This is the Certificate Manager Private Certificate Authority (PCA) API Reference. It provides descriptions,\n\t\t\tsyntax, and usage examples for each of the actions and data types involved in creating\n\t\t\tand managing a private certificate authority (CA) for your organization.
\n\t\tThe documentation for each action shows the API request parameters and the JSON\n\t\t\tresponse. Alternatively, you can use one of the Amazon Web Services SDKs to access an API that is\n\t\t\ttailored to the programming language or platform that you prefer. For more information,\n\t\t\tsee Amazon Web Services SDKs.
\n\t\tEach ACM Private CA API operation has a quota that determines the number of times the\n\t\t\toperation can be called per second. ACM Private CA throttles API requests at different rates\n\t\t\tdepending on the operation. Throttling means that ACM Private CA rejects an otherwise valid\n\t\t\trequest because the request exceeds the operation's quota for the number of requests per\n\t\t\tsecond. When a request is throttled, ACM Private CA returns a ThrottlingException error. ACM Private CA does not guarantee a minimum request\n\t\t\trate for APIs.
\n\n\t\tTo see an up-to-date list of your ACM Private CA quotas, or to request a quota increase,\n\t\t\tlog into your Amazon Web Services account and visit the Service Quotas\n\t\t\tconsole.
", + "smithy.api#documentation": "This is the Certificate Manager Private Certificate Authority (PCA) API Reference. It provides descriptions,\n\t\t\tsyntax, and usage examples for each of the actions and data types involved in creating\n\t\t\tand managing a private certificate authority (CA) for your organization.
\n\t\tThe documentation for each action shows the API request parameters and the JSON\n\t\t\tresponse. Alternatively, you can use one of the Amazon Web Services SDKs to access an API that is\n\t\t\ttailored to the programming language or platform that you prefer. For more information,\n\t\t\tsee Amazon Web Services SDKs.
\n\t\tEach ACM Private CA API operation has a quota that determines the number of times the\n\t\t\toperation can be called per second. ACM Private CA throttles API requests at different rates\n\t\t\tdepending on the operation. Throttling means that ACM Private CA rejects an otherwise valid\n\t\t\trequest because the request exceeds the operation's quota for the number of requests per\n\t\t\tsecond. When a request is throttled, ACM Private CA returns a ThrottlingException error. ACM Private CA does not guarantee a minimum request\n\t\t\trate for APIs.
\n\t\tTo see an up-to-date list of your ACM Private CA quotas, or to request a quota increase,\n\t\t\tlog into your Amazon Web Services account and visit the Service Quotas\n\t\t\tconsole.
", "smithy.api#title": "AWS Certificate Manager Private Certificate Authority" }, "version": "2017-08-22", @@ -219,7 +219,7 @@ "CustomAttributes": { "target": "com.amazonaws.acmpca#CustomAttributeList", "traits": { - "smithy.api#documentation": "\n\t\tContains a sequence of one or more X.500 relative distinguished\n\t\t\tnames\n\t\t\t(RDNs),\n\t\t\teach of which consists of an object identifier (OID) and\n\t\t\ta\n\t\t\tvalue. For more information, see NIST’s definition of \n\t\t\tObject\n\t\t\t\tIdentifier\n\t\t\t\t(OID).
\n\t\t\n\t\tCustom attributes cannot be used in combination with standard attributes.
\n\t\tContains a sequence of one or more X.500 relative distinguished names (RDNs), each of\n\t\t\twhich consists of an object identifier (OID) and a value. For more information, see\n\t\t\tNIST’s definition of Object Identifier (OID).
\n\t\tCustom attributes cannot be used in combination with standard attributes.
\n\t\tSpecifies a\n\t\t\tcryptographic key management compliance standard used for handling CA keys.
\n\t\tDefault: FIPS_140_2_LEVEL_3_OR_HIGHER
\n\t\tNote: FIPS_140_2_LEVEL_3_OR_HIGHER is not supported in Region\n\t\t\tap-northeast-3. When creating a CA in the ap-northeast-3, you must provide\n\t\t\t\tFIPS_140_2_LEVEL_2_OR_HIGHER as the argument for\n\t\t\t\tKeyStorageSecurityStandard. Failure to do this results in an\n\t\t\t\tInvalidArgsException with the message, \"A certificate authority cannot\n\t\t\tbe created in this region with the specified security standard.\"
Specifies a cryptographic key management compliance standard used for handling CA\n\t\t\tkeys.
\n\t\tDefault: FIPS_140_2_LEVEL_3_OR_HIGHER
\n\t\t\n Note:\n\t\t\t FIPS_140_2_LEVEL_3_OR_HIGHER is not supported in the following\n\t\t\tRegions:
ap-northeast-3
\n\t\t\tap-southeast-3
\n\t\t\tWhen creating a CA in these Regions, you must provide\n\t\t\t\tFIPS_140_2_LEVEL_2_OR_HIGHER as the argument for\n\t\t\t\tKeyStorageSecurityStandard. Failure to do this results in an\n\t\t\t\tInvalidArgsException with the message, \"A certificate authority cannot\n\t\t\tbe created in this region with the specified security standard.\"
Contains configuration information for a certificate revocation list (CRL). Your\n\t\t\tprivate certificate authority (CA) creates base CRLs. Delta CRLs are not supported. You\n\t\t\tcan enable CRLs for your new or an existing private CA by setting the Enabled parameter to true. Your private CA\n\t\t\twrites CRLs to an S3 bucket that you specify in the S3BucketName parameter. You can hide the name of your bucket by\n\t\t\tspecifying a value for the CustomCname parameter. Your\n\t\t\tprivate CA copies the CNAME or the S3 bucket name to the CRL\n\t\t\t\tDistribution Points extension of each certificate it issues. Your S3\n\t\t\tbucket policy must give write permission to ACM Private CA.
ACM Private CA assets that are stored in Amazon S3 can be protected with encryption. \n For more information, see Encrypting Your\n\t\t\tCRLs.
\n\t\tYour private CA uses the value in the ExpirationInDays parameter to calculate the nextUpdate field in the CRL. The CRL is refreshed prior to a\n\t\t\tcertificate's expiration date or when a certificate is revoked. When a certificate is\n\t\t\trevoked, it appears in the CRL until the certificate expires, and then in one additional\n\t\t\tCRL after expiration, and it always appears in the audit report.
\n\n\t\tA CRL is typically updated approximately 30 minutes after a certificate \n\tis revoked. If for any reason a CRL update fails, ACM Private CA makes further attempts \n\tevery 15 minutes.
\n\n\t\tCRLs contain the following fields:
\n\t\t\n Version: The current version number defined\n\t\t\t\t\tin RFC 5280 is V2. The integer value is 0x1.
\n\t\t\t\n Signature Algorithm: The name of the\n\t\t\t\t\talgorithm used to sign the CRL.
\n\t\t\t\n Issuer: The X.500 distinguished name of your\n\t\t\t\t\tprivate CA that issued the CRL.
\n\t\t\t\n Last Update: The issue date and time of this\n\t\t\t\t\tCRL.
\n\t\t\t\n Next Update: The day and time by which the\n\t\t\t\t\tnext CRL will be issued.
\n\t\t\t\n Revoked Certificates: List of revoked\n\t\t\t\t\tcertificates. Each list item contains the following information.
\n\t\t\t\t\n Serial Number: The serial number, in\n\t\t\t\t\t\t\thexadecimal format, of the revoked certificate.
\n\t\t\t\t\t\n Revocation Date: Date and time the\n\t\t\t\t\t\t\tcertificate was revoked.
\n\t\t\t\t\t\n CRL Entry Extensions: Optional\n\t\t\t\t\t\t\textensions for the CRL entry.
\n\t\t\t\t\t\t\n X509v3 CRL Reason Code:\n\t\t\t\t\t\t\t\t\tReason the certificate was revoked.
\n\t\t\t\t\t\t\t\n CRL Extensions: Optional extensions for the\n\t\t\t\t\tCRL.
\n\t\t\t\t\n X509v3 Authority Key Identifier:\n\t\t\t\t\t\t\tIdentifies the public key associated with the private key used to sign\n\t\t\t\t\t\t\tthe certificate.
\n\t\t\t\t\t\n X509v3 CRL Number:: Decimal sequence\n\t\t\t\t\t\t\tnumber for the CRL.
\n\t\t\t\t\t\n Signature Algorithm: Algorithm used by your\n\t\t\t\t\tprivate CA to sign the CRL.
\n\t\t\t\n Signature Value: Signature computed over the\n\t\t\t\t\tCRL.
\n\t\t\tCertificate revocation lists created by ACM Private CA are DER-encoded. You can use the\n\t\t\tfollowing OpenSSL command to list a CRL.
\n\t\t\n openssl crl -inform DER -text -in crl_path\n\t\t\t-noout\n
For more information, see Planning a certificate revocation list\n\t\t\t\t(CRL) in the Certificate Manager Private Certificate Authority (PCA) User Guide\n
" + "smithy.api#documentation": "Contains configuration information for a certificate revocation list (CRL). Your\n\t\t\tprivate certificate authority (CA) creates base CRLs. Delta CRLs are not supported. You\n\t\t\tcan enable CRLs for your new or an existing private CA by setting the Enabled parameter to true. Your private CA\n\t\t\twrites CRLs to an S3 bucket that you specify in the S3BucketName parameter. You can hide the name of your bucket by\n\t\t\tspecifying a value for the CustomCname parameter. Your\n\t\t\tprivate CA copies the CNAME or the S3 bucket name to the CRL\n\t\t\t\tDistribution Points extension of each certificate it issues. Your S3\n\t\t\tbucket policy must give write permission to ACM Private CA.
ACM Private CA assets that are stored in Amazon S3 can be protected with encryption. \n For more information, see Encrypting Your\n\t\t\tCRLs.
\n\t\tYour private CA uses the value in the ExpirationInDays parameter to calculate the nextUpdate field in the CRL. The CRL is refreshed prior to a\n\t\t\tcertificate's expiration date or when a certificate is revoked. When a certificate is\n\t\t\trevoked, it appears in the CRL until the certificate expires, and then in one additional\n\t\t\tCRL after expiration, and it always appears in the audit report.
\n\t\tA CRL is typically updated approximately 30 minutes after a certificate \n\tis revoked. If for any reason a CRL update fails, ACM Private CA makes further attempts \n\tevery 15 minutes.
\n\t\tCRLs contain the following fields:
\n\t\t\n Version: The current version number defined\n\t\t\t\t\tin RFC 5280 is V2. The integer value is 0x1.
\n\t\t\t\n Signature Algorithm: The name of the\n\t\t\t\t\talgorithm used to sign the CRL.
\n\t\t\t\n Issuer: The X.500 distinguished name of your\n\t\t\t\t\tprivate CA that issued the CRL.
\n\t\t\t\n Last Update: The issue date and time of this\n\t\t\t\t\tCRL.
\n\t\t\t\n Next Update: The day and time by which the\n\t\t\t\t\tnext CRL will be issued.
\n\t\t\t\n Revoked Certificates: List of revoked\n\t\t\t\t\tcertificates. Each list item contains the following information.
\n\t\t\t\t\n Serial Number: The serial number, in\n\t\t\t\t\t\t\thexadecimal format, of the revoked certificate.
\n\t\t\t\t\t\n Revocation Date: Date and time the\n\t\t\t\t\t\t\tcertificate was revoked.
\n\t\t\t\t\t\n CRL Entry Extensions: Optional\n\t\t\t\t\t\t\textensions for the CRL entry.
\n\t\t\t\t\t\t\n X509v3 CRL Reason Code:\n\t\t\t\t\t\t\t\t\tReason the certificate was revoked.
\n\t\t\t\t\t\t\t\n CRL Extensions: Optional extensions for the\n\t\t\t\t\tCRL.
\n\t\t\t\t\n X509v3 Authority Key Identifier:\n\t\t\t\t\t\t\tIdentifies the public key associated with the private key used to sign\n\t\t\t\t\t\t\tthe certificate.
\n\t\t\t\t\t\n X509v3 CRL Number:: Decimal sequence\n\t\t\t\t\t\t\tnumber for the CRL.
\n\t\t\t\t\t\n Signature Algorithm: Algorithm used by your\n\t\t\t\t\tprivate CA to sign the CRL.
\n\t\t\t\n Signature Value: Signature computed over the\n\t\t\t\t\tCRL.
\n\t\t\tCertificate revocation lists created by ACM Private CA are DER-encoded. You can use the\n\t\t\tfollowing OpenSSL command to list a CRL.
\n\t\t\n openssl crl -inform DER -text -in crl_path\n\t\t\t-noout\n
For more information, see Planning a certificate revocation list\n\t\t\t\t(CRL) in the Certificate Manager Private Certificate Authority (PCA) User Guide\n
" } }, "com.amazonaws.acmpca#CsrBlob": { @@ -979,14 +982,14 @@ "ObjectIdentifier": { "target": "com.amazonaws.acmpca#CustomObjectIdentifier", "traits": { - "smithy.api#documentation": "Specifies the object identifier (OID) of the attribute type of\n\t\t\tthe\n\t\t\trelative distinguished name\n\t\t\t(RDN).
", + "smithy.api#documentation": "Specifies the object identifier (OID) of the attribute type of the relative\n\t\t\tdistinguished name (RDN).
", "smithy.api#required": {} } }, "Value": { "target": "com.amazonaws.acmpca#String1To256", "traits": { - "smithy.api#documentation": "\n\t\tSpecifies the attribute value of relative distinguished name\n\t\t\t(RDN).
", + "smithy.api#documentation": "\n\t\tSpecifies the attribute value of relative distinguished name (RDN).
", "smithy.api#required": {} } } @@ -1013,14 +1016,14 @@ "ObjectIdentifier": { "target": "com.amazonaws.acmpca#CustomObjectIdentifier", "traits": { - "smithy.api#documentation": "\n\t\tSpecifies the object identifier (OID) of the X.509 extension. For more information,\n\t\t\tsee the\n\t\t\t\tGlobal OID reference\n\t\t\t\tdatabase.\n\t\t
", + "smithy.api#documentation": "\n\t\tSpecifies the object identifier (OID) of the X.509 extension. For more information, see the\n\t\t\t\tGlobal OID reference database.\n\t\t
", "smithy.api#required": {} } }, "Value": { "target": "com.amazonaws.acmpca#Base64String1To4096", "traits": { - "smithy.api#documentation": "\n\t\tSpecifies the base64-encoded value of the X.509\n\t\t\textension.
", + "smithy.api#documentation": "\n\t\tSpecifies the base64-encoded value of the X.509 extension.
", "smithy.api#required": {} } }, @@ -1028,12 +1031,12 @@ "target": "com.amazonaws.acmpca#Boolean", "traits": { "smithy.api#box": {}, - "smithy.api#documentation": "\n\t\tSpecifies the critical flag of\n\t\t\tthe\n\t\t\tX.509\n\t\t\textension.
" + "smithy.api#documentation": "\n\t\tSpecifies the critical flag of the X.509 extension.
" } } }, "traits": { - "smithy.api#documentation": "\n\t\tSpecifies the X.509 extension information for a\n\t\t\tcertificate.
\n\t\tExtensions present in CustomExtensions follow the\n\t\t\t\tApiPassthrough\n\t\t\t template\n\t\t\t\trules.
Specifies the X.509 extension information for a certificate.
\n\t\tExtensions present in CustomExtensions follow the\n\t\t\t\tApiPassthrough\n\t\t\t template\n\t\t\t\trules.
Contains a sequence of one or more X.509 extensions, each of which consists of an\n\t\t\tobject identifier (OID), a base64-encoded\n\t\t\tvalue,\n\t\t\tand the\n\t\t\tcritical flag.\n\t\t\tFor\n\t\t\tmore information, see the Global OID reference\n\t\t\t\tdatabase.\n
\n\t\t\n\t\tThe OID value of a CustomExtension must not\n\t\t\t\tmatch the OID of a predefined extension.
\n\t\tContains a sequence of one or more X.509 extensions, each of which consists of an\n\t\t\tobject identifier (OID), a base64-encoded value, and the critical flag. For more\n\t\t\tinformation, see the Global OID reference\n\t\t\t\tdatabase.\n
" } } }, @@ -1818,6 +1830,9 @@ "input": { "target": "com.amazonaws.acmpca#ImportCertificateAuthorityCertificateRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.acmpca#CertificateMismatchException" @@ -2658,6 +2673,9 @@ "input": { "target": "com.amazonaws.acmpca#PutPolicyRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.acmpca#ConcurrentModificationException" @@ -2787,6 +2805,9 @@ "input": { "target": "com.amazonaws.acmpca#RestoreCertificateAuthorityRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.acmpca#InvalidArnException" @@ -2878,6 +2899,9 @@ "input": { "target": "com.amazonaws.acmpca#RevokeCertificateRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.acmpca#ConcurrentModificationException" @@ -3132,6 +3156,9 @@ "input": { "target": "com.amazonaws.acmpca#TagCertificateAuthorityRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.acmpca#InvalidArnException" @@ -3221,6 +3248,9 @@ "input": { "target": "com.amazonaws.acmpca#UntagCertificateAuthorityRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.acmpca#InvalidArnException" @@ -3263,6 +3293,9 @@ "input": { "target": "com.amazonaws.acmpca#UpdateCertificateAuthorityRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.acmpca#ConcurrentModificationException" diff --git a/codegen/sdk/aws-models/application-discovery-service.json b/codegen/sdk/aws-models/application-discovery-service.json index 8330690fddb..d2bcf98ab19 100644 --- a/codegen/sdk/aws-models/application-discovery-service.json +++ b/codegen/sdk/aws-models/application-discovery-service.json @@ -942,6 +942,53 @@ "smithy.api#documentation": "Inventory data for installed discovery agents.
" } }, + "com.amazonaws.applicationdiscoveryservice#CustomerAgentlessCollectorInfo": { + "type": "structure", + "members": { + "activeAgentlessCollectors": { + "target": "com.amazonaws.applicationdiscoveryservice#Integer", + "traits": { + "smithy.api#required": {} + } + }, + "healthyAgentlessCollectors": { + "target": "com.amazonaws.applicationdiscoveryservice#Integer", + "traits": { + "smithy.api#required": {} + } + }, + "denyListedAgentlessCollectors": { + "target": "com.amazonaws.applicationdiscoveryservice#Integer", + "traits": { + "smithy.api#required": {} + } + }, + "shutdownAgentlessCollectors": { + "target": "com.amazonaws.applicationdiscoveryservice#Integer", + "traits": { + "smithy.api#required": {} + } + }, + "unhealthyAgentlessCollectors": { + "target": "com.amazonaws.applicationdiscoveryservice#Integer", + "traits": { + "smithy.api#required": {} + } + }, + "totalAgentlessCollectors": { + "target": "com.amazonaws.applicationdiscoveryservice#Integer", + "traits": { + "smithy.api#required": {} + } + }, + "unknownAgentlessCollectors": { + "target": "com.amazonaws.applicationdiscoveryservice#Integer", + "traits": { + "smithy.api#required": {} + } + } + } + }, "com.amazonaws.applicationdiscoveryservice#CustomerConnectorInfo": { "type": "structure", "members": { @@ -1771,6 +1818,9 @@ }, "com.amazonaws.applicationdiscoveryservice#ExportConfigurations": { "type": "operation", + "input": { + "target": "smithy.api#Unit" + }, "output": { "target": "com.amazonaws.applicationdiscoveryservice#ExportConfigurationsResponse" }, @@ -2104,6 +2154,9 @@ "traits": { "smithy.api#documentation": "\n Details about Migration Evaluator collectors, including collector status and health.\n
" } + }, + "agentlessCollectorSummary": { + "target": "com.amazonaws.applicationdiscoveryservice#CustomerAgentlessCollectorInfo" } } }, @@ -2350,7 +2403,7 @@ "min": 1, "max": 4000 }, - "smithy.api#pattern": "^\\S+:\\/\\/\\S+\\/[\\s\\S]*\\S[\\s\\S]*$" + "smithy.api#pattern": "^\\S+://\\S+/[\\s\\S]*\\S[\\s\\S]*$" } }, "com.amazonaws.applicationdiscoveryservice#Integer": { diff --git a/codegen/sdk/aws-models/datasync.json b/codegen/sdk/aws-models/datasync.json index 9d75fffffdb..215827b4a40 100644 --- a/codegen/sdk/aws-models/datasync.json +++ b/codegen/sdk/aws-models/datasync.json @@ -430,7 +430,7 @@ "SecurityGroupArns": { "target": "com.amazonaws.datasync#Ec2SecurityGroupArnList", "traits": { - "smithy.api#documentation": "Specifies the security groups that DataSync can use to access your FSx for ONTAP file system. You must configure the security groups to allow outbound\n traffic on the following ports (depending on the protocol that you're using):
\n\n Network File System (NFS): TCP port 2049
\n\n Server Message Block (SMB): TCP port 445
\nYour file system's security groups must also allow inbound traffic on the same port.
