput, context: __SerdeContext): any => { return { + ...(input.codebuildRoleArn != null && { codebuildRoleArn: input.codebuildRoleArn }), ...(input.componentRoleArn != null && { componentRoleArn: input.componentRoleArn }), ...(input.deploymentType != null && { deploymentType: input.deploymentType }), ...(input.description != null && { description: input.description }), @@ -6574,6 +6579,7 @@ const deserializeAws_json1_0AccessDeniedException = (output: any, context: __Ser const deserializeAws_json1_0AccountSettings = (output: any, context: __SerdeContext): AccountSettings => { return { + pipelineCodebuildRoleArn: __expectString(output.pipelineCodebuildRoleArn), pipelineProvisioningRepository: output.pipelineProvisioningRepository != null ? deserializeAws_json1_0RepositoryBranch(output.pipelineProvisioningRepository, context) @@ -6922,6 +6928,7 @@ const deserializeAws_json1_0DeleteTemplateSyncConfigOutput = ( const deserializeAws_json1_0Environment = (output: any, context: __SerdeContext): Environment => { return { arn: __expectString(output.arn), + codebuildRoleArn: __expectString(output.codebuildRoleArn), componentRoleArn: __expectString(output.componentRoleArn), createdAt: output.createdAt != null ? __expectNonNull(__parseEpochTimestamp(__expectNumber(output.createdAt))) : undefined, @@ -6958,6 +6965,7 @@ const deserializeAws_json1_0EnvironmentAccountConnection = ( ): EnvironmentAccountConnection => { return { arn: __expectString(output.arn), + codebuildRoleArn: __expectString(output.codebuildRoleArn), componentRoleArn: __expectString(output.componentRoleArn), environmentAccountId: __expectString(output.environmentAccountId), environmentName: __expectString(output.environmentName),