", + "smithy.api#documentation": "Specifies the Amazon EC2 security groups that provide access to your file system's preferred subnet.
\nThe security groups must allow outbound traffic on the following ports (depending on the\n protocol you use):
\n\n Network File System (NFS): TCP ports 111, 635, and\n 2049
\n\n Server Message Block (SMB): TCP port 445
\nYour file system's security groups must also allow inbound traffic on the same\n ports.
", "smithy.api#required": {} } }, @@ -561,46 +561,46 @@ "Subdirectory": { "target": "com.amazonaws.datasync#FsxWindowsSubdirectory", "traits": { - "smithy.api#documentation": "A subdirectory in the location's path. This subdirectory in the Amazon FSx for Windows\n File Server file system is used to read data from the Amazon FSx for Windows File Server\n source location or write data to the FSx for Windows File Server destination.
" + "smithy.api#documentation": "Specifies a mount path for your file system using forward slashes. This is where DataSync reads or\n writes data (depending on if this is a source or destination location).
" } }, "FsxFilesystemArn": { "target": "com.amazonaws.datasync#FsxFilesystemArn", "traits": { - "smithy.api#documentation": "The Amazon Resource Name (ARN) for the FSx for Windows File Server file system.
", + "smithy.api#documentation": "Specifies the Amazon Resource Name (ARN) for the FSx for Windows File Server file\n system.
", "smithy.api#required": {} } }, "SecurityGroupArns": { "target": "com.amazonaws.datasync#Ec2SecurityGroupArnList", "traits": { - "smithy.api#documentation": "The ARNs of the security groups that are used to configure the\n FSx for Windows File Server file system.
", + "smithy.api#documentation": "Specifies the ARNs of the security groups that provide access to your file system's\n preferred subnet.
\nIf you choose a security group that doesn't allow connections from within\n itself, do one of the following:
\nConfigure the security group to allow it to communicate within\n itself.
\nChoose a different security group that can communicate with the\n mount target's security group.
\nThe key-value pair that represents a tag that you want to add to the resource. The\n value can be an empty string. This value helps you manage, filter, and search for your\n resources. We recommend that you create a name tag for your location.
" + "smithy.api#documentation": "Specifies labels that help you categorize, filter, and search for your Amazon Web Services resources. We\n recommend creating at least a name tag for your location.
" } }, "User": { "target": "com.amazonaws.datasync#SmbUser", "traits": { - "smithy.api#documentation": "The user who has the permissions to access files and folders in the FSx for Windows File\n Server file system.
\nFor information about choosing a user name that ensures sufficient permissions to files,\n folders, and metadata, see user.
", + "smithy.api#documentation": "Specifies the user who has the permissions to access files and folders in the file\n system.
\nFor information about choosing a user name that ensures sufficient permissions to files,\n folders, and metadata, see user.
", "smithy.api#required": {} } }, "Domain": { "target": "com.amazonaws.datasync#SmbDomain", "traits": { - "smithy.api#documentation": "The name of the Windows domain that the FSx for Windows File Server belongs to.
" + "smithy.api#documentation": "Specifies the name of the Windows domain that the FSx for Windows File Server belongs\n to.
" } }, "Password": { "target": "com.amazonaws.datasync#SmbPassword", "traits": { - "smithy.api#documentation": "The password of the user who has the permissions to access files and folders in the FSx\n for Windows File Server file system.
", + "smithy.api#documentation": "Specifies the password of the user who has the permissions to access files and folders in\n the file system.
", "smithy.api#required": {} } } @@ -612,7 +612,7 @@ "LocationArn": { "target": "com.amazonaws.datasync#LocationArn", "traits": { - "smithy.api#documentation": "The Amazon Resource Name (ARN) of the FSx for Windows File Server file system location\n you created.
" + "smithy.api#documentation": "The ARN of the FSx for Windows File Server file system location you created.
" } } } @@ -1099,7 +1099,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a task.
\nA task includes a source location and a destination location, and a configuration\n that specifies how data is transferred. A task always transfers data from the source \n location to the destination location. The configuration specifies options such as \n task scheduling, bandwidth limits, etc. A task is the complete definition of a data \n transfer.
\nWhen you create a task that transfers data between Amazon Web Services services in different Amazon Web Services Regions,\n one of the two locations that you specify must reside in the Region where DataSync is being\n used. The other location must be specified in a different Region.
\nYou can transfer data between commercial Amazon Web Services Regions except for China, or between \n Amazon Web Services GovCloud (US) Regions.
\n \nWhen you use DataSync to copy files or objects between Amazon Web Services Regions, \n you pay for data transfer between Regions. This is billed as data transfer OUT \n from your source Region to your destination Region. For more information, \n see Data Transfer pricing.\n
\nConfigures a task, which defines where and how DataSync transfers your\n data.
\nA task includes a source location, a destination location, and the preferences for how and\n when you want to transfer your data (such as bandwidth limits, scheduling, among other\n options).
\nWhen you create a task that transfers data between Amazon Web Services services in\n different Amazon Web Services Regions, one of your locations must reside in the Region where\n you're using DataSync.
\nFor more information, see the following topics:
\nSpecifies a user who has permission to access your SVM.
", + "smithy.api#documentation": "Specifies a user name that can mount the location and access the files, folders, and metadata that you need in the SVM.
\nIf you provide a user in your Active Directory, note the following:
\nIf you're using Directory Service for Microsoft Active Directory, the user\n must be a member of the Amazon Web Services Delegated\n FSx Administrators group.
\nIf you're using a self-managed Active Directory, the user must be a member of either\n the Domain Admins group or a custom group that you specified for file system\n administration when you created your file system.
\nMake sure that the user has the permissions it needs\n to copy the data you want:
\n\n SE_TCB_NAME: Required to\n set object ownership and file metadata. With this\n privilege, you also can copy NTFS discretionary\n access lists (DACLs).
\n SE_SECURITY_NAME: May be\n needed to copy NTFS system access control lists\n (SACLs). This operation specifically requires the\n Windows privilege, which is granted to members of\n the Domain Admins group. If\n you configure your task to copy SACLs, make sure\n that the user has the required privileges. For\n information about copying SACLs, see Ownership and permissions-related options.
Returns a list of all the tasks.
", + "smithy.api#documentation": "Returns a list of the DataSync tasks you created.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -3554,13 +3554,13 @@ "Operator": { "target": "com.amazonaws.datasync#Operator", "traits": { - "smithy.api#documentation": "The operator that is used to compare filter values (for example, Equals or \n Contains). For more about API filtering operators, see \n API filters for ListTasks and ListLocations.
The operator that is used to compare filter values (for example, Equals or \n Contains).
You can use API filters to narrow down the list of resources returned by ListLocations. \n For example, to retrieve all your Amazon S3 locations, you can use ListLocations with \n filter name LocationType S3 and Operator Equals.
Narrow down the list of resources returned by ListLocations. For example, to\n see all your Amazon S3 locations, create a filter using \"Name\":\n \"LocationType\", \"Operator\": \"Equals\", and \"Values\":\n \"S3\".
For more information, see \n filtering resources.
" } }, "com.amazonaws.datasync#LocationFilterName": { @@ -4678,13 +4678,13 @@ "Operator": { "target": "com.amazonaws.datasync#Operator", "traits": { - "smithy.api#documentation": "The operator that is used to compare filter values (for example, Equals or \n Contains). For more about API filtering operators, see\n API filters for ListTasks and ListLocations.
The operator that is used to compare filter values (for example, Equals or \n Contains).
You can use API filters to narrow down the list of resources returned by ListTasks.\n For example, to retrieve all tasks on a source location, you can use ListTasks\n with filter name LocationId and Operator Equals with the ARN for the \n location.
You can use API filters to narrow down the list of resources returned by ListTasks.\n For example, to retrieve all tasks on a source location, you can use ListTasks\n with filter name LocationId and Operator Equals with the ARN for the \n location.
For more information, see filtering DataSync resources.
" } }, "com.amazonaws.datasync#TaskFilterName": { diff --git a/codegen/sdk/aws-models/devops-guru.json b/codegen/sdk/aws-models/devops-guru.json index 5af98bd85ea..2b74ae0132a 100644 --- a/codegen/sdk/aws-models/devops-guru.json +++ b/codegen/sdk/aws-models/devops-guru.json @@ -181,6 +181,50 @@ "smithy.api#documentation": "Information about your account's integration with Amazon CodeGuru Profiler. This\n\t\t\treturns whether DevOps Guru is configured to consume recommendations generated from Amazon\n\t\t\tCodeGuru Profiler.
" } }, + "com.amazonaws.devopsguru#AnomalousLogGroup": { + "type": "structure", + "members": { + "LogGroupName": { + "target": "com.amazonaws.devopsguru#LogGroupName", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe name of the CloudWatch log group.\n\t\t
" + } + }, + "ImpactStartTime": { + "target": "com.amazonaws.devopsguru#Timestamp", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe time the anomalous log events began. The impact start time indicates the time of the first log anomaly event that occurs.\n\t\t
" + } + }, + "ImpactEndTime": { + "target": "com.amazonaws.devopsguru#Timestamp", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe time the anomalous log events stopped.\n\t\t
" + } + }, + "NumberOfLogLinesScanned": { + "target": "com.amazonaws.devopsguru#NumberOfLogLinesScanned", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe number of log lines that were scanned for anomalous log events.\n\t\t
" + } + }, + "LogAnomalyShowcases": { + "target": "com.amazonaws.devopsguru#LogAnomalyShowcases", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe log anomalies in the log group. Each log anomaly displayed represents a cluster of similar anomalous log events.\n\t\t
" + } + } + }, + "traits": { + "smithy.api#documentation": "\n\t\t\tAn Amazon CloudWatch log group that contains log anomalies and is used to generate an insight.\n\t\t
" + } + }, + "com.amazonaws.devopsguru#AnomalousLogGroups": { + "type": "list", + "member": { + "target": "com.amazonaws.devopsguru#AnomalousLogGroup" + } + }, "com.amazonaws.devopsguru#AnomalyDescription": { "type": "string" }, @@ -462,12 +506,18 @@ { "target": "com.amazonaws.devopsguru#ListAnomaliesForInsight" }, + { + "target": "com.amazonaws.devopsguru#ListAnomalousLogGroups" + }, { "target": "com.amazonaws.devopsguru#ListEvents" }, { "target": "com.amazonaws.devopsguru#ListInsights" }, + { + "target": "com.amazonaws.devopsguru#ListMonitoredResources" + }, { "target": "com.amazonaws.devopsguru#ListNotificationChannels" }, @@ -699,7 +749,7 @@ } }, "traits": { - "smithy.api#documentation": "The dimension of am Amazon CloudWatch metric that is used when DevOps Guru analyzes the resources in\n\t\t\tyour account for operational problems and anomalous behavior. A dimension is a\n\t\t\tname/value pair that is part of the identity of a metric. A metric can have up to 10\n\t\t\tdimensions. For more information, see Dimensions in the Amazon CloudWatch User Guide.
" + "smithy.api#documentation": "The dimension of an Amazon CloudWatch metric that is used when DevOps Guru analyzes the resources in\n\t\t\tyour account for operational problems and anomalous behavior. A dimension is a\n\t\t\tname/value pair that is part of the identity of a metric. A metric can have up to 10\n\t\t\tdimensions. For more information, see Dimensions in the Amazon CloudWatch User Guide.
" } }, "com.amazonaws.devopsguru#CloudWatchMetricsDimensionName": { @@ -1699,6 +1749,9 @@ { "target": "com.amazonaws.devopsguru#InternalServerException" }, + { + "target": "com.amazonaws.devopsguru#ResourceNotFoundException" + }, { "target": "com.amazonaws.devopsguru#ThrottlingException" }, @@ -1995,6 +2048,15 @@ "target": "com.amazonaws.devopsguru#Event" } }, + "com.amazonaws.devopsguru#Explanation": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 2048 + } + } + }, "com.amazonaws.devopsguru#GetCostEstimation": { "type": "operation", "input": { @@ -2483,6 +2545,104 @@ } } }, + "com.amazonaws.devopsguru#ListAnomalousLogGroups": { + "type": "operation", + "input": { + "target": "com.amazonaws.devopsguru#ListAnomalousLogGroupsRequest" + }, + "output": { + "target": "com.amazonaws.devopsguru#ListAnomalousLogGroupsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.devopsguru#AccessDeniedException" + }, + { + "target": "com.amazonaws.devopsguru#InternalServerException" + }, + { + "target": "com.amazonaws.devopsguru#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.devopsguru#ThrottlingException" + }, + { + "target": "com.amazonaws.devopsguru#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "\n\t\t\tReturns the list of log groups that contain log anomalies. \n\t\t
", + "smithy.api#http": { + "method": "POST", + "uri": "/list-log-anomalies", + "code": 200 + }, + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "pageSize": "MaxResults" + } + } + }, + "com.amazonaws.devopsguru#ListAnomalousLogGroupsMaxResults": { + "type": "integer", + "traits": { + "smithy.api#box": {}, + "smithy.api#range": { + "min": 1, + "max": 200 + } + } + }, + "com.amazonaws.devopsguru#ListAnomalousLogGroupsRequest": { + "type": "structure", + "members": { + "InsightId": { + "target": "com.amazonaws.devopsguru#InsightId", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe ID of the insight containing the log groups.\n\t\t
", + "smithy.api#required": {} + } + }, + "MaxResults": { + "target": "com.amazonaws.devopsguru#ListAnomalousLogGroupsMaxResults", + "traits": { + "smithy.api#documentation": "The maximum number of results to return with a single call.\n\tTo retrieve the remaining results, make another call with the returned nextToken value.
The pagination token to use to retrieve \n the next page of results for this operation. If this value is null, it retrieves the first page.
" + } + } + } + }, + "com.amazonaws.devopsguru#ListAnomalousLogGroupsResponse": { + "type": "structure", + "members": { + "InsightId": { + "target": "com.amazonaws.devopsguru#InsightId", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe ID of the insight containing the log groups.\n\t\t
", + "smithy.api#required": {} + } + }, + "AnomalousLogGroups": { + "target": "com.amazonaws.devopsguru#AnomalousLogGroups", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe list of Amazon CloudWatch log groups that are related to an insight.\n\t\t
", + "smithy.api#required": {} + } + }, + "NextToken": { + "target": "com.amazonaws.devopsguru#UuidNextToken", + "traits": { + "smithy.api#documentation": "The pagination token to use to retrieve \n the next page of results for this operation. If there are no more pages, this value is null.
" + } + } + } + }, "com.amazonaws.devopsguru#ListEvents": { "type": "operation", "input": { @@ -2824,6 +2984,116 @@ "smithy.api#documentation": " A filter used by ListInsights to specify which insights to return.\n\t\t
\n\t\t\tReturns the list of all log groups that are being monitored and tagged by DevOps Guru.\n\t\t
", + "smithy.api#http": { + "method": "POST", + "uri": "/monitoredResources", + "code": 200 + }, + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "pageSize": "MaxResults" + } + } + }, + "com.amazonaws.devopsguru#ListMonitoredResourcesFilters": { + "type": "structure", + "members": { + "ResourcePermission": { + "target": "com.amazonaws.devopsguru#ResourcePermission", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe permission status of a resource.\n\t\t
", + "smithy.api#required": {} + } + }, + "ResourceTypeFilters": { + "target": "com.amazonaws.devopsguru#ResourceTypeFilters", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe type of resource that you wish to retrieve, such as log groups. \n\t\t
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "\n\t\t\tFilters to determine which monitored resources you want to retrieve. You can filter by resource type or resource permission status.\n\t\t
" + } + }, + "com.amazonaws.devopsguru#ListMonitoredResourcesMaxResults": { + "type": "integer", + "traits": { + "smithy.api#box": {}, + "smithy.api#range": { + "min": 1, + "max": 50 + } + } + }, + "com.amazonaws.devopsguru#ListMonitoredResourcesRequest": { + "type": "structure", + "members": { + "Filters": { + "target": "com.amazonaws.devopsguru#ListMonitoredResourcesFilters", + "traits": { + "smithy.api#documentation": "\n\t\t\tFilters to determine which monitored resources you want to retrieve. You can filter by resource type or resource permission status.\n\t\t
", + "smithy.api#required": {} + } + }, + "MaxResults": { + "target": "com.amazonaws.devopsguru#ListMonitoredResourcesMaxResults", + "traits": { + "smithy.api#documentation": "The maximum number of results to return with a single call.\n\tTo retrieve the remaining results, make another call with the returned nextToken value.
The pagination token to use to retrieve \n the next page of results for this operation. If this value is null, it retrieves the first page.
" + } + } + } + }, + "com.amazonaws.devopsguru#ListMonitoredResourcesResponse": { + "type": "structure", + "members": { + "MonitoredResourceIdentifiers": { + "target": "com.amazonaws.devopsguru#MonitoredResourceIdentifiers", + "traits": { + "smithy.api#documentation": "\n\t\t\tInformation about the resource that is being monitored, including the name of the resource, the type of resource, and whether or not permission is given to DevOps Guru to access that resource.\n\t\t
", + "smithy.api#required": {} + } + }, + "NextToken": { + "target": "com.amazonaws.devopsguru#UuidNextToken", + "traits": { + "smithy.api#documentation": "The pagination token to use to retrieve \n the next page of results for this operation. If there are no more pages, this value is null.
" + } + } + } + }, "com.amazonaws.devopsguru#ListNotificationChannels": { "type": "operation", "input": { @@ -3119,6 +3389,197 @@ ] } }, + "com.amazonaws.devopsguru#LogAnomalyClass": { + "type": "structure", + "members": { + "LogStreamName": { + "target": "com.amazonaws.devopsguru#LogStreamName", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe name of the Amazon CloudWatch log stream that the anomalous log event belongs to. A log stream is a sequence of log events that share the same source.\n\t\t
" + } + }, + "LogAnomalyType": { + "target": "com.amazonaws.devopsguru#LogAnomalyType", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe type of log anomaly that has been detected. \n\t\t
" + } + }, + "LogAnomalyToken": { + "target": "com.amazonaws.devopsguru#LogAnomalyToken", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe token where the anomaly was detected. This may refer to an exception or another location, or it may be blank for log anomalies such as format anomalies.\n\t\t
" + } + }, + "LogEventId": { + "target": "com.amazonaws.devopsguru#LogEventId", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe ID of the log event.\n\t\t
" + } + }, + "Explanation": { + "target": "com.amazonaws.devopsguru#Explanation", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe explanation for why the log event is considered an anomaly.\n\t\t
" + } + }, + "NumberOfLogLinesOccurrences": { + "target": "com.amazonaws.devopsguru#NumberOfLogLinesOccurrences", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe number of log lines where this anomalous log event occurs.\n\t\t
" + } + }, + "LogEventTimestamp": { + "target": "com.amazonaws.devopsguru#Timestamp", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe time of the first occurrence of the anomalous log event.\n\t\t
" + } + } + }, + "traits": { + "smithy.api#documentation": "\n\t\t\tInformation about an anomalous log event found within a log group.\n\t\t
" + } + }, + "com.amazonaws.devopsguru#LogAnomalyClasses": { + "type": "list", + "member": { + "target": "com.amazonaws.devopsguru#LogAnomalyClass" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 10 + } + } + }, + "com.amazonaws.devopsguru#LogAnomalyShowcase": { + "type": "structure", + "members": { + "LogAnomalyClasses": { + "target": "com.amazonaws.devopsguru#LogAnomalyClasses", + "traits": { + "smithy.api#documentation": "\n\t\t\tA list of anomalous log events that may be related.\n\t\t
" + } + } + }, + "traits": { + "smithy.api#documentation": "\n\t\t\tA cluster of similar anomalous log events found within a log group.\n\t\t
" + } + }, + "com.amazonaws.devopsguru#LogAnomalyShowcases": { + "type": "list", + "member": { + "target": "com.amazonaws.devopsguru#LogAnomalyShowcase" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 20 + } + } + }, + "com.amazonaws.devopsguru#LogAnomalyToken": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 2048 + } + } + }, + "com.amazonaws.devopsguru#LogAnomalyType": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "KEYWORD", + "name": "KEYWORD" + }, + { + "value": "KEYWORD_TOKEN", + "name": "KEYWORD_TOKEN" + }, + { + "value": "FORMAT", + "name": "FORMAT" + }, + { + "value": "HTTP_CODE", + "name": "HTTP_CODE" + }, + { + "value": "BLOCK_FORMAT", + "name": "BLOCK_FORMAT" + }, + { + "value": "NUMERICAL_POINT", + "name": "NUMERICAL_POINT" + }, + { + "value": "NUMERICAL_NAN", + "name": "NUMERICAL_NAN" + }, + { + "value": "NEW_FIELD_NAME", + "name": "NEW_FIELD_NAME" + } + ] + } + }, + "com.amazonaws.devopsguru#LogEventId": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 512 + } + } + }, + "com.amazonaws.devopsguru#LogGroupName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 512 + } + } + }, + "com.amazonaws.devopsguru#LogStreamName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 512 + } + } + }, + "com.amazonaws.devopsguru#LogsAnomalyDetectionIntegration": { + "type": "structure", + "members": { + "OptInStatus": { + "target": "com.amazonaws.devopsguru#OptInStatus", + "traits": { + "smithy.api#documentation": "Specifies if DevOps Guru is configured to perform log anomaly detection on CloudWatch log groups.
" + } + } + }, + "traits": { + "smithy.api#documentation": "\n\t\t\tInformation about the integration of DevOps Guru with CloudWatch log groups for log anomaly detection.\n\t\t
" + } + }, + "com.amazonaws.devopsguru#LogsAnomalyDetectionIntegrationConfig": { + "type": "structure", + "members": { + "OptInStatus": { + "target": "com.amazonaws.devopsguru#OptInStatus", + "traits": { + "smithy.api#documentation": "Specifies if DevOps Guru is configured to perform log anomaly detection on CloudWatch log groups.
" + } + } + }, + "traits": { + "smithy.api#documentation": "\n\t\t\tInformation about the integration of DevOps Guru with CloudWatch log groups for log anomaly detection. You can use this to update the configuration.\n\t\t
" + } + }, "com.amazonaws.devopsguru#MeanTimeToRecoverInMilliseconds": { "type": "long", "traits": { @@ -3131,6 +3592,48 @@ "smithy.api#box": {} } }, + "com.amazonaws.devopsguru#MonitoredResourceIdentifier": { + "type": "structure", + "members": { + "MonitoredResourceName": { + "target": "com.amazonaws.devopsguru#MonitoredResourceName", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe name of the resource being monitored.\n\t\t
" + } + }, + "Type": { + "target": "com.amazonaws.devopsguru#ResourceType", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe type of resource being monitored.\n\t\t
" + } + }, + "ResourcePermission": { + "target": "com.amazonaws.devopsguru#ResourcePermission", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe permission status of a resource.\n\t\t
" + } + } + }, + "traits": { + "smithy.api#documentation": "\n\t\t\tInformation about the resource that is being monitored, including the name of the resource, the type of resource, and whether or not permission is given to DevOps Guru to access that resource.\n\t\t
" + } + }, + "com.amazonaws.devopsguru#MonitoredResourceIdentifiers": { + "type": "list", + "member": { + "target": "com.amazonaws.devopsguru#MonitoredResourceIdentifier" + } + }, + "com.amazonaws.devopsguru#MonitoredResourceName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 512 + }, + "smithy.api#pattern": "^[\\.\\-_\\/#A-Za-z0-9]+$" + } + }, "com.amazonaws.devopsguru#NotificationChannel": { "type": "structure", "members": { @@ -3191,6 +3694,12 @@ "com.amazonaws.devopsguru#NumReactiveInsights": { "type": "integer" }, + "com.amazonaws.devopsguru#NumberOfLogLinesOccurrences": { + "type": "integer" + }, + "com.amazonaws.devopsguru#NumberOfLogLinesScanned": { + "type": "integer" + }, "com.amazonaws.devopsguru#OpsCenterIntegration": { "type": "structure", "members": { @@ -3216,7 +3725,7 @@ } }, "traits": { - "smithy.api#documentation": "Information about whether DevOps Guru is configured to create an OpsItem in Amazon Web Services Systems Manager\n\t\t\tOpsCenter for each created insight.
" + "smithy.api#documentation": "Information about whether DevOps Guru is configured to create an OpsItem in Amazon Web Services Systems Manager\n\t\t\tOpsCenter for each created insight. You can use this to update the configuration.
" } }, "com.amazonaws.devopsguru#OptInStatus": { @@ -4709,6 +5218,21 @@ "smithy.api#httpError": 404 } }, + "com.amazonaws.devopsguru#ResourcePermission": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "FULL_PERMISSION", + "name": "FULL_PERMISSION" + }, + { + "value": "MISSING_PERMISSION", + "name": "MISSING_PERMISSION" + } + ] + } + }, "com.amazonaws.devopsguru#ResourceType": { "type": "string", "traits": { @@ -4719,6 +5243,23 @@ "smithy.api#pattern": "^[a-zA-Z]+[a-zA-Z0-9-_:]*$" } }, + "com.amazonaws.devopsguru#ResourceTypeFilter": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "LOG_GROUPS", + "name": "LOG_GROUPS" + } + ] + } + }, + "com.amazonaws.devopsguru#ResourceTypeFilters": { + "type": "list", + "member": { + "target": "com.amazonaws.devopsguru#ResourceTypeFilter" + } + }, "com.amazonaws.devopsguru#RetryAfterSeconds": { "type": "integer" }, @@ -5075,6 +5616,12 @@ "traits": { "smithy.api#documentation": "Information about whether DevOps Guru is configured to create an OpsItem in Amazon Web Services Systems Manager\n\t\t\tOpsCenter for each created insight.
" } + }, + "LogsAnomalyDetection": { + "target": "com.amazonaws.devopsguru#LogsAnomalyDetectionIntegration", + "traits": { + "smithy.api#documentation": "\n\t\t\tInformation about whether DevOps Guru is configured to perform log anomaly detection on Amazon CloudWatch log groups.\n\t\t
" + } } }, "traits": { @@ -5767,6 +6314,12 @@ "members": { "OpsCenter": { "target": "com.amazonaws.devopsguru#OpsCenterIntegrationConfig" + }, + "LogsAnomalyDetection": { + "target": "com.amazonaws.devopsguru#LogsAnomalyDetectionIntegrationConfig", + "traits": { + "smithy.api#documentation": "\n\t\t\tInformation about whether DevOps Guru is configured to perform log anomaly detection on Amazon CloudWatch log groups.\n\t\t
" + } } }, "traits": { diff --git a/codegen/sdk/aws-models/drs.json b/codegen/sdk/aws-models/drs.json index bcb66f85403..672fea30351 100644 --- a/codegen/sdk/aws-models/drs.json +++ b/codegen/sdk/aws-models/drs.json @@ -854,7 +854,7 @@ "recoveryInstanceID": { "target": "com.amazonaws.drs#RecoveryInstanceID", "traits": { - "smithy.api#documentation": "RThe ID of the Recovery Instance to be deleted.
", + "smithy.api#documentation": "The ID of the Recovery Instance to be deleted.
", "smithy.api#required": {} } } @@ -3960,6 +3960,10 @@ { "value": "ST1", "name": "ST1" + }, + { + "value": "AUTO", + "name": "AUTO" } ] } @@ -4011,6 +4015,12 @@ "traits": { "smithy.api#documentation": "The throughput to use for the EBS volume in MiB/s. This parameter is valid only for gp3 volumes.
" } + }, + "optimizedStagingDiskType": { + "target": "com.amazonaws.drs#ReplicationConfigurationReplicatedDiskStagingDiskType", + "traits": { + "smithy.api#documentation": "The Staging Disk EBS volume type to be used during replication when stagingDiskType is set to Auto. This is a read-only field.
Add an operating Region to an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only\n discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
\nFor more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide.\n
" + "smithy.api#documentation": "Add an operating Region to an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only\n discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
\nFor more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide.\n
" } }, "com.amazonaws.ec2#AddIpamOperatingRegionSet": { @@ -1397,7 +1397,7 @@ "target": "com.amazonaws.ec2#AllocateIpamPoolCidrResult" }, "traits": { - "smithy.api#documentation": "Allocate a CIDR from an IPAM pool. In IPAM, an allocation is a CIDR assignment from an IPAM pool to another resource or IPAM pool. For more information, see Allocate CIDRs in the Amazon VPC IPAM User Guide.\n
" + "smithy.api#documentation": "Allocate a CIDR from an IPAM pool. In IPAM, an allocation is a CIDR assignment from an IPAM pool to another resource or IPAM pool. For more information, see Allocate CIDRs in the Amazon VPC IPAM User Guide.\n
" } }, "com.amazonaws.ec2#AllocateIpamPoolCidrRequest": { @@ -4733,25 +4733,25 @@ "Ipv4IpamPoolId": { "target": "com.amazonaws.ec2#IpamPoolId", "traits": { - "smithy.api#documentation": "Associate a CIDR allocated from an IPv4 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see What is IPAM? in the Amazon VPC IPAM User Guide.
" + "smithy.api#documentation": "Associate a CIDR allocated from an IPv4 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see What is IPAM? in the Amazon VPC IPAM User Guide.
" } }, "Ipv4NetmaskLength": { "target": "com.amazonaws.ec2#NetmaskLength", "traits": { - "smithy.api#documentation": "The netmask length of the IPv4 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see What is IPAM? in the Amazon VPC IPAM User Guide.\n
" + "smithy.api#documentation": "The netmask length of the IPv4 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see What is IPAM? in the Amazon VPC IPAM User Guide.\n
" } }, "Ipv6IpamPoolId": { "target": "com.amazonaws.ec2#IpamPoolId", "traits": { - "smithy.api#documentation": "Associates a CIDR allocated from an IPv6 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see What is IPAM? in the Amazon VPC IPAM User Guide.
" + "smithy.api#documentation": "Associates a CIDR allocated from an IPv6 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see What is IPAM? in the Amazon VPC IPAM User Guide.
" } }, "Ipv6NetmaskLength": { "target": "com.amazonaws.ec2#NetmaskLength", "traits": { - "smithy.api#documentation": "The netmask length of the IPv6 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see What is IPAM? in the Amazon VPC IPAM User Guide.
" + "smithy.api#documentation": "The netmask length of the IPv6 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see What is IPAM? in the Amazon VPC IPAM User Guide.
" } } } @@ -11593,7 +11593,7 @@ "target": "com.amazonaws.ec2#CreateIpamResult" }, "traits": { - "smithy.api#documentation": "Create an IPAM. Amazon VPC IP Address Manager (IPAM) is a VPC feature that you can use\n to automate your IP address management workflows including assigning, tracking,\n troubleshooting, and auditing IP addresses across Amazon Web Services Regions and accounts\n throughout your Amazon Web Services Organization.
\nFor more information, see Create an IPAM in the Amazon VPC IPAM User Guide.\n
" + "smithy.api#documentation": "Create an IPAM. Amazon VPC IP Address Manager (IPAM) is a VPC feature that you can use\n to automate your IP address management workflows including assigning, tracking,\n troubleshooting, and auditing IP addresses across Amazon Web Services Regions and accounts\n throughout your Amazon Web Services Organization.
\nFor more information, see Create an IPAM in the Amazon VPC IPAM User Guide.\n
" } }, "com.amazonaws.ec2#CreateIpamPool": { @@ -11605,7 +11605,7 @@ "target": "com.amazonaws.ec2#CreateIpamPoolResult" }, "traits": { - "smithy.api#documentation": "Create an IP address pool for Amazon VPC IP Address Manager (IPAM). In IPAM, a pool is a collection of contiguous IP addresses CIDRs. Pools enable you to organize your IP addresses according to your routing and security needs. For example, if you have separate routing and security needs for development and production applications, you can create a pool for each.
\nFor more information, see Create a top-level pool in the Amazon VPC IPAM User Guide.\n
" + "smithy.api#documentation": "Create an IP address pool for Amazon VPC IP Address Manager (IPAM). In IPAM, a pool is a collection of contiguous IP addresses CIDRs. Pools enable you to organize your IP addresses according to your routing and security needs. For example, if you have separate routing and security needs for development and production applications, you can create a pool for each.
\nFor more information, see Create a top-level pool in the Amazon VPC IPAM User Guide.\n
" } }, "com.amazonaws.ec2#CreateIpamPoolRequest": { @@ -11739,7 +11739,7 @@ "OperatingRegions": { "target": "com.amazonaws.ec2#AddIpamOperatingRegionSet", "traits": { - "smithy.api#documentation": "The operating Regions for the IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only\n discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
\nFor more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide.\n
", + "smithy.api#documentation": "The operating Regions for the IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only\n discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
\nFor more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide.\n
", "smithy.api#xmlName": "OperatingRegion" } }, @@ -11781,7 +11781,7 @@ "target": "com.amazonaws.ec2#CreateIpamScopeResult" }, "traits": { - "smithy.api#documentation": "Create an IPAM scope. In IPAM, a scope is the highest-level container within IPAM. An IPAM contains two default scopes. Each scope represents the IP space for a single network. The private scope is intended for all private IP address space. The public scope is intended for all public IP address space. Scopes enable you to reuse IP addresses across multiple unconnected networks without causing IP address overlap or conflict.
\nFor more information, see Add a scope in the Amazon VPC IPAM User Guide.
" + "smithy.api#documentation": "Create an IPAM scope. In IPAM, a scope is the highest-level container within IPAM. An IPAM contains two default scopes. Each scope represents the IP space for a single network. The private scope is intended for all private IP address space. The public scope is intended for all public IP address space. Scopes enable you to reuse IP addresses across multiple unconnected networks without causing IP address overlap or conflict.
\nFor more information, see Add a scope in the Amazon VPC IPAM User Guide.
" } }, "com.amazonaws.ec2#CreateIpamScopeRequest": { @@ -11972,7 +11972,7 @@ "target": "com.amazonaws.ec2#CreateLaunchTemplateVersionResult" }, "traits": { - "smithy.api#documentation": "Creates a new version for a launch template. You can specify an existing version of\n launch template from which to base the new version.
\nLaunch template versions are numbered in the order in which they are created. You\n cannot specify, change, or replace the numbering of launch template versions.
\nLaunch templates are immutable; after you create a launch template, you can't modify it. \n Instead, you can create a new version of the launch template that includes any changes you require.
\nFor more information, see Modify a launch template (manage launch template versions)in the\n Amazon Elastic Compute Cloud User Guide.
" + "smithy.api#documentation": "Creates a new version of a launch template. You can specify an existing version of\n launch template from which to base the new version.
\nLaunch template versions are numbered in the order in which they are created. You\n cannot specify, change, or replace the numbering of launch template versions.
\nLaunch templates are immutable; after you create a launch template, you can't modify it. \n Instead, you can create a new version of the launch template that includes any changes you require.
\nFor more information, see Modify a launch template (manage launch template versions) in the\n Amazon Elastic Compute Cloud User Guide.
" } }, "com.amazonaws.ec2#CreateLaunchTemplateVersionRequest": { @@ -11993,13 +11993,13 @@ "LaunchTemplateId": { "target": "com.amazonaws.ec2#LaunchTemplateId", "traits": { - "smithy.api#documentation": "The ID of the launch template. You must specify either the launch template ID or\n launch template name in the request.
" + "smithy.api#documentation": "The ID of the launch template.
\nYou must specify either the LaunchTemplateId or the LaunchTemplateName, but not both.
The name of the launch template. You must specify either the launch template ID or\n launch template name in the request.
" + "smithy.api#documentation": "The name of the launch template.
\nYou must specify the LaunchTemplateName or the LaunchTemplateId, but not both.
Adds or overwrites only the specified tags for the specified Amazon EC2 resource or\n resources. When you specify an existing tag key, the value is overwritten with\n the new value. Each resource can have a maximum of 50 tags. Each tag consists of a key and\n optional value. Tag keys must be unique per resource.
\n \nFor more information about tags, see Tagging Your Resources in the\n Amazon Elastic Compute Cloud User Guide. For more information about\n creating IAM policies that control users' access to resources based on tags, see Supported\n Resource-Level Permissions for Amazon EC2 API Actions in the Amazon\n Elastic Compute Cloud User Guide.
" + "smithy.api#documentation": "Adds or overwrites only the specified tags for the specified Amazon EC2 resource or\n resources. When you specify an existing tag key, the value is overwritten with\n the new value. Each resource can have a maximum of 50 tags. Each tag consists of a key and\n optional value. Tag keys must be unique per resource.
\n \nFor more information about tags, see Tag your Amazon EC2 resources in the\n Amazon Elastic Compute Cloud User Guide. For more information about\n creating IAM policies that control users' access to resources based on tags, see Supported\n resource-level permissions for Amazon EC2 API actions in the Amazon\n Elastic Compute Cloud User Guide.
" } }, "com.amazonaws.ec2#CreateTagsRequest": { @@ -14503,7 +14503,7 @@ "target": "com.amazonaws.ec2#CreateTransitGatewayPeeringAttachmentResult" }, "traits": { - "smithy.api#documentation": "Requests a transit gateway peering attachment between the specified transit gateway\n (requester) and a peer transit gateway (accepter). The transit gateways must be in\n different Regions. The peer transit gateway can be in your account or a different \n Amazon Web Services account.
\nAfter you create the peering attachment, the owner of the accepter transit gateway \n must accept the attachment request.
" + "smithy.api#documentation": "Requests a transit gateway peering attachment between the specified transit gateway\n (requester) and a peer transit gateway (accepter). The peer transit gateway can be in \n your account or a different Amazon Web Services account.
\nAfter you create the peering attachment, the owner of the accepter transit gateway \n must accept the attachment request.
" } }, "com.amazonaws.ec2#CreateTransitGatewayPeeringAttachmentRequest": { @@ -14538,7 +14538,10 @@ } }, "Options": { - "target": "com.amazonaws.ec2#CreateTransitGatewayPeeringAttachmentRequestOptions" + "target": "com.amazonaws.ec2#CreateTransitGatewayPeeringAttachmentRequestOptions", + "traits": { + "smithy.api#documentation": "Requests a transit gateway peering attachment.
" + } }, "TagSpecifications": { "target": "com.amazonaws.ec2#TagSpecificationList", @@ -14559,8 +14562,14 @@ "type": "structure", "members": { "DynamicRouting": { - "target": "com.amazonaws.ec2#DynamicRoutingValue" + "target": "com.amazonaws.ec2#DynamicRoutingValue", + "traits": { + "smithy.api#documentation": "Indicates whether dynamic routing is enabled or disabled.
" + } } + }, + "traits": { + "smithy.api#documentation": "Describes whether dynamic routing is enabled or disabled for the transit gateway peering request.
" } }, "com.amazonaws.ec2#CreateTransitGatewayPeeringAttachmentResult": { @@ -15561,25 +15570,25 @@ "Ipv4IpamPoolId": { "target": "com.amazonaws.ec2#IpamPoolId", "traits": { - "smithy.api#documentation": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. For more information, see What is IPAM? in the Amazon VPC IPAM User Guide.\n \n
" + "smithy.api#documentation": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. For more information, see What is IPAM? in the Amazon VPC IPAM User Guide.\n \n
" } }, "Ipv4NetmaskLength": { "target": "com.amazonaws.ec2#NetmaskLength", "traits": { - "smithy.api#documentation": "The netmask length of the IPv4 CIDR you want to allocate to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see What is IPAM? in the Amazon VPC IPAM User Guide.
" + "smithy.api#documentation": "The netmask length of the IPv4 CIDR you want to allocate to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see What is IPAM? in the Amazon VPC IPAM User Guide.
" } }, "Ipv6IpamPoolId": { "target": "com.amazonaws.ec2#IpamPoolId", "traits": { - "smithy.api#documentation": "The ID of an IPv6 IPAM pool which will be used to allocate this VPC an IPv6 CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across Amazon Web Services Regions and accounts throughout your Amazon Web Services Organization. For more information, see What is IPAM? in the Amazon VPC IPAM User Guide.
" + "smithy.api#documentation": "The ID of an IPv6 IPAM pool which will be used to allocate this VPC an IPv6 CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across Amazon Web Services Regions and accounts throughout your Amazon Web Services Organization. For more information, see What is IPAM? in the Amazon VPC IPAM User Guide.
" } }, "Ipv6NetmaskLength": { "target": "com.amazonaws.ec2#NetmaskLength", "traits": { - "smithy.api#documentation": "The netmask length of the IPv6 CIDR you want to allocate to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see What is IPAM? in the Amazon VPC IPAM User Guide.
" + "smithy.api#documentation": "The netmask length of the IPv6 CIDR you want to allocate to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see What is IPAM? in the Amazon VPC IPAM User Guide.
" } }, "DryRun": { @@ -15822,13 +15831,13 @@ "target": "com.amazonaws.ec2#String", "traits": { "aws.protocols#ec2QueryName": "CpuCredits", - "smithy.api#documentation": "The credit option for CPU usage of a T2, T3, or T3a instance. Valid values are\n standard and unlimited.
The credit option for CPU usage of a T instance.
\nValid values: standard | unlimited\n
Describes the credit option for CPU usage of a T2, T3, or T3a instance.
" + "smithy.api#documentation": "Describes the credit option for CPU usage of a T instance.
" } }, "com.amazonaws.ec2#CreditSpecificationRequest": { @@ -15837,13 +15846,13 @@ "CpuCredits": { "target": "com.amazonaws.ec2#String", "traits": { - "smithy.api#documentation": "The credit option for CPU usage of a T2, T3, or T3a instance. Valid values are\n standard and unlimited.
The credit option for CPU usage of a T instance.
\nValid values: standard | unlimited\n
The credit option for CPU usage of a T2, T3, or T3a instance.
" + "smithy.api#documentation": "The credit option for CPU usage of a T instance.
" } }, "com.amazonaws.ec2#CurrencyCodeValues": { @@ -16678,7 +16687,7 @@ "target": "com.amazonaws.ec2#DeleteIpamResult" }, "traits": { - "smithy.api#documentation": "Delete an IPAM. Deleting an IPAM removes all monitored data associated with the IPAM including the historical data for CIDRs.
\nFor more information, see Delete an IPAM in the Amazon VPC IPAM User Guide.\n
" + "smithy.api#documentation": "Delete an IPAM. Deleting an IPAM removes all monitored data associated with the IPAM including the historical data for CIDRs.
\nFor more information, see Delete an IPAM in the Amazon VPC IPAM User Guide.\n
" } }, "com.amazonaws.ec2#DeleteIpamPool": { @@ -16690,7 +16699,7 @@ "target": "com.amazonaws.ec2#DeleteIpamPoolResult" }, "traits": { - "smithy.api#documentation": "Delete an IPAM pool.
\nYou cannot delete an IPAM pool if there are allocations in it or CIDRs provisioned to it. To release \n allocations, see ReleaseIpamPoolAllocation. To deprovision pool \n CIDRs, see DeprovisionIpamPoolCidr.
\nFor more information, see Delete a pool in the Amazon VPC IPAM User Guide.\n
" + "smithy.api#documentation": "Delete an IPAM pool.
\nYou cannot delete an IPAM pool if there are allocations in it or CIDRs provisioned to it. To release \n allocations, see ReleaseIpamPoolAllocation. To deprovision pool \n CIDRs, see DeprovisionIpamPoolCidr.
\nFor more information, see Delete a pool in the Amazon VPC IPAM User Guide.\n
" } }, "com.amazonaws.ec2#DeleteIpamPoolRequest": { @@ -16770,7 +16779,7 @@ "target": "com.amazonaws.ec2#DeleteIpamScopeResult" }, "traits": { - "smithy.api#documentation": "Delete the scope for an IPAM. You cannot delete the default scopes.
\nFor more information, see Delete a scope in the Amazon VPC IPAM User Guide.\n
" + "smithy.api#documentation": "Delete the scope for an IPAM. You cannot delete the default scopes.
\nFor more information, see Delete a scope in the Amazon VPC IPAM User Guide.\n
" } }, "com.amazonaws.ec2#DeleteIpamScopeRequest": { @@ -16865,13 +16874,13 @@ "LaunchTemplateId": { "target": "com.amazonaws.ec2#LaunchTemplateId", "traits": { - "smithy.api#documentation": "The ID of the launch template. You must specify either the launch template ID or\n launch template name in the request.
" + "smithy.api#documentation": "The ID of the launch template.
\nYou must specify either the LaunchTemplateId or the LaunchTemplateName, but not both.
The name of the launch template. You must specify either the launch template ID or\n launch template name in the request.
" + "smithy.api#documentation": "The name of the launch template.
\nYou must specify either the LaunchTemplateName or the LaunchTemplateId, but not both.
The ID of the launch template. You must specify either the launch template ID or\n launch template name in the request.
" + "smithy.api#documentation": "The ID of the launch template.
\nYou must specify either the LaunchTemplateId or the LaunchTemplateName, but not both.
The name of the launch template. You must specify either the launch template ID or\n launch template name in the request.
" + "smithy.api#documentation": "The name of the launch template.
\nYou must specify either the LaunchTemplateName or the LaunchTemplateId, but not both.
Deletes the specified set of tags from the specified set of resources.
\nTo list the current tags, use DescribeTags. For more information about tags, see \n Tagging Your Resources \n in the Amazon Elastic Compute Cloud User Guide.
" + "smithy.api#documentation": "Deletes the specified set of tags from the specified set of resources.
\nTo list the current tags, use DescribeTags. For more information about\n tags, see Tag\n your Amazon EC2 resources in the Amazon Elastic Compute Cloud User\n Guide.
" } }, "com.amazonaws.ec2#DeleteTagsRequest": { @@ -19128,7 +19137,7 @@ "target": "com.amazonaws.ec2#DeprovisionIpamPoolCidrResult" }, "traits": { - "smithy.api#documentation": "Deprovision a CIDR provisioned from an IPAM pool. If you deprovision a CIDR from a pool that has a source pool, the CIDR is recycled back into the source pool. For more information, see Deprovision pool CIDRs in the Amazon VPC IPAM User Guide.
" + "smithy.api#documentation": "Deprovision a CIDR provisioned from an IPAM pool. If you deprovision a CIDR from a pool that has a source pool, the CIDR is recycled back into the source pool. For more information, see Deprovision pool CIDRs in the Amazon VPC IPAM User Guide.
" } }, "com.amazonaws.ec2#DeprovisionIpamPoolCidrRequest": { @@ -24036,7 +24045,7 @@ "target": "com.amazonaws.ec2#DescribeIpamsResult" }, "traits": { - "smithy.api#documentation": "Get information about your IPAM pools.
\nFor more information, see What is IPAM? in the Amazon VPC IPAM User Guide.\n
", + "smithy.api#documentation": "Get information about your IPAM pools.
\nFor more information, see What is IPAM? in the Amazon VPC IPAM User Guide.\n
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -24300,19 +24309,19 @@ "LaunchTemplateId": { "target": "com.amazonaws.ec2#LaunchTemplateId", "traits": { - "smithy.api#documentation": "The ID of the launch template. To describe one or more versions of a specified launch\n template, you must specify either the launch template ID or the launch template name in\n the request. To describe all the latest or default launch template versions in your\n account, you must omit this parameter.
" + "smithy.api#documentation": "The ID of the launch template.
\nTo describe one or more versions of a specified launch\n template, you must specify either the LaunchTemplateId or the LaunchTemplateName, but not both.
To describe all the latest or default launch template versions in your\n account, you must omit this parameter.
" } }, "LaunchTemplateName": { "target": "com.amazonaws.ec2#LaunchTemplateName", "traits": { - "smithy.api#documentation": "The name of the launch template. To describe one or more versions of a specified\n launch template, you must specify either the launch template ID or the launch template\n name in the request. To describe all the latest or default launch template versions in\n your account, you must omit this parameter.
" + "smithy.api#documentation": "The name of the launch template.
\nTo describe one or more versions of a specified\n launch template, you must specify either the LaunchTemplateName or the LaunchTemplateId, but not both.
To describe all the latest or default launch template versions in\n your account, you must omit this parameter.
" } }, "Versions": { "target": "com.amazonaws.ec2#VersionStringList", "traits": { - "smithy.api#documentation": "One or more versions of the launch template. Valid values depend on whether you are\n describing a specified launch template (by ID or name) or all launch templates in your\n account.
\nTo describe one or more versions of a specified launch template, valid values are\n $Latest, $Default, and numbers.
To describe all launch templates in your account that are defined as the latest\n version, the valid value is $Latest. To describe all launch templates in\n your account that are defined as the default version, the valid value is\n $Default. You can specify $Latest and\n $Default in the same call. You cannot specify numbers.
One or more versions of the launch template. Valid values depend on whether you are\n describing a specified launch template (by ID or name) or all launch templates in your\n account.
\nTo describe one or more versions of a specified launch template, valid values are\n $Latest, $Default, and numbers.
To describe all launch templates in your account that are defined as the latest\n version, the valid value is $Latest. To describe all launch templates in\n your account that are defined as the default version, the valid value is\n $Default. You can specify $Latest and\n $Default in the same request. You cannot specify numbers.
One or more filters.
\n\n create-time - The time the launch template version was\n created.
\n ebs-optimized - A boolean that indicates whether the instance is\n optimized for Amazon EBS I/O.
\n http-endpoint - Indicates whether the HTTP metadata endpoint on\n your instances is enabled (enabled | disabled).
\n http-protocol-ipv4 - Indicates whether the IPv4 endpoint for the\n instance metadata service is enabled (enabled |\n disabled).
\n host-resource-group-arn - The ARN of the host resource group in\n which to launch the instances.
\n http-tokens - The state of token usage for your instance metadata\n requests (optional | required).
\n iam-instance-profile - The ARN of the IAM instance\n profile.
\n image-id - The ID of the AMI.
\n instance-type - The instance type.
\n is-default-version - A boolean that indicates whether the launch\n template version is the default version.
\n kernel-id - The kernel ID.
\n license-configuration-arn - The ARN of the license\n configuration.
\n network-card-index - The index of the network card.
\n ram-disk-id - The RAM disk ID.
One or more filters.
\n\n create-time - The time the launch template version was\n created.
\n ebs-optimized - A boolean that indicates whether the instance is\n optimized for Amazon EBS I/O.
\n http-endpoint - Indicates whether the HTTP metadata endpoint on\n your instances is enabled (enabled | disabled).
\n http-protocol-ipv4 - Indicates whether the IPv4 endpoint for the\n instance metadata service is enabled (enabled |\n disabled).
\n host-resource-group-arn - The ARN of the host resource group in\n which to launch the instances.
\n http-tokens - The state of token usage for your instance metadata\n requests (optional | required).
\n iam-instance-profile - The ARN of the IAM instance\n profile.
\n image-id - The ID of the AMI.
\n instance-type - The instance type.
\n is-default-version - A boolean that indicates whether the launch\n template version is the default version.
\n kernel-id - The kernel ID.
\n license-configuration-arn - The ARN of the license\n configuration.
\n network-card-index - The index of the network card.
\n ram-disk-id - The RAM disk ID.
Describes the specified tags for your EC2 resources.
\nFor more information about tags, see Tagging Your Resources in the\n Amazon Elastic Compute Cloud User Guide.
", + "smithy.api#documentation": "Describes the specified tags for your EC2 resources.
\nFor more information about tags, see Tag your Amazon EC2 resources in the\n Amazon Elastic Compute Cloud User Guide.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -31984,7 +31993,7 @@ "target": "com.amazonaws.ec2#DisableIpamOrganizationAdminAccountResult" }, "traits": { - "smithy.api#documentation": "Disable the IPAM account. For more information, see Enable integration with Organizations in the Amazon VPC IPAM User Guide.\n
" + "smithy.api#documentation": "Disable the IPAM account. For more information, see Enable integration with Organizations in the Amazon VPC IPAM User Guide.\n
" } }, "com.amazonaws.ec2#DisableIpamOrganizationAdminAccountRequest": { @@ -34403,7 +34412,7 @@ "target": "com.amazonaws.ec2#EnableIpamOrganizationAdminAccountResult" }, "traits": { - "smithy.api#documentation": "Enable an Organizations member account as the IPAM admin account. You cannot select the Organizations management account as the IPAM admin account. For more information, see Enable integration with Organizations in the Amazon VPC IPAM User Guide.\n
" + "smithy.api#documentation": "Enable an Organizations member account as the IPAM admin account. You cannot select the Organizations management account as the IPAM admin account. For more information, see Enable integration with Organizations in the Amazon VPC IPAM User Guide.\n
" } }, "com.amazonaws.ec2#EnableIpamOrganizationAdminAccountRequest": { @@ -36757,7 +36766,7 @@ "target": "com.amazonaws.ec2#String", "traits": { "aws.protocols#ec2QueryName": "MaxPrice", - "smithy.api#documentation": "The maximum price per unit hour that you are willing to pay for a Spot Instance.
", + "smithy.api#documentation": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n
\nIf you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.
\nThe maximum price per unit hour that you are willing to pay for a Spot Instance.
" + "smithy.api#documentation": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n
\nIf you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.
\nThe ID of the launch template. If you specify the template ID, you can't specify the\n template name.
", + "smithy.api#documentation": "The ID of the launch template.
\nYou must specify the LaunchTemplateId or the LaunchTemplateName, but not both.
The name of the launch template. If you specify the template name, you can't specify\n the template ID.
", + "smithy.api#documentation": "The name of the launch template.
\nYou must specify the LaunchTemplateName or the LaunchTemplateId, but not both.
Describes the Amazon EC2 launch template and the launch template version that can be used\n by a Spot Fleet request to configure Amazon EC2 instances. For information about launch templates,\n see Launching an instance from a launch template in the\n Amazon EC2 User Guide for Linux Instances.
" + "smithy.api#documentation": "The Amazon EC2 launch template that can be used by\n a Spot Fleet to configure Amazon EC2 instances. You must specify either the ID or name of the launch template in the request, but not both.
\nFor information about launch templates,\n see Launch an instance from a launch template in the\n Amazon EC2 User Guide for Linux Instances.
" } }, "com.amazonaws.ec2#FleetLaunchTemplateSpecificationRequest": { @@ -36926,13 +36935,13 @@ "LaunchTemplateId": { "target": "com.amazonaws.ec2#LaunchTemplateId", "traits": { - "smithy.api#documentation": "The ID of the launch template. If you specify the template ID, you can't specify the template name.
" + "smithy.api#documentation": "The ID of the launch template.
\nYou must specify the LaunchTemplateId or the LaunchTemplateName, but not both.
The name of the launch template. If you specify the template name, you can't specify the template ID.
" + "smithy.api#documentation": "The name of the launch template.
\nYou must specify the LaunchTemplateName or the LaunchTemplateId, but not both.
Describes the Amazon EC2 launch template and the launch template version that can be used by\n an EC2 Fleet to configure Amazon EC2 instances. For information about launch templates, see Launching\n an instance from a launch template in the\n Amazon EC2 User Guide.
" + "smithy.api#documentation": "The Amazon EC2 launch template that can be used by\n an EC2 Fleet to configure Amazon EC2 instances. You must specify either the ID or name of the launch template in the request, but not both.
\nFor information about launch templates, see Launch\n an instance from a launch template in the\n Amazon EC2 User Guide.
" } }, "com.amazonaws.ec2#FleetOnDemandAllocationStrategy": { @@ -38615,7 +38624,7 @@ "target": "com.amazonaws.ec2#GetIpamAddressHistoryResult" }, "traits": { - "smithy.api#documentation": "Retrieve historical information about a CIDR within an IPAM scope. For more information, see View the history of IP addresses in the Amazon VPC IPAM User Guide.
", + "smithy.api#documentation": "Retrieve historical information about a CIDR within an IPAM scope. For more information, see View the history of IP addresses in the Amazon VPC IPAM User Guide.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -38979,7 +38988,7 @@ "target": "com.amazonaws.ec2#GetLaunchTemplateDataResult" }, "traits": { - "smithy.api#documentation": "Retrieves the configuration data of the specified instance. You can use this data to\n create a launch template.
\nThis action calls on other describe actions to get instance information. Depending on\n your instance configuration, you may need to allow the following actions in your IAM\n policy: DescribeSpotInstanceRequests, DescribeInstanceCreditSpecifications,\n DescribeVolumes, DescribeInstanceAttribute, and DescribeElasticGpus. Or, you can allow\n describe* depending on your instance requirements.
Retrieves the configuration data of the specified instance. You can use this data to\n create a launch template.
\nThis action calls on other describe actions to get instance information. Depending on\n your instance configuration, you may need to allow the following actions in your IAM\n policy: DescribeSpotInstanceRequests, DescribeInstanceCreditSpecifications,\n DescribeVolumes, DescribeInstanceAttribute, and DescribeElasticGpus. Or, you can allow\n describe* depending on your instance requirements.
One or more filters. The possible values are:
\n\n resource-id - The ID of the resource.
\n resource-type - The type of resource. The valid value is: vpc.
\n state - The state of the subnet association. Valid values are\n associated |\n associating\n | disassociated | disassociating.
\n subnet-id - The ID of the subnet.
\n transit-gateway-attachment-id - The id of the transit gateway attachment.
One or more filters. The possible values are:
\n\n resource-id - The ID of the resource.
\n resource-type - The type of resource. The valid value is: vpc.
\n state - The state of the subnet association. Valid values are\n associated | associating |\n disassociated | disassociating.
\n subnet-id - The ID of the subnet.
\n transit-gateway-attachment-id - The id of the transit gateway attachment.
The price protection threshold for Spot Instances. This is the maximum you’ll pay for a Spot Instance,\n expressed as a percentage above the cheapest M, C, or R instance type with your specified\n attributes. When Amazon EC2 selects instance types with your attributes, it excludes instance\n types priced above your threshold.
\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.
\nTo turn off price protection, specify a high value, such as 999999.
This parameter is not supported for GetSpotPlacementScores and GetInstanceTypesFromInstanceRequirements.
\nIf you set TargetCapacityUnitType to vcpu or\n memory-mib, the price protection threshold is applied based on the\n per-vCPU or per-memory price instead of the per-instance price.
Default: 100\n
The price protection threshold for Spot Instances. This is the maximum you’ll pay for a Spot Instance,\n expressed as a percentage above the least expensive current generation M, C, or R instance type with your specified\n attributes. When Amazon EC2 selects instance types with your attributes, it excludes instance\n types priced above your threshold.
\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.
\nTo turn off price protection, specify a high value, such as 999999.
This parameter is not supported for GetSpotPlacementScores and GetInstanceTypesFromInstanceRequirements.
\nIf you set TargetCapacityUnitType to vcpu or\n memory-mib, the price protection threshold is applied based on the\n per-vCPU or per-memory price instead of the per-instance price.
Default: 100\n
The price protection threshold for On-Demand Instances. This is the maximum you’ll pay for an On-Demand Instance,\n expressed as a percentage above the cheapest M, C, or R instance type with your specified\n attributes. When Amazon EC2 selects instance types with your attributes, it excludes instance\n types priced above your threshold.
\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.
\nTo turn off price protection, specify a high value, such as 999999.
This parameter is not supported for GetSpotPlacementScores and GetInstanceTypesFromInstanceRequirements.
\nIf you set TargetCapacityUnitType to vcpu or\n memory-mib, the price protection threshold is applied based on the\n per-vCPU or per-memory price instead of the per-instance price.
Default: 20\n
The price protection threshold for On-Demand Instances. This is the maximum you’ll pay for an On-Demand Instance,\n expressed as a percentage above the least expensive current generation M, C, or R instance type with your specified\n attributes. When Amazon EC2 selects instance types with your attributes, it excludes instance\n types priced above your threshold.
\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.
\nTo turn off price protection, specify a high value, such as 999999.
This parameter is not supported for GetSpotPlacementScores and GetInstanceTypesFromInstanceRequirements.
\nIf you set TargetCapacityUnitType to vcpu or\n memory-mib, the price protection threshold is applied based on the\n per-vCPU or per-memory price instead of the per-instance price.
Default: 20\n
The price protection threshold for Spot Instance. This is the maximum you’ll pay for an Spot Instance,\n expressed as a percentage above the cheapest M, C, or R instance type with your specified\n attributes. When Amazon EC2 selects instance types with your attributes, it excludes instance\n types priced above your threshold.
\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.
\nTo turn off price protection, specify a high value, such as 999999.
This parameter is not supported for GetSpotPlacementScores and GetInstanceTypesFromInstanceRequirements.
\nIf you set TargetCapacityUnitType to vcpu or\n memory-mib, the price protection threshold is applied based on the\n per-vCPU or per-memory price instead of the per-instance price.
Default: 100\n
The price protection threshold for Spot Instance. This is the maximum you’ll pay for an Spot Instance,\n expressed as a percentage above the least expensive current generation M, C, or R instance type with your specified\n attributes. When Amazon EC2 selects instance types with your attributes, it excludes instance\n types priced above your threshold.
\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.
\nTo turn off price protection, specify a high value, such as 999999.
This parameter is not supported for GetSpotPlacementScores and GetInstanceTypesFromInstanceRequirements.
\nIf you set TargetCapacityUnitType to vcpu or\n memory-mib, the price protection threshold is applied based on the\n per-vCPU or per-memory price instead of the per-instance price.
Default: 100\n
The price protection threshold for On-Demand Instances. This is the maximum you’ll pay for an On-Demand Instance,\n expressed as a percentage above the cheapest M, C, or R instance type with your specified\n attributes. When Amazon EC2 selects instance types with your attributes, it excludes instance\n types priced above your threshold.
\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.
\nTo turn off price protection, specify a high value, such as 999999.
This parameter is not supported for GetSpotPlacementScores and GetInstanceTypesFromInstanceRequirements.
\nIf you set TargetCapacityUnitType to vcpu or\n memory-mib, the price protection threshold is applied based on the\n per-vCPU or per-memory price instead of the per-instance price.
Default: 20\n
The price protection threshold for On-Demand Instances. This is the maximum you’ll pay for an On-Demand Instance,\n expressed as a percentage above the least expensive current generation M, C, or R instance type with your specified\n attributes. When Amazon EC2 selects instance types with your attributes, it excludes instance\n types priced above your threshold.
\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.
\nTo turn off price protection, specify a high value, such as 999999.
This parameter is not supported for GetSpotPlacementScores and GetInstanceTypesFromInstanceRequirements.
\nIf you set TargetCapacityUnitType to vcpu or\n memory-mib, the price protection threshold is applied based on the\n per-vCPU or per-memory price instead of the per-instance price.
Default: 20\n
The number of scopes in the IPAM. The scope quota is 5. For more information on quotas, see Quotas in IPAM in the Amazon VPC IPAM User Guide.\n
", + "smithy.api#documentation": "The number of scopes in the IPAM. The scope quota is 5. For more information on quotas, see Quotas in IPAM in the Amazon VPC IPAM User Guide.\n
", "smithy.api#xmlName": "scopeCount" } }, @@ -49087,7 +49096,7 @@ "target": "com.amazonaws.ec2#IpamOperatingRegionSet", "traits": { "aws.protocols#ec2QueryName": "OperatingRegionSet", - "smithy.api#documentation": "The operating Regions for an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only\n discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
\nFor more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide.
", + "smithy.api#documentation": "The operating Regions for an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only\n discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
\nFor more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide.
", "smithy.api#xmlName": "operatingRegionSet" } }, @@ -49109,7 +49118,7 @@ } }, "traits": { - "smithy.api#documentation": "IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across Amazon Web Services Regions and accounts throughout your Amazon Web Services Organization. For more information, see What is IPAM? in the Amazon VPC IPAM User Guide.
" + "smithy.api#documentation": "IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across Amazon Web Services Regions and accounts throughout your Amazon Web Services Organization. For more information, see What is IPAM? in the Amazon VPC IPAM User Guide.
" } }, "com.amazonaws.ec2#IpamAddressHistoryMaxResults": { @@ -49176,7 +49185,7 @@ "target": "com.amazonaws.ec2#IpamComplianceStatus", "traits": { "aws.protocols#ec2QueryName": "ResourceComplianceStatus", - "smithy.api#documentation": "The compliance status of a resource. For more information on compliance statuses, see Monitor CIDR usage by resource in the Amazon VPC IPAM User Guide.
", + "smithy.api#documentation": "The compliance status of a resource. For more information on compliance statuses, see Monitor CIDR usage by resource in the Amazon VPC IPAM User Guide.
", "smithy.api#xmlName": "resourceComplianceStatus" } }, @@ -49184,7 +49193,7 @@ "target": "com.amazonaws.ec2#IpamOverlapStatus", "traits": { "aws.protocols#ec2QueryName": "ResourceOverlapStatus", - "smithy.api#documentation": "The overlap status of an IPAM resource. The overlap status tells you if the CIDR for a resource overlaps with another CIDR in the scope. For more information on overlap statuses, see Monitor CIDR usage by resource in the Amazon VPC IPAM User Guide.
", + "smithy.api#documentation": "The overlap status of an IPAM resource. The overlap status tells you if the CIDR for a resource overlaps with another CIDR in the scope. For more information on overlap statuses, see Monitor CIDR usage by resource in the Amazon VPC IPAM User Guide.
", "smithy.api#xmlName": "resourceOverlapStatus" } }, @@ -49214,7 +49223,7 @@ } }, "traits": { - "smithy.api#documentation": "The historical record of a CIDR within an IPAM scope. For more information, see View the history of IP addresses in the Amazon VPC IPAM User Guide.\n
" + "smithy.api#documentation": "The historical record of a CIDR within an IPAM scope. For more information, see View the history of IP addresses in the Amazon VPC IPAM User Guide.\n
" } }, "com.amazonaws.ec2#IpamAddressHistoryRecordSet": { @@ -49349,7 +49358,7 @@ } }, "traits": { - "smithy.api#documentation": "The operating Regions for an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only\n discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
\nFor more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide.
" + "smithy.api#documentation": "The operating Regions for an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only\n discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
\nFor more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide.
" } }, "com.amazonaws.ec2#IpamOperatingRegionSet": { @@ -49459,7 +49468,7 @@ "target": "com.amazonaws.ec2#Integer", "traits": { "aws.protocols#ec2QueryName": "PoolDepth", - "smithy.api#documentation": "The depth of pools in your IPAM pool. The pool depth quota is 10. For more information, see Quotas in IPAM in the Amazon VPC IPAM User Guide.\n
", + "smithy.api#documentation": "The depth of pools in your IPAM pool. The pool depth quota is 10. For more information, see Quotas in IPAM in the Amazon VPC IPAM User Guide.\n
", "smithy.api#xmlName": "poolDepth" } }, @@ -49952,7 +49961,7 @@ "target": "com.amazonaws.ec2#BoxedDouble", "traits": { "aws.protocols#ec2QueryName": "IpUsage", - "smithy.api#documentation": "The IP address space in the IPAM pool that is allocated to this resource. To convert the decimal to a percentage, multiply the decimal by 100.
", + "smithy.api#documentation": "The percentage of IP address space in use. To convert the decimal to a percentage, multiply the decimal by 100. Note the following:
\nFor a resources that are VPCs, this is the percentage of IP address space in the VPC that's taken up by subnet CIDRs.\n
\nFor resources that are subnets, if the subnet has an IPv4 CIDR provisioned to it, this is the percentage of IPv4 address space in the subnet that's in use. If the subnet has an IPv6 CIDR provisioned to it, the percentage of IPv6 address space in use is not represented. The percentage of IPv6 address space in use cannot currently be calculated.\n
\nFor resources that are public IPv4 pools, this is the percentage of IP address space in the pool that's been allocated to Elastic IP addresses (EIPs).\n
\nThe compliance status of the IPAM resource. For more information on compliance statuses, see Monitor CIDR usage by resource in the Amazon VPC IPAM User Guide.
", + "smithy.api#documentation": "The compliance status of the IPAM resource. For more information on compliance statuses, see Monitor CIDR usage by resource in the Amazon VPC IPAM User Guide.
", "smithy.api#xmlName": "complianceStatus" } }, @@ -49968,7 +49977,7 @@ "target": "com.amazonaws.ec2#IpamManagementState", "traits": { "aws.protocols#ec2QueryName": "ManagementState", - "smithy.api#documentation": "The management state of the resource. For more information about management states, see Monitor CIDR usage by resource in the Amazon VPC IPAM User Guide.
", + "smithy.api#documentation": "The management state of the resource. For more information about management states, see Monitor CIDR usage by resource in the Amazon VPC IPAM User Guide.
", "smithy.api#xmlName": "managementState" } }, @@ -49976,7 +49985,7 @@ "target": "com.amazonaws.ec2#IpamOverlapStatus", "traits": { "aws.protocols#ec2QueryName": "OverlapStatus", - "smithy.api#documentation": "The overlap status of an IPAM resource. The overlap status tells you if the CIDR for a resource overlaps with another CIDR in the scope. For more information on overlap statuses, see Monitor CIDR usage by resource in the Amazon VPC IPAM User Guide.
", + "smithy.api#documentation": "The overlap status of an IPAM resource. The overlap status tells you if the CIDR for a resource overlaps with another CIDR in the scope. For more information on overlap statuses, see Monitor CIDR usage by resource in the Amazon VPC IPAM User Guide.
", "smithy.api#xmlName": "overlapStatus" } }, @@ -50155,7 +50164,7 @@ } }, "traits": { - "smithy.api#documentation": "In IPAM, a scope is the highest-level container within IPAM. An IPAM contains two default scopes. Each scope represents the IP space for a single network. The private scope is intended for all private IP address space. The public scope is intended for all public IP address space. Scopes enable you to reuse IP addresses across multiple unconnected networks without causing IP address overlap or conflict.
\nFor more information, see How IPAM works in the Amazon VPC IPAM User Guide.
" + "smithy.api#documentation": "In IPAM, a scope is the highest-level container within IPAM. An IPAM contains two default scopes. Each scope represents the IP space for a single network. The private scope is intended for all private IP address space. The public scope is intended for all public IP address space. Scopes enable you to reuse IP addresses across multiple unconnected networks without causing IP address overlap or conflict.
\nFor more information, see How IPAM works in the Amazon VPC IPAM User Guide.
" } }, "com.amazonaws.ec2#IpamScopeId": { @@ -51366,7 +51375,7 @@ "ThreadsPerCore": { "target": "com.amazonaws.ec2#Integer", "traits": { - "smithy.api#documentation": "The number of threads per CPU core. To disable multithreading for the instance,\n specify a value of 1. Otherwise, specify the default value of 2.
" + "smithy.api#documentation": "The number of threads per CPU core. To disable multithreading for the instance,\n specify a value of 1. Otherwise, specify the default value of 2.
The metadata options for the instance. For more information, see Instance Metadata and User Data in the\n Amazon Elastic Compute Cloud User Guide.
" + "smithy.api#documentation": "The metadata options for the instance. For more information, see Instance metadata and user data in the\n Amazon Elastic Compute Cloud User Guide.
" } }, "com.amazonaws.ec2#LaunchTemplateInstanceMetadataOptionsRequest": { @@ -51892,7 +51901,7 @@ "HttpPutResponseHopLimit": { "target": "com.amazonaws.ec2#Integer", "traits": { - "smithy.api#documentation": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the\n number, the further instance metadata requests can travel.
\nDefault: 1
\nPossible values: Integers from 1 to 64
" + "smithy.api#documentation": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the\n number, the further instance metadata requests can travel.
\nDefault: 1\n
Possible values: Integers from 1 to 64
" } }, "HttpEndpoint": { @@ -51915,7 +51924,7 @@ } }, "traits": { - "smithy.api#documentation": "The metadata options for the instance. For more information, see Instance Metadata and User Data in the\n Amazon Elastic Compute Cloud User Guide.
" + "smithy.api#documentation": "The metadata options for the instance. For more information, see Instance metadata and user data in the\n Amazon Elastic Compute Cloud User Guide.
" } }, "com.amazonaws.ec2#LaunchTemplateInstanceMetadataOptionsState": { @@ -52348,7 +52357,7 @@ "target": "com.amazonaws.ec2#String", "traits": { "aws.protocols#ec2QueryName": "SpotPrice", - "smithy.api#documentation": "The maximum price per unit hour that you are willing to pay for a Spot\n Instance.
", + "smithy.api#documentation": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to \n increased interruptions. If you do not specify this parameter, you will pay the current Spot price.
\nIf you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.
\nThe ID of the launch template.
" + "smithy.api#documentation": "The ID of the launch template.
\nYou must specify the LaunchTemplateId or the LaunchTemplateName, but not both.
The name of the launch template.
" + "smithy.api#documentation": "The name of the launch template.
\nYou must specify the LaunchTemplateName or the LaunchTemplateId, but not both.
The maximum hourly price you're willing to pay for the Spot Instances.
", + "smithy.api#documentation": "The maximum hourly price you're willing to pay for the Spot Instances. We do not recommend \n using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.
\nIf you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter.
\nThe maximum hourly price you're willing to pay for the Spot Instances.
" + "smithy.api#documentation": "The maximum hourly price you're willing to pay for the Spot Instances. We do not recommend \n using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.
\nIf you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter.
\nThe required duration for the Spot Instances (also known as Spot blocks), in minutes.\n This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).
" + "smithy.api#documentation": "Deprecated.
" } }, "ValidUntil": { "target": "com.amazonaws.ec2#DateTime", "traits": { - "smithy.api#documentation": "The end date of the request. For a one-time request, the request remains active until\n all instances launch, the request is canceled, or this date is reached. If the request\n is persistent, it remains active until it is canceled or this date and time is reached.\n The default end date is 7 days from the current date.
" + "smithy.api#documentation": "The end date of the request, in UTC format\n (YYYY-MM-DDTHH:MM:SSZ). Supported only for\n persistent requests.
\nFor a persistent request, the request remains active until the ValidUntil \n date and time is reached. Otherwise, the request remains active until you cancel it.
For a one-time request, ValidUntil is not supported. The request remains active until \n all instances launch or you cancel the request.
Default: 7 days from the current date
" } }, "InstanceInterruptionBehavior": { @@ -55735,7 +55744,7 @@ "target": "com.amazonaws.ec2#ModifyIpamPoolResult" }, "traits": { - "smithy.api#documentation": "Modify the configurations of an IPAM pool.
\nFor more information, see Modify a pool in the Amazon VPC IPAM User Guide.\n
" + "smithy.api#documentation": "Modify the configurations of an IPAM pool.
\nFor more information, see Modify a pool in the Amazon VPC IPAM User Guide.\n
" } }, "com.amazonaws.ec2#ModifyIpamPoolRequest": { @@ -55793,7 +55802,7 @@ "AddAllocationResourceTags": { "target": "com.amazonaws.ec2#RequestIpamResourceTagList", "traits": { - "smithy.api#documentation": "Add tag allocation rules to a pool. For more information about allocation rules, see Create a top-level pool in the Amazon VPC IPAM User Guide.
", + "smithy.api#documentation": "Add tag allocation rules to a pool. For more information about allocation rules, see Create a top-level pool in the Amazon VPC IPAM User Guide.
", "smithy.api#xmlName": "AddAllocationResourceTag" } }, @@ -55844,7 +55853,7 @@ "AddOperatingRegions": { "target": "com.amazonaws.ec2#AddIpamOperatingRegionSet", "traits": { - "smithy.api#documentation": "Choose the operating Regions for the IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only\n discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
\nFor more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide.
", + "smithy.api#documentation": "Choose the operating Regions for the IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only\n discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
\nFor more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide.
", "smithy.api#xmlName": "AddOperatingRegion" } }, @@ -55866,7 +55875,7 @@ "target": "com.amazonaws.ec2#ModifyIpamResourceCidrResult" }, "traits": { - "smithy.api#documentation": "Modify a resource CIDR. You can use this action to transfer resource CIDRs between scopes and ignore resource CIDRs that you do not want to manage. If set to false, the resource will not be tracked for overlap, it cannot be auto-imported into a pool, and it will be removed from any pool it has an allocation in.
\nFor more information, see Move resource CIDRs between scopes and Change the monitoring state of resource CIDRs in the Amazon VPC IPAM User Guide.
" + "smithy.api#documentation": "Modify a resource CIDR. You can use this action to transfer resource CIDRs between scopes and ignore resource CIDRs that you do not want to manage. If set to false, the resource will not be tracked for overlap, it cannot be auto-imported into a pool, and it will be removed from any pool it has an allocation in.
\nFor more information, see Move resource CIDRs between scopes and Change the monitoring state of resource CIDRs in the Amazon VPC IPAM User Guide.
" } }, "com.amazonaws.ec2#ModifyIpamResourceCidrRequest": { @@ -56025,13 +56034,13 @@ "LaunchTemplateId": { "target": "com.amazonaws.ec2#LaunchTemplateId", "traits": { - "smithy.api#documentation": "The ID of the launch template. You must specify either the launch template ID or\n launch template name in the request.
" + "smithy.api#documentation": "The ID of the launch template.
\nYou must specify either the LaunchTemplateId or the LaunchTemplateName, but not both.
The name of the launch template. You must specify either the launch template ID or\n launch template name in the request.
" + "smithy.api#documentation": "The name of the launch template.
\nYou must specify either the LaunchTemplateName or the LaunchTemplateId, but not both.
Move an BYOIP IPv4 CIDR to IPAM from a public IPv4 pool.
\nIf you already have an IPv4 BYOIP CIDR with Amazon Web Services, you can move the CIDR to IPAM from a public IPv4 pool. You cannot move an IPv6 CIDR to IPAM. If you are bringing a new IP address to Amazon Web Services for the first time, complete the steps in Tutorial: BYOIP address CIDRs to IPAM.
" + "smithy.api#documentation": "Move an BYOIP IPv4 CIDR to IPAM from a public IPv4 pool.
\nIf you already have an IPv4 BYOIP CIDR with Amazon Web Services, you can move the CIDR to IPAM from a public IPv4 pool. You cannot move an IPv6 CIDR to IPAM. If you are bringing a new IP address to Amazon Web Services for the first time, complete the steps in Tutorial: BYOIP address CIDRs to IPAM.
" } }, "com.amazonaws.ec2#MoveByoipCidrToIpamRequest": { @@ -61014,6 +61023,7 @@ "target": "com.amazonaws.ec2#String", "traits": { "aws.protocols#ec2QueryName": "CoreNetworkId", + "smithy.api#documentation": "The ID of the core network where the transit gateway peer is located.
", "smithy.api#xmlName": "coreNetworkId" } }, @@ -62560,7 +62570,7 @@ "target": "com.amazonaws.ec2#ProvisionIpamPoolCidrResult" }, "traits": { - "smithy.api#documentation": "Provision a CIDR to an IPAM pool. You can use this action to provision new CIDRs to a top-level pool or to transfer a CIDR from a top-level pool to a pool within it.
\nFor more information, see Provision CIDRs to pools in the Amazon VPC IPAM User Guide.\n
" + "smithy.api#documentation": "Provision a CIDR to an IPAM pool. You can use this action to provision new CIDRs to a top-level pool or to transfer a CIDR from a top-level pool to a pool within it.
\nFor more information, see Provision CIDRs to pools in the Amazon VPC IPAM User Guide.\n
" } }, "com.amazonaws.ec2#ProvisionIpamPoolCidrRequest": { @@ -62615,7 +62625,7 @@ "target": "com.amazonaws.ec2#ProvisionPublicIpv4PoolCidrResult" }, "traits": { - "smithy.api#documentation": "Provision a CIDR to a public IPv4 pool.
\nFor more information about IPAM, see What is IPAM? in the Amazon VPC IPAM User Guide.
" + "smithy.api#documentation": "Provision a CIDR to a public IPv4 pool.
\nFor more information about IPAM, see What is IPAM? in the Amazon VPC IPAM User Guide.
" } }, "com.amazonaws.ec2#ProvisionPublicIpv4PoolCidrRequest": { @@ -63476,7 +63486,7 @@ "target": "com.amazonaws.ec2#RegisterImageResult" }, "traits": { - "smithy.api#documentation": "Registers an AMI. When you're creating an AMI, this is the final step you must complete\n before you can launch an instance from the AMI. For more information about creating AMIs, see\n Creating your\n own AMIs in the Amazon Elastic Compute Cloud User Guide.
\nFor Amazon EBS-backed instances, CreateImage creates and registers \n \tthe AMI in a single request, so you don't have to register the AMI yourself.
\nIf needed, you can deregister an AMI at any time. Any modifications you make to an AMI backed by an instance store volume invalidates its registration. \n If you make changes to an image, deregister the previous image and register the new image.
\n\n\n Register a snapshot of a root device volume\n
\n \tYou can use RegisterImage to create an Amazon EBS-backed Linux AMI from\n a snapshot of a root device volume. You specify the snapshot using a block device mapping.\n You can't set the encryption state of the volume using the block device mapping. If the \n snapshot is encrypted, or encryption by default is enabled, the root volume of an instance \n launched from the AMI is encrypted.
For more information, see Create a Linux AMI from a snapshot and Use encryption with Amazon EBS-backed AMIs\n in the Amazon Elastic Compute Cloud User Guide.
\n \n \t\n Amazon Web Services Marketplace product codes\n
\n \tIf any snapshots have Amazon Web Services Marketplace product codes, they are copied to the new\n AMI.
\nWindows and some Linux distributions, such as Red Hat Enterprise Linux (RHEL) and SUSE\n Linux Enterprise Server (SLES), use the Amazon EC2 billing product code associated with an AMI to\n verify the subscription status for package updates. To create a new AMI for operating systems\n that require a billing product code, instead of registering the AMI, do the following to\n preserve the billing product code association:
\nLaunch an instance from an existing AMI with that billing product code.
\nCustomize the instance.
\nCreate an AMI from the instance using CreateImage.
\nIf you purchase a Reserved Instance to apply to an On-Demand Instance that was launched\n from an AMI with a billing product code, make sure that the Reserved Instance has the matching\n billing product code. If you purchase a Reserved Instance without the matching billing product\n code, the Reserved Instance will not be applied to the On-Demand Instance. For information\n about how to obtain the platform details and billing information of an AMI, see Understanding AMI \n \tbilling in the Amazon Elastic Compute Cloud User Guide.
" + "smithy.api#documentation": "Registers an AMI. When you're creating an AMI, this is the final step you must complete\n before you can launch an instance from the AMI. For more information about creating AMIs, see\n Creating your\n own AMIs in the Amazon Elastic Compute Cloud User Guide.
\nFor Amazon EBS-backed instances, CreateImage creates and registers the AMI\n in a single request, so you don't have to register the AMI yourself. We recommend that you\n always use CreateImage unless you have a specific reason to use\n RegisterImage.
\nIf needed, you can deregister an AMI at any time. Any modifications you make to an AMI backed by an instance store volume invalidates its registration. \n If you make changes to an image, deregister the previous image and register the new image.
\n\n\n Register a snapshot of a root device volume\n
\n \tYou can use RegisterImage to create an Amazon EBS-backed Linux AMI from\n a snapshot of a root device volume. You specify the snapshot using a block device mapping.\n You can't set the encryption state of the volume using the block device mapping. If the \n snapshot is encrypted, or encryption by default is enabled, the root volume of an instance \n launched from the AMI is encrypted.
For more information, see Create a Linux AMI from a snapshot and Use encryption with Amazon EBS-backed AMIs\n in the Amazon Elastic Compute Cloud User Guide.
\n \n \t\n Amazon Web Services Marketplace product codes\n
\n \tIf any snapshots have Amazon Web Services Marketplace product codes, they are copied to the new\n AMI.
\nWindows and some Linux distributions, such as Red Hat Enterprise Linux (RHEL) and SUSE\n Linux Enterprise Server (SLES), use the Amazon EC2 billing product code associated with an AMI to\n verify the subscription status for package updates. To create a new AMI for operating systems\n that require a billing product code, instead of registering the AMI, do the following to\n preserve the billing product code association:
\nLaunch an instance from an existing AMI with that billing product code.
\nCustomize the instance.
\nCreate an AMI from the instance using CreateImage.
\nIf you purchase a Reserved Instance to apply to an On-Demand Instance that was launched\n from an AMI with a billing product code, make sure that the Reserved Instance has the matching\n billing product code. If you purchase a Reserved Instance without the matching billing product\n code, the Reserved Instance will not be applied to the On-Demand Instance. For information\n about how to obtain the platform details and billing information of an AMI, see Understanding AMI \n \tbilling in the Amazon Elastic Compute Cloud User Guide.
" } }, "com.amazonaws.ec2#RegisterImageRequest": { @@ -64129,7 +64139,7 @@ "target": "com.amazonaws.ec2#ReleaseIpamPoolAllocationResult" }, "traits": { - "smithy.api#documentation": "Release an allocation within an IPAM pool. You can only use this action to release manual allocations. To remove an allocation for a resource without deleting the resource, set its monitored state to false using ModifyIpamResourceCidr. For more information, see Release an allocation in the Amazon VPC IPAM User Guide.\n
" + "smithy.api#documentation": "Release an allocation within an IPAM pool. You can only use this action to release manual allocations. To remove an allocation for a resource without deleting the resource, set its monitored state to false using ModifyIpamResourceCidr. For more information, see Release an allocation in the Amazon VPC IPAM User Guide.\n
" } }, "com.amazonaws.ec2#ReleaseIpamPoolAllocationRequest": { @@ -64188,7 +64198,7 @@ } }, "traits": { - "smithy.api#documentation": "Remove an operating Region from an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only\n discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
\nFor more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide\n
" + "smithy.api#documentation": "Remove an operating Region from an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only\n discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
\nFor more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide\n
" } }, "com.amazonaws.ec2#RemoveIpamOperatingRegionSet": { @@ -65341,7 +65351,7 @@ "target": "com.amazonaws.ec2#String", "traits": { "aws.protocols#ec2QueryName": "SpotPrice", - "smithy.api#documentation": "The maximum price per hour that you are willing to pay for a Spot Instance. The\n default is the On-Demand price.
", + "smithy.api#documentation": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend \n using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.
\nIf you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.
\nThe tags to apply to the resources during launch. You can only tag instances and\n volumes on launch. The specified tags are applied to all instances or volumes that are\n created during launch. To tag a resource after it has been created, see CreateTags.
", + "smithy.api#documentation": "The tags to apply to the resources that are created during instance launch.
\nYou can specify tags for the following resources only:
\nInstances
\nVolumes
\nElastic graphics
\nSpot Instance requests
\nNetwork interfaces
\nTo tag a resource after it has been created, see CreateTags.
", "smithy.api#xmlName": "TagSpecification" } }, "LaunchTemplate": { "target": "com.amazonaws.ec2#LaunchTemplateSpecification", "traits": { - "smithy.api#documentation": "The launch template to use to launch the instances. Any parameters that you specify in\n RunInstances override the same parameters in the launch template.\n You can specify either the name or ID of a launch template, but not both.
" + "smithy.api#documentation": "The launch template to use to launch the instances. Any parameters that you specify in\n RunInstances override the same parameters in the launch template.\n You can specify either the name or ID of a launch template, but not both.
" } }, "InstanceMarketOptions": { @@ -68759,7 +68769,7 @@ "CreditSpecification": { "target": "com.amazonaws.ec2#CreditSpecificationRequest", "traits": { - "smithy.api#documentation": "The credit option for CPU usage of the burstable performance instance. Valid values\n are standard and unlimited. To change this attribute after\n launch, use \n ModifyInstanceCreditSpecification. For more information, see Burstable\n performance instances in the Amazon EC2 User Guide.
Default: standard (T2 instances) or unlimited (T3/T3a\n instances)
For T3 instances with host tenancy, only standard is\n supported.
The credit option for CPU usage of the burstable performance instance. Valid values\n are standard and unlimited. To change this attribute after\n launch, use \n ModifyInstanceCreditSpecification. For more information, see Burstable\n performance instances in the Amazon EC2 User Guide.
Default: standard (T2 instances) or unlimited (T3/T3a\n instances)
For T3 instances with host tenancy, only standard is\n supported.
Indicates whether an instance is enabled for hibernation. For more information, see\n Hibernate\n your instance in the Amazon EC2 User Guide.
\nYou can't enable hibernation and Amazon Web Services Nitro Enclaves on the same\n instance.
" + "smithy.api#documentation": "Indicates whether an instance is enabled for hibernation. For more information, see\n Hibernate\n your instance in the Amazon EC2 User Guide.
\nYou can't enable hibernation and Amazon Web Services Nitro Enclaves on the same\n instance.
" } }, "LicenseSpecifications": { @@ -68796,7 +68806,7 @@ "EnclaveOptions": { "target": "com.amazonaws.ec2#EnclaveOptionsRequest", "traits": { - "smithy.api#documentation": "Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves. For\n more information, see What is Amazon Web Services Nitro\n Enclaves? in the Amazon Web Services Nitro Enclaves User\n Guide.
\nYou can't enable Amazon Web Services Nitro Enclaves and hibernation on the same\n instance.
" + "smithy.api#documentation": "Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves. For\n more information, see What is Amazon Web Services Nitro\n Enclaves? in the Amazon Web Services Nitro Enclaves User\n Guide.
\nYou can't enable Amazon Web Services Nitro Enclaves and hibernation on the same\n instance.
" } }, "PrivateDnsNameOptions": { @@ -68814,7 +68824,7 @@ "DisableApiStop": { "target": "com.amazonaws.ec2#Boolean", "traits": { - "smithy.api#documentation": "Indicates whether an instance is enabled for stop protection. For more information,\n see Stop\n Protection.\n
" + "smithy.api#documentation": "Indicates whether an instance is enabled for stop protection. For more information,\n see Stop\n protection.\n
" } } } @@ -70548,7 +70558,7 @@ "target": "com.amazonaws.ec2#String", "traits": { "aws.protocols#ec2QueryName": "ServiceName", - "smithy.api#documentation": "The Amazon Resource Name (ARN) of the service.
", + "smithy.api#documentation": "The name of the service.
", "smithy.api#xmlName": "serviceName" } }, @@ -71710,7 +71720,7 @@ "target": "com.amazonaws.ec2#String", "traits": { "aws.protocols#ec2QueryName": "SpotPrice", - "smithy.api#documentation": "The maximum price per unit hour that you are willing to pay for a Spot Instance. \n If this value is not specified, the default is the Spot price specified for the fleet.\n To determine the Spot price per unit hour, divide the Spot price by the\n value of WeightedCapacity.
The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to \n increased interruptions. If you do not specify this parameter, you will pay the current Spot price.
\nIf you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.
\nThe maximum price per unit hour that you are willing to pay for a Spot Instance. The\n default is the On-Demand price.
", + "smithy.api#documentation": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend \n using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.
\nIf you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.
\nThe maximum price per hour that you are willing to pay for a Spot Instance.
", + "smithy.api#documentation": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend \n using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.
\nIf you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.
\nThe maximum hourly price you're willing to pay for the Spot Instances. The default is\n the On-Demand price.
" + "smithy.api#documentation": "The maximum hourly price that you're willing to pay for a Spot Instance. We do not recommend \n using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.
\nIf you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter.
\nThe maximum amount per hour for Spot Instances that you're willing to pay.
", + "smithy.api#documentation": "The maximum amount per hour for Spot Instances that you're willing to pay. We do not recommend\n using this parameter because it can lead to increased interruptions. If you do not specify\n this parameter, you will pay the current Spot price.
\nIf you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter.
\nThe maximum amount per hour for Spot Instances that you're willing to pay.
" + "smithy.api#documentation": "The maximum amount per hour for Spot Instances that you're willing to pay. We do not recommend\n using this parameter because it can lead to increased interruptions. If you do not specify\n this parameter, you will pay the current Spot price.
\nIf you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter.
\nThe maximum price per hour that you are willing to pay for a Spot Instance.
", + "smithy.api#documentation": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend \n using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.
\nIf you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.
\nDescribes the maximum price per hour that you are willing to pay for a Spot\n Instance.
" + "smithy.api#documentation": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend \n using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.
\nIf you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.
\nThe tags to apply to a resource when the resource is being created.
" + "smithy.api#documentation": "The tags to apply to a resource when the resource is being created.
\nThe Valid Values lists all the resource types that can be tagged.\n However, the action you're using might not support tagging all of these resource types.\n If you try to tag a resource type that is unsupported for the action you're using,\n you'll get an error.
Details about the transit gateway peering attachment.
", "smithy.api#xmlName": "options" } }, @@ -76792,9 +76803,13 @@ "target": "com.amazonaws.ec2#DynamicRoutingValue", "traits": { "aws.protocols#ec2QueryName": "DynamicRouting", + "smithy.api#documentation": "Describes whether dynamic routing is enabled or disabled for the transit gateway peering attachment.
", "smithy.api#xmlName": "dynamicRouting" } } + }, + "traits": { + "smithy.api#documentation": "Describes dynamic routing for the transit gateway peering attachment.
" } }, "com.amazonaws.ec2#TransitGatewayPolicyRule": { @@ -77345,6 +77360,7 @@ "target": "com.amazonaws.ec2#TransitGatewayRouteTableAnnouncementId", "traits": { "aws.protocols#ec2QueryName": "TransitGatewayRouteTableAnnouncementId", + "smithy.api#documentation": "The ID of the transit gateway route table announcement.
", "smithy.api#xmlName": "transitGatewayRouteTableAnnouncementId" } }, @@ -77541,6 +77557,7 @@ "target": "com.amazonaws.ec2#String", "traits": { "aws.protocols#ec2QueryName": "CoreNetworkId", + "smithy.api#documentation": "The ID of the core network for the transit gateway route table announcement.
", "smithy.api#xmlName": "coreNetworkId" } }, @@ -77556,6 +77573,7 @@ "target": "com.amazonaws.ec2#String", "traits": { "aws.protocols#ec2QueryName": "PeerCoreNetworkId", + "smithy.api#documentation": "The ID of the core network ID for the peer.
", "smithy.api#xmlName": "peerCoreNetworkId" } }, diff --git a/codegen/sdk/aws-models/elasticache.json b/codegen/sdk/aws-models/elasticache.json index fee4e6ef348..b3c74a3e56f 100644 --- a/codegen/sdk/aws-models/elasticache.json +++ b/codegen/sdk/aws-models/elasticache.json @@ -727,7 +727,7 @@ "CacheNodeType": { "target": "com.amazonaws.elasticache#String", "traits": { - "smithy.api#documentation": "The name of the compute and memory capacity node type for the cluster.
\n \nThe following node types are supported by ElastiCache. \n\t\t\t\tGenerally speaking, the current generation types provide more memory and computational power\n\t\t\tat lower cost when compared to their equivalent previous generation counterparts.
\n\t\tGeneral purpose:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n M6g node types: (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward): \tcache.m6g.large,\n\t\t\t\t\t\t\tcache.m6g.xlarge,\n\t\t\t\t\t\t\tcache.m6g.2xlarge,\n\t\t\t\t\t\t\tcache.m6g.4xlarge,\n\t\t\t\t\t\t\tcache.m6g.8xlarge,\n\t\t\t\t\t\t\tcache.m6g.12xlarge,\n\t\t\t\t\t\t\tcache.m6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n M5 node types:\n \t\t\t\t\t\t cache.m5.large,\n \t\t\t\t\t\tcache.m5.xlarge,\n \t\t\t\t\t\tcache.m5.2xlarge,\n \t\t\t\t\t\tcache.m5.4xlarge,\n \t\t\t\t\t\tcache.m5.12xlarge,\n \t\t\t\t\t\tcache.m5.24xlarge\n \t\t\t\t\t\t\n \t\t\t\t\t\t\n \t\t\t\t\t\t
\n M4 node types:\n \t\t\t\t\t\t cache.m4.large,\n \t\t\t\t\t\tcache.m4.xlarge,\n \t\t\t\t\t\tcache.m4.2xlarge,\n \t\t\t\t\t\tcache.m4.4xlarge,\n \t\t\t\t\t\tcache.m4.10xlarge\n
\n T4g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward):\n\t\t\t\t\t cache.t4g.micro,\n\t\t\t\t\t cache.t4g.small,\n\t\t\t\t\t cache.t4g.medium\n\t\t\t\t\t
\n T3 node types:\n\t\t\t\t\t cache.t3.micro, \n \t\t\t\t\t\tcache.t3.small,\n \t\t\t\t\t\tcache.t3.medium\n
\n T2 node types:\n\t\t\t\t\t cache.t2.micro, \n \t\t\t\t\t\tcache.t2.small,\n \t\t\t\t\t\tcache.t2.medium\n
Previous generation: (not recommended)
\n\t\t\t\t\t\t\n T1 node types:\n\t\t\t\t\t cache.t1.micro\n
\n M1 node types:\n\t\t\t\t\t\t cache.m1.small, \n\t\t\t\t\t\t cache.m1.medium, \n\t\t\t\t\t\t cache.m1.large,\n\t\t\t\t\t\t cache.m1.xlarge\n
\n M3 node types:\n \t\t\t\t\t\t cache.m3.medium,\n \t\t\t\t\t\tcache.m3.large, \n \t\t\t\t\t\tcache.m3.xlarge,\n \t\t\t\t\t\tcache.m3.2xlarge\n
Compute optimized:
\n\n\t\t\t\tPrevious generation: (not recommended)
\n\t\t\t\n C1 node types:\n\t\t\t cache.c1.xlarge\n
Memory optimized with data tiering:
\n\t\tCurrent generation:
\n\t\t \n\t\t\n R6gd node types (available only for Redis engine version 6.2 onward).
\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t\t\n\t\t \n\t\t cache.r6gd.xlarge,\n\t\t cache.r6gd.2xlarge,\n\t\t cache.r6gd.4xlarge,\n\t\t cache.r6gd.8xlarge,\n\t\t cache.r6gd.12xlarge,\n\t\t cache.r6gd.16xlarge\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t
Memory optimized:
\n\t\t\t\tCurrent generation:
\n\n\t\t \t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n R6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward).
\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t cache.r6g.large,\n\t\t\t\t\t\t\tcache.r6g.xlarge,\n\t\t\t\t\t\t\tcache.r6g.2xlarge,\n\t\t\t\t\t\t\tcache.r6g.4xlarge,\n\t\t\t\t\t\t\tcache.r6g.8xlarge,\n\t\t\t\t\t\t\tcache.r6g.12xlarge,\n\t\t\t\t\t\t\tcache.r6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n R5 node types:\n \t\t\t\t\t cache.r5.large,\n \t\t\t\t\t cache.r5.xlarge,\n \t\t\t\t\t cache.r5.2xlarge,\n \t\t\t\t\t cache.r5.4xlarge,\n \t\t\t\t\t cache.r5.12xlarge,\n \t\t\t\t\t cache.r5.24xlarge\n
\n R4 node types:\n \t\t\t\t\t cache.r4.large,\n \t\t\t\t\t cache.r4.xlarge,\n \t\t\t\t\t cache.r4.2xlarge,\n \t\t\t\t\t cache.r4.4xlarge,\n \t\t\t\t\t cache.r4.8xlarge,\n \t\t\t\t\t cache.r4.16xlarge\n
Previous generation: (not recommended)
\n\n M2 node types:\t\t\t\t\t\t\n \t\t\t\t\t cache.m2.xlarge, \n \t\t\t\t\t\tcache.m2.2xlarge,\n \t\t\t\t\t\tcache.m2.4xlarge\n
\n R3 node types:\n \t\t\t\t\t cache.r3.large, \n \t\t\t\t\t\tcache.r3.xlarge,\n \t\t\t\t\t\tcache.r3.2xlarge, \n \t\t\t\t\t\tcache.r3.4xlarge,\n \t\t\t\t\t\tcache.r3.8xlarge\n
\n Additional node type info\n
\n\t\tAll current generation instance types are created in Amazon VPC by default.
\nRedis append-only files (AOF) are not supported for T1 or T2 instances.
\nRedis Multi-AZ with automatic failover is not supported on T1 instances.
\nRedis configuration variables appendonly and \n\t\t\t\tappendfsync are not supported on Redis version 2.8.22 and later.
The name of the compute and memory capacity node type for the cluster.
\n \nThe following node types are supported by ElastiCache. \n\t\t\t\tGenerally speaking, the current generation types provide more memory and computational power\n\t\t\tat lower cost when compared to their equivalent previous generation counterparts.
\n\t\tGeneral purpose:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n M6g node types: (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward): \tcache.m6g.large,\n\t\t\t\t\t\t\tcache.m6g.xlarge,\n\t\t\t\t\t\t\tcache.m6g.2xlarge,\n\t\t\t\t\t\t\tcache.m6g.4xlarge,\n\t\t\t\t\t\t\tcache.m6g.8xlarge,\n\t\t\t\t\t\t\tcache.m6g.12xlarge,\n\t\t\t\t\t\t\tcache.m6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n M5 node types:\n \t\t\t\t\t\t cache.m5.large,\n \t\t\t\t\t\tcache.m5.xlarge,\n \t\t\t\t\t\tcache.m5.2xlarge,\n \t\t\t\t\t\tcache.m5.4xlarge,\n \t\t\t\t\t\tcache.m5.12xlarge,\n \t\t\t\t\t\tcache.m5.24xlarge\n \t\t\t\t\t\t\n \t\t\t\t\t\t\n \t\t\t\t\t\t
\n M4 node types:\n \t\t\t\t\t\t cache.m4.large,\n \t\t\t\t\t\tcache.m4.xlarge,\n \t\t\t\t\t\tcache.m4.2xlarge,\n \t\t\t\t\t\tcache.m4.4xlarge,\n \t\t\t\t\t\tcache.m4.10xlarge\n
\n T4g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward):\n\t\t\t\t\t cache.t4g.micro,\n\t\t\t\t\t cache.t4g.small,\n\t\t\t\t\t cache.t4g.medium\n\t\t\t\t\t
\n T3 node types:\n\t\t\t\t\t cache.t3.micro, \n \t\t\t\t\t\tcache.t3.small,\n \t\t\t\t\t\tcache.t3.medium\n
\n T2 node types:\n\t\t\t\t\t cache.t2.micro, \n \t\t\t\t\t\tcache.t2.small,\n \t\t\t\t\t\tcache.t2.medium\n
Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\t\t\t\t\t\t\n T1 node types:\n\t\t\t\t\t cache.t1.micro\n
\n M1 node types:\n\t\t\t\t\t\t cache.m1.small, \n\t\t\t\t\t\t cache.m1.medium, \n\t\t\t\t\t\t cache.m1.large,\n\t\t\t\t\t\t cache.m1.xlarge\n
\n M3 node types:\n \t\t\t\t\t\t cache.m3.medium,\n \t\t\t\t\t\tcache.m3.large, \n \t\t\t\t\t\tcache.m3.xlarge,\n \t\t\t\t\t\tcache.m3.2xlarge\n
Compute optimized:
\n\n\t\t\t\tPrevious generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\t\t\t\n C1 node types:\n\t\t\t cache.c1.xlarge\n
Memory optimized with data tiering:
\n\t\tCurrent generation:
\n\t\t \n\t\t\n R6gd node types (available only for Redis engine version 6.2 onward).
\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t\t\n\t\t \n\t\t cache.r6gd.xlarge,\n\t\t cache.r6gd.2xlarge,\n\t\t cache.r6gd.4xlarge,\n\t\t cache.r6gd.8xlarge,\n\t\t cache.r6gd.12xlarge,\n\t\t cache.r6gd.16xlarge\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t
Memory optimized:
\n\t\t\t\tCurrent generation:
\n\n\t\t \t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n R6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward).
\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t cache.r6g.large,\n\t\t\t\t\t\t\tcache.r6g.xlarge,\n\t\t\t\t\t\t\tcache.r6g.2xlarge,\n\t\t\t\t\t\t\tcache.r6g.4xlarge,\n\t\t\t\t\t\t\tcache.r6g.8xlarge,\n\t\t\t\t\t\t\tcache.r6g.12xlarge,\n\t\t\t\t\t\t\tcache.r6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n R5 node types:\n \t\t\t\t\t cache.r5.large,\n \t\t\t\t\t cache.r5.xlarge,\n \t\t\t\t\t cache.r5.2xlarge,\n \t\t\t\t\t cache.r5.4xlarge,\n \t\t\t\t\t cache.r5.12xlarge,\n \t\t\t\t\t cache.r5.24xlarge\n
\n R4 node types:\n \t\t\t\t\t cache.r4.large,\n \t\t\t\t\t cache.r4.xlarge,\n \t\t\t\t\t cache.r4.2xlarge,\n \t\t\t\t\t cache.r4.4xlarge,\n \t\t\t\t\t cache.r4.8xlarge,\n \t\t\t\t\t cache.r4.16xlarge\n
Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\n M2 node types:\t\t\t\t\t\t\n \t\t\t\t\t cache.m2.xlarge, \n \t\t\t\t\t\tcache.m2.2xlarge,\n \t\t\t\t\t\tcache.m2.4xlarge\n
\n R3 node types:\n \t\t\t\t\t cache.r3.large, \n \t\t\t\t\t\tcache.r3.xlarge,\n \t\t\t\t\t\tcache.r3.2xlarge, \n \t\t\t\t\t\tcache.r3.4xlarge,\n \t\t\t\t\t\tcache.r3.8xlarge\n
\n Additional node type info\n
\n\t\tAll current generation instance types are created in Amazon VPC by default.
\nRedis append-only files (AOF) are not supported for T1 or T2 instances.
\nRedis Multi-AZ with automatic failover is not supported on T1 instances.
\nRedis configuration variables appendonly and \n\t\t\t\tappendfsync are not supported on Redis version 2.8.22 and later.
Represents an individual cache node within a cluster. Each cache node runs its own\n instance of the cluster's protocol-compliant caching software - either Memcached or\n Redis.
\n\nThe following node types are supported by ElastiCache. \n\t\t\t\tGenerally speaking, the current generation types provide more memory and computational power\n\t\t\tat lower cost when compared to their equivalent previous generation counterparts.
\n\t\tGeneral purpose:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n M6g node types: (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward): \tcache.m6g.large,\n\t\t\t\t\t\t\tcache.m6g.xlarge,\n\t\t\t\t\t\t\tcache.m6g.2xlarge,\n\t\t\t\t\t\t\tcache.m6g.4xlarge,\n\t\t\t\t\t\t\tcache.m6g.8xlarge,\n\t\t\t\t\t\t\tcache.m6g.12xlarge,\n\t\t\t\t\t\t\tcache.m6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n M5 node types:\n \t\t\t\t\t\t cache.m5.large,\n \t\t\t\t\t\tcache.m5.xlarge,\n \t\t\t\t\t\tcache.m5.2xlarge,\n \t\t\t\t\t\tcache.m5.4xlarge,\n \t\t\t\t\t\tcache.m5.12xlarge,\n \t\t\t\t\t\tcache.m5.24xlarge\n \t\t\t\t\t\t\n \t\t\t\t\t\t\n \t\t\t\t\t\t
\n M4 node types:\n \t\t\t\t\t\t cache.m4.large,\n \t\t\t\t\t\tcache.m4.xlarge,\n \t\t\t\t\t\tcache.m4.2xlarge,\n \t\t\t\t\t\tcache.m4.4xlarge,\n \t\t\t\t\t\tcache.m4.10xlarge\n
\n T4g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward):\n\t\t\t\t\t cache.t4g.micro,\n\t\t\t\t\t cache.t4g.small,\n\t\t\t\t\t cache.t4g.medium\n\t\t\t\t\t
\n T3 node types:\n\t\t\t\t\t cache.t3.micro, \n \t\t\t\t\t\tcache.t3.small,\n \t\t\t\t\t\tcache.t3.medium\n
\n T2 node types:\n\t\t\t\t\t cache.t2.micro, \n \t\t\t\t\t\tcache.t2.small,\n \t\t\t\t\t\tcache.t2.medium\n
Previous generation: (not recommended)
\n\t\t\t\t\t\t\n T1 node types:\n\t\t\t\t\t cache.t1.micro\n
\n M1 node types:\n\t\t\t\t\t\t cache.m1.small, \n\t\t\t\t\t\t cache.m1.medium, \n\t\t\t\t\t\t cache.m1.large,\n\t\t\t\t\t\t cache.m1.xlarge\n
\n M3 node types:\n \t\t\t\t\t\t cache.m3.medium,\n \t\t\t\t\t\tcache.m3.large, \n \t\t\t\t\t\tcache.m3.xlarge,\n \t\t\t\t\t\tcache.m3.2xlarge\n
Compute optimized:
\n\n\t\t\t\tPrevious generation: (not recommended)
\n\t\t\t\n C1 node types:\n\t\t\t cache.c1.xlarge\n
Memory optimized with data tiering:
\n\t\tCurrent generation:
\n\t\t \n\t\t\n R6gd node types (available only for Redis engine version 6.2 onward).
\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t\t\n\t\t \n\t\t cache.r6gd.xlarge,\n\t\t cache.r6gd.2xlarge,\n\t\t cache.r6gd.4xlarge,\n\t\t cache.r6gd.8xlarge,\n\t\t cache.r6gd.12xlarge,\n\t\t cache.r6gd.16xlarge\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t
Memory optimized:
\n\t\t\t\tCurrent generation:
\n\n\t\t\t \t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n R6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward).
\n\t\t\t\t\t\t\n\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t cache.r6g.large,\n\t\t\t\t\t\t\tcache.r6g.xlarge,\n\t\t\t\t\t\t\tcache.r6g.2xlarge,\n\t\t\t\t\t\t\tcache.r6g.4xlarge,\n\t\t\t\t\t\t\tcache.r6g.8xlarge,\n\t\t\t\t\t\t\tcache.r6g.12xlarge,\n\t\t\t\t\t\t\tcache.r6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n R5 node types:\n \t\t\t\t\t cache.r5.large,\n \t\t\t\t\t cache.r5.xlarge,\n \t\t\t\t\t cache.r5.2xlarge,\n \t\t\t\t\t cache.r5.4xlarge,\n \t\t\t\t\t cache.r5.12xlarge,\n \t\t\t\t\t cache.r5.24xlarge\n
\n R4 node types:\n \t\t\t\t\t cache.r4.large,\n \t\t\t\t\t cache.r4.xlarge,\n \t\t\t\t\t cache.r4.2xlarge,\n \t\t\t\t\t cache.r4.4xlarge,\n \t\t\t\t\t cache.r4.8xlarge,\n \t\t\t\t\t cache.r4.16xlarge\n
Previous generation: (not recommended)
\n\n M2 node types:\t\t\t\t\t\t\n \t\t\t\t\t cache.m2.xlarge, \n \t\t\t\t\t\tcache.m2.2xlarge,\n \t\t\t\t\t\tcache.m2.4xlarge\n
\n R3 node types:\n \t\t\t\t\t cache.r3.large, \n \t\t\t\t\t\tcache.r3.xlarge,\n \t\t\t\t\t\tcache.r3.2xlarge, \n \t\t\t\t\t\tcache.r3.4xlarge,\n \t\t\t\t\t\tcache.r3.8xlarge\n
\n Additional node type info\n
\n\t\tAll current generation instance types are created in Amazon VPC by default.
\nRedis append-only files (AOF) are not supported for T1 or T2 instances.
\nRedis Multi-AZ with automatic failover is not supported on T1 instances.
\nRedis configuration variables appendonly and \n\t\t\t\tappendfsync are not supported on Redis version 2.8.22 and later.
Represents an individual cache node within a cluster. Each cache node runs its own\n instance of the cluster's protocol-compliant caching software - either Memcached or\n Redis.
\n\nThe following node types are supported by ElastiCache. \n\t\t\t\tGenerally speaking, the current generation types provide more memory and computational power\n\t\t\tat lower cost when compared to their equivalent previous generation counterparts.
\n\t\tGeneral purpose:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n M6g node types: (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward): \tcache.m6g.large,\n\t\t\t\t\t\t\tcache.m6g.xlarge,\n\t\t\t\t\t\t\tcache.m6g.2xlarge,\n\t\t\t\t\t\t\tcache.m6g.4xlarge,\n\t\t\t\t\t\t\tcache.m6g.8xlarge,\n\t\t\t\t\t\t\tcache.m6g.12xlarge,\n\t\t\t\t\t\t\tcache.m6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n M5 node types:\n \t\t\t\t\t\t cache.m5.large,\n \t\t\t\t\t\tcache.m5.xlarge,\n \t\t\t\t\t\tcache.m5.2xlarge,\n \t\t\t\t\t\tcache.m5.4xlarge,\n \t\t\t\t\t\tcache.m5.12xlarge,\n \t\t\t\t\t\tcache.m5.24xlarge\n \t\t\t\t\t\t\n \t\t\t\t\t\t\n \t\t\t\t\t\t
\n M4 node types:\n \t\t\t\t\t\t cache.m4.large,\n \t\t\t\t\t\tcache.m4.xlarge,\n \t\t\t\t\t\tcache.m4.2xlarge,\n \t\t\t\t\t\tcache.m4.4xlarge,\n \t\t\t\t\t\tcache.m4.10xlarge\n
\n T4g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward):\n\t\t\t\t\t cache.t4g.micro,\n\t\t\t\t\t cache.t4g.small,\n\t\t\t\t\t cache.t4g.medium\n\t\t\t\t\t
\n T3 node types:\n\t\t\t\t\t cache.t3.micro, \n \t\t\t\t\t\tcache.t3.small,\n \t\t\t\t\t\tcache.t3.medium\n
\n T2 node types:\n\t\t\t\t\t cache.t2.micro, \n \t\t\t\t\t\tcache.t2.small,\n \t\t\t\t\t\tcache.t2.medium\n
Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\t\t\t\t\t\t\n T1 node types:\n\t\t\t\t\t cache.t1.micro\n
\n M1 node types:\n\t\t\t\t\t\t cache.m1.small, \n\t\t\t\t\t\t cache.m1.medium, \n\t\t\t\t\t\t cache.m1.large,\n\t\t\t\t\t\t cache.m1.xlarge\n
\n M3 node types:\n \t\t\t\t\t\t cache.m3.medium,\n \t\t\t\t\t\tcache.m3.large, \n \t\t\t\t\t\tcache.m3.xlarge,\n \t\t\t\t\t\tcache.m3.2xlarge\n
Compute optimized:
\n\n\t\t\t\tPrevious generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\t\t\t\n C1 node types:\n\t\t\t cache.c1.xlarge\n
Memory optimized with data tiering:
\n\t\tCurrent generation:
\n\t\t \n\t\t\n R6gd node types (available only for Redis engine version 6.2 onward).
\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t\t\n\t\t \n\t\t cache.r6gd.xlarge,\n\t\t cache.r6gd.2xlarge,\n\t\t cache.r6gd.4xlarge,\n\t\t cache.r6gd.8xlarge,\n\t\t cache.r6gd.12xlarge,\n\t\t cache.r6gd.16xlarge\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t
Memory optimized:
\n\t\t\t\tCurrent generation:
\n\n\t\t\t \t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n R6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward).
\n\t\t\t\t\t\t\n\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t cache.r6g.large,\n\t\t\t\t\t\t\tcache.r6g.xlarge,\n\t\t\t\t\t\t\tcache.r6g.2xlarge,\n\t\t\t\t\t\t\tcache.r6g.4xlarge,\n\t\t\t\t\t\t\tcache.r6g.8xlarge,\n\t\t\t\t\t\t\tcache.r6g.12xlarge,\n\t\t\t\t\t\t\tcache.r6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n R5 node types:\n \t\t\t\t\t cache.r5.large,\n \t\t\t\t\t cache.r5.xlarge,\n \t\t\t\t\t cache.r5.2xlarge,\n \t\t\t\t\t cache.r5.4xlarge,\n \t\t\t\t\t cache.r5.12xlarge,\n \t\t\t\t\t cache.r5.24xlarge\n
\n R4 node types:\n \t\t\t\t\t cache.r4.large,\n \t\t\t\t\t cache.r4.xlarge,\n \t\t\t\t\t cache.r4.2xlarge,\n \t\t\t\t\t cache.r4.4xlarge,\n \t\t\t\t\t cache.r4.8xlarge,\n \t\t\t\t\t cache.r4.16xlarge\n
Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\n M2 node types:\t\t\t\t\t\t\n \t\t\t\t\t cache.m2.xlarge, \n \t\t\t\t\t\tcache.m2.2xlarge,\n \t\t\t\t\t\tcache.m2.4xlarge\n
\n R3 node types:\n \t\t\t\t\t cache.r3.large, \n \t\t\t\t\t\tcache.r3.xlarge,\n \t\t\t\t\t\tcache.r3.2xlarge, \n \t\t\t\t\t\tcache.r3.4xlarge,\n \t\t\t\t\t\tcache.r3.8xlarge\n
\n Additional node type info\n
\n\t\tAll current generation instance types are created in Amazon VPC by default.
\nRedis append-only files (AOF) are not supported for T1 or T2 instances.
\nRedis Multi-AZ with automatic failover is not supported on T1 instances.
\nRedis configuration variables appendonly and \n\t\t\t\tappendfsync are not supported on Redis version 2.8.22 and later.
The compute and memory capacity of the nodes in the node group (shard).
\nThe following node types are supported by ElastiCache. \n\t\t\t\tGenerally speaking, the current generation types provide more memory and computational power\n\t\t\tat lower cost when compared to their equivalent previous generation counterparts.
\n\t\tGeneral purpose:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\t \n \t\t\t\t\t\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n M6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward):\n\t\t\t\t\t \n\t\t\t\t\t \tcache.m6g.large,\n\t\t\t\t\t\t\tcache.m6g.xlarge,\n\t\t\t\t\t\t\tcache.m6g.2xlarge,\n\t\t\t\t\t\t\tcache.m6g.4xlarge,\n\t\t\t\t\t\t\tcache.m6g.8xlarge,\n\t\t\t\t\t\t\tcache.m6g.12xlarge,\n\t\t\t\t\t\t\tcache.m6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n M5 node types:\n \t\t\t\t\t\t cache.m5.large,\n \t\t\t\t\t\tcache.m5.xlarge,\n \t\t\t\t\t\tcache.m5.2xlarge,\n \t\t\t\t\t\tcache.m5.4xlarge,\n \t\t\t\t\t\tcache.m5.12xlarge,\n \t\t\t\t\t\tcache.m5.24xlarge\n \t\t\t\t\t\t\n \t\t\t\t\t\t\n \t\t\t\t\t\t
\n M4 node types:\n \t\t\t\t\t\t cache.m4.large,\n \t\t\t\t\t\tcache.m4.xlarge,\n \t\t\t\t\t\tcache.m4.2xlarge,\n \t\t\t\t\t\tcache.m4.4xlarge,\n \t\t\t\t\t\tcache.m4.10xlarge\n
\n T4g node types (available only for Redis engine version 5.0.6 onward and Memcached engine version 1.5.16 onward):\n\t\t\t\t\t cache.t4g.micro,\n\t\t\t\t\t cache.t4g.small,\n\t\t\t\t\t cache.t4g.medium\n\t\t\t\t\t
\n T3 node types:\n\t\t\t\t\t cache.t3.micro, \n \t\t\t\t\t\tcache.t3.small,\n \t\t\t\t\t\tcache.t3.medium\n
\n T2 node types:\n\t\t\t\t\t cache.t2.micro, \n \t\t\t\t\t\tcache.t2.small,\n \t\t\t\t\t\tcache.t2.medium\n
Previous generation: (not recommended)
\n\t\t\t\t\t\t\n T1 node types:\n\t\t\t\t\t cache.t1.micro\n
\n M1 node types:\n\t\t\t\t\t\t cache.m1.small, \n\t\t\t\t\t\t cache.m1.medium, \n\t\t\t\t\t\t cache.m1.large,\n\t\t\t\t\t\t cache.m1.xlarge\n
\n M3 node types:\n \t\t\t\t\t\t cache.m3.medium,\n \t\t\t\t\t\tcache.m3.large, \n \t\t\t\t\t\tcache.m3.xlarge,\n \t\t\t\t\t\tcache.m3.2xlarge\n
Compute optimized:
\n\n\t\t\t\tPrevious generation: (not recommended)
\n\t\t\t\n C1 node types:\n\t\t\t cache.c1.xlarge\n
Memory optimized:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\t\t\t\t\t\t\n R6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward).
\n\t\t\t\t\t\t\n\t\t\t\t\t \n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t cache.r6g.large,\n\t\t\t\t\t\t\tcache.r6g.xlarge,\n\t\t\t\t\t\t\tcache.r6g.2xlarge,\n\t\t\t\t\t\t\tcache.r6g.4xlarge,\n\t\t\t\t\t\t\tcache.r6g.8xlarge,\n\t\t\t\t\t\t\tcache.r6g.12xlarge,\n\t\t\t\t\t\t\tcache.r6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n R5 node types:\n \t\t\t\t\t cache.r5.large,\n \t\t\t\t\t cache.r5.xlarge,\n \t\t\t\t\t cache.r5.2xlarge,\n \t\t\t\t\t cache.r5.4xlarge,\n \t\t\t\t\t cache.r5.12xlarge,\n \t\t\t\t\t cache.r5.24xlarge\n
\n R4 node types:\n \t\t\t\t\t cache.r4.large,\n \t\t\t\t\t cache.r4.xlarge,\n \t\t\t\t\t cache.r4.2xlarge,\n \t\t\t\t\t cache.r4.4xlarge,\n \t\t\t\t\t cache.r4.8xlarge,\n \t\t\t\t\t cache.r4.16xlarge\n
Previous generation: (not recommended)
\n\n M2 node types:\t\t\t\t\t\t\n \t\t\t\t\t cache.m2.xlarge, \n \t\t\t\t\t\tcache.m2.2xlarge,\n \t\t\t\t\t\tcache.m2.4xlarge\n
\n R3 node types:\n \t\t\t\t\t cache.r3.large, \n \t\t\t\t\t\tcache.r3.xlarge,\n \t\t\t\t\t\tcache.r3.2xlarge, \n \t\t\t\t\t\tcache.r3.4xlarge,\n \t\t\t\t\t\tcache.r3.8xlarge\n
\n Additional node type info\n
\n\t\tAll current generation instance types are created in Amazon VPC by default.
\nRedis append-only files (AOF) are not supported for T1 or T2 instances.
\nRedis Multi-AZ with automatic failover is not supported on T1 instances.
\nRedis configuration variables appendonly and \n\t\t\t\tappendfsync are not supported on Redis version 2.8.22 and later.
The compute and memory capacity of the nodes in the node group (shard).
\nThe following node types are supported by ElastiCache. \n\t\t\t\tGenerally speaking, the current generation types provide more memory and computational power\n\t\t\tat lower cost when compared to their equivalent previous generation counterparts.
\n\t\tGeneral purpose:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\t \n \t\t\t\t\t\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n M6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward):\n\t\t\t\t\t \n\t\t\t\t\t \tcache.m6g.large,\n\t\t\t\t\t\t\tcache.m6g.xlarge,\n\t\t\t\t\t\t\tcache.m6g.2xlarge,\n\t\t\t\t\t\t\tcache.m6g.4xlarge,\n\t\t\t\t\t\t\tcache.m6g.8xlarge,\n\t\t\t\t\t\t\tcache.m6g.12xlarge,\n\t\t\t\t\t\t\tcache.m6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n M5 node types:\n \t\t\t\t\t\t cache.m5.large,\n \t\t\t\t\t\tcache.m5.xlarge,\n \t\t\t\t\t\tcache.m5.2xlarge,\n \t\t\t\t\t\tcache.m5.4xlarge,\n \t\t\t\t\t\tcache.m5.12xlarge,\n \t\t\t\t\t\tcache.m5.24xlarge\n \t\t\t\t\t\t\n \t\t\t\t\t\t\n \t\t\t\t\t\t
\n M4 node types:\n \t\t\t\t\t\t cache.m4.large,\n \t\t\t\t\t\tcache.m4.xlarge,\n \t\t\t\t\t\tcache.m4.2xlarge,\n \t\t\t\t\t\tcache.m4.4xlarge,\n \t\t\t\t\t\tcache.m4.10xlarge\n
\n T4g node types (available only for Redis engine version 5.0.6 onward and Memcached engine version 1.5.16 onward):\n\t\t\t\t\t cache.t4g.micro,\n\t\t\t\t\t cache.t4g.small,\n\t\t\t\t\t cache.t4g.medium\n\t\t\t\t\t
\n T3 node types:\n\t\t\t\t\t cache.t3.micro, \n \t\t\t\t\t\tcache.t3.small,\n \t\t\t\t\t\tcache.t3.medium\n
\n T2 node types:\n\t\t\t\t\t cache.t2.micro, \n \t\t\t\t\t\tcache.t2.small,\n \t\t\t\t\t\tcache.t2.medium\n
Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\t\t\t\t\t\t\n T1 node types:\n\t\t\t\t\t cache.t1.micro\n
\n M1 node types:\n\t\t\t\t\t\t cache.m1.small, \n\t\t\t\t\t\t cache.m1.medium, \n\t\t\t\t\t\t cache.m1.large,\n\t\t\t\t\t\t cache.m1.xlarge\n
\n M3 node types:\n \t\t\t\t\t\t cache.m3.medium,\n \t\t\t\t\t\tcache.m3.large, \n \t\t\t\t\t\tcache.m3.xlarge,\n \t\t\t\t\t\tcache.m3.2xlarge\n
Compute optimized:
\n\n\t\t\t\tPrevious generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\t\t\t\n C1 node types:\n\t\t\t cache.c1.xlarge\n
Memory optimized:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\t\t\t\t\t\t\n R6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward).
\n\t\t\t\t\t\t\n\t\t\t\t\t \n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t cache.r6g.large,\n\t\t\t\t\t\t\tcache.r6g.xlarge,\n\t\t\t\t\t\t\tcache.r6g.2xlarge,\n\t\t\t\t\t\t\tcache.r6g.4xlarge,\n\t\t\t\t\t\t\tcache.r6g.8xlarge,\n\t\t\t\t\t\t\tcache.r6g.12xlarge,\n\t\t\t\t\t\t\tcache.r6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n R5 node types:\n \t\t\t\t\t cache.r5.large,\n \t\t\t\t\t cache.r5.xlarge,\n \t\t\t\t\t cache.r5.2xlarge,\n \t\t\t\t\t cache.r5.4xlarge,\n \t\t\t\t\t cache.r5.12xlarge,\n \t\t\t\t\t cache.r5.24xlarge\n
\n R4 node types:\n \t\t\t\t\t cache.r4.large,\n \t\t\t\t\t cache.r4.xlarge,\n \t\t\t\t\t cache.r4.2xlarge,\n \t\t\t\t\t cache.r4.4xlarge,\n \t\t\t\t\t cache.r4.8xlarge,\n \t\t\t\t\t cache.r4.16xlarge\n
Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\n M2 node types:\t\t\t\t\t\t\n \t\t\t\t\t cache.m2.xlarge, \n \t\t\t\t\t\tcache.m2.2xlarge,\n \t\t\t\t\t\tcache.m2.4xlarge\n
\n R3 node types:\n \t\t\t\t\t cache.r3.large, \n \t\t\t\t\t\tcache.r3.xlarge,\n \t\t\t\t\t\tcache.r3.2xlarge, \n \t\t\t\t\t\tcache.r3.4xlarge,\n \t\t\t\t\t\tcache.r3.8xlarge\n
\n Additional node type info\n
\n\t\tAll current generation instance types are created in Amazon VPC by default.
\nRedis append-only files (AOF) are not supported for T1 or T2 instances.
\nRedis Multi-AZ with automatic failover is not supported on T1 instances.
\nRedis configuration variables appendonly and \n\t\t\t\tappendfsync are not supported on Redis version 2.8.22 and later.
The compute and memory capacity of the nodes in the node group (shard).
\nThe following node types are supported by ElastiCache. \n\t\t\t\tGenerally speaking, the current generation types provide more memory and computational power\n\t\t\tat lower cost when compared to their equivalent previous generation counterparts.
\n\t\tGeneral purpose:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n M6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward):\n\t\t\t\t\t\tcache.m6g.large,\n\t\t\t\t\t\t\tcache.m6g.xlarge,\n\t\t\t\t\t\t\tcache.m6g.2xlarge,\n\t\t\t\t\t\t\tcache.m6g.4xlarge,\n\t\t\t\t\t\t\tcache.m6g.8xlarge,\n\t\t\t\t\t\t\tcache.m6g.12xlarge,\n\t\t\t\t\t\t\tcache.m6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n M5 node types:\n \t\t\t\t\t\t cache.m5.large,\n \t\t\t\t\t\tcache.m5.xlarge,\n \t\t\t\t\t\tcache.m5.2xlarge,\n \t\t\t\t\t\tcache.m5.4xlarge,\n \t\t\t\t\t\tcache.m5.12xlarge,\n \t\t\t\t\t\tcache.m5.24xlarge\n \t\t\t\t\t\t\n \t\t\t\t\t\t\n \t\t\t\t\t\t
\n M4 node types:\n \t\t\t\t\t\t cache.m4.large,\n \t\t\t\t\t\tcache.m4.xlarge,\n \t\t\t\t\t\tcache.m4.2xlarge,\n \t\t\t\t\t\tcache.m4.4xlarge,\n \t\t\t\t\t\tcache.m4.10xlarge\n
\n T4g node types (available only for Redis engine version 5.0.6 onward and Memcached engine version 1.5.16 onward): \n\t\t\t\t\t cache.t4g.micro,\n\t\t\t\t\t cache.t4g.small,\n\t\t\t\t\t cache.t4g.medium\n\t\t\t\t\t
\n T3 node types:\n\t\t\t\t\t cache.t3.micro, \n \t\t\t\t\t\tcache.t3.small,\n \t\t\t\t\t\tcache.t3.medium\n
\n T2 node types:\n\t\t\t\t\t cache.t2.micro, \n \t\t\t\t\t\tcache.t2.small,\n \t\t\t\t\t\tcache.t2.medium\n
Previous generation: (not recommended)
\n\t\t\t\t\t\t\n T1 node types:\n\t\t\t\t\t cache.t1.micro\n
\n M1 node types:\n\t\t\t\t\t\t cache.m1.small, \n\t\t\t\t\t\t cache.m1.medium, \n\t\t\t\t\t\t cache.m1.large,\n\t\t\t\t\t\t cache.m1.xlarge\n
\n M3 node types:\n \t\t\t\t\t\t cache.m3.medium,\n \t\t\t\t\t\tcache.m3.large, \n \t\t\t\t\t\tcache.m3.xlarge,\n \t\t\t\t\t\tcache.m3.2xlarge\n
Compute optimized:
\n\n\t\t\t\tPrevious generation: (not recommended)
\n\t\t\t\n C1 node types:\n\t\t\t cache.c1.xlarge\n
Memory optimized with data tiering:
\n\t\tCurrent generation:
\n\t\t \n\t\t\n R6gd node types (available only for Redis engine version 6.2 onward).
\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t\t\n\t\t \n\t\t cache.r6gd.xlarge,\n\t\t cache.r6gd.2xlarge,\n\t\t cache.r6gd.4xlarge,\n\t\t cache.r6gd.8xlarge,\n\t\t cache.r6gd.12xlarge,\n\t\t cache.r6gd.16xlarge\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t
Memory optimized:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\n\t\t\t\t\t \t\t \t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n R6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward).
\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t cache.r6g.large,\n\t\t\t\t\t\t\tcache.r6g.xlarge,\n\t\t\t\t\t\t\tcache.r6g.2xlarge,\n\t\t\t\t\t\t\tcache.r6g.4xlarge,\n\t\t\t\t\t\t\tcache.r6g.8xlarge,\n\t\t\t\t\t\t\tcache.r6g.12xlarge,\n\t\t\t\t\t\t\tcache.r6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n R5 node types:\n \t\t\t\t\t cache.r5.large,\n \t\t\t\t\t cache.r5.xlarge,\n \t\t\t\t\t cache.r5.2xlarge,\n \t\t\t\t\t cache.r5.4xlarge,\n \t\t\t\t\t cache.r5.12xlarge,\n \t\t\t\t\t cache.r5.24xlarge\n
\n R4 node types:\n \t\t\t\t\t cache.r4.large,\n \t\t\t\t\t cache.r4.xlarge,\n \t\t\t\t\t cache.r4.2xlarge,\n \t\t\t\t\t cache.r4.4xlarge,\n \t\t\t\t\t cache.r4.8xlarge,\n \t\t\t\t\t cache.r4.16xlarge\n
Previous generation: (not recommended)
\n\n M2 node types:\t\t\t\t\t\t\n \t\t\t\t\t cache.m2.xlarge, \n \t\t\t\t\t\tcache.m2.2xlarge,\n \t\t\t\t\t\tcache.m2.4xlarge\n
\n R3 node types:\n \t\t\t\t\t cache.r3.large, \n \t\t\t\t\t\tcache.r3.xlarge,\n \t\t\t\t\t\tcache.r3.2xlarge, \n \t\t\t\t\t\tcache.r3.4xlarge,\n \t\t\t\t\t\tcache.r3.8xlarge\n
\n Additional node type info\n
\n\t\tAll current generation instance types are created in Amazon VPC by default.
\nRedis append-only files (AOF) are not supported for T1 or T2 instances.
\nRedis Multi-AZ with automatic failover is not supported on T1 instances.
\nRedis configuration variables appendonly and \n\t\t\t\tappendfsync are not supported on Redis version 2.8.22 and later.
The compute and memory capacity of the nodes in the node group (shard).
\nThe following node types are supported by ElastiCache. \n\t\t\t\tGenerally speaking, the current generation types provide more memory and computational power\n\t\t\tat lower cost when compared to their equivalent previous generation counterparts.
\n\t\tGeneral purpose:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n M6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward):\n\t\t\t\t\t\tcache.m6g.large,\n\t\t\t\t\t\t\tcache.m6g.xlarge,\n\t\t\t\t\t\t\tcache.m6g.2xlarge,\n\t\t\t\t\t\t\tcache.m6g.4xlarge,\n\t\t\t\t\t\t\tcache.m6g.8xlarge,\n\t\t\t\t\t\t\tcache.m6g.12xlarge,\n\t\t\t\t\t\t\tcache.m6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n M5 node types:\n \t\t\t\t\t\t cache.m5.large,\n \t\t\t\t\t\tcache.m5.xlarge,\n \t\t\t\t\t\tcache.m5.2xlarge,\n \t\t\t\t\t\tcache.m5.4xlarge,\n \t\t\t\t\t\tcache.m5.12xlarge,\n \t\t\t\t\t\tcache.m5.24xlarge\n \t\t\t\t\t\t\n \t\t\t\t\t\t\n \t\t\t\t\t\t
\n M4 node types:\n \t\t\t\t\t\t cache.m4.large,\n \t\t\t\t\t\tcache.m4.xlarge,\n \t\t\t\t\t\tcache.m4.2xlarge,\n \t\t\t\t\t\tcache.m4.4xlarge,\n \t\t\t\t\t\tcache.m4.10xlarge\n
\n T4g node types (available only for Redis engine version 5.0.6 onward and Memcached engine version 1.5.16 onward): \n\t\t\t\t\t cache.t4g.micro,\n\t\t\t\t\t cache.t4g.small,\n\t\t\t\t\t cache.t4g.medium\n\t\t\t\t\t
\n T3 node types:\n\t\t\t\t\t cache.t3.micro, \n \t\t\t\t\t\tcache.t3.small,\n \t\t\t\t\t\tcache.t3.medium\n
\n T2 node types:\n\t\t\t\t\t cache.t2.micro, \n \t\t\t\t\t\tcache.t2.small,\n \t\t\t\t\t\tcache.t2.medium\n
Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\t\t\t\t\t\t\n T1 node types:\n\t\t\t\t\t cache.t1.micro\n
\n M1 node types:\n\t\t\t\t\t\t cache.m1.small, \n\t\t\t\t\t\t cache.m1.medium, \n\t\t\t\t\t\t cache.m1.large,\n\t\t\t\t\t\t cache.m1.xlarge\n
\n M3 node types:\n \t\t\t\t\t\t cache.m3.medium,\n \t\t\t\t\t\tcache.m3.large, \n \t\t\t\t\t\tcache.m3.xlarge,\n \t\t\t\t\t\tcache.m3.2xlarge\n
Compute optimized:
\n\n\t\t\t\tPrevious generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\t\t\t\n C1 node types:\n\t\t\t cache.c1.xlarge\n
Memory optimized with data tiering:
\n\t\tCurrent generation:
\n\t\t \n\t\t\n R6gd node types (available only for Redis engine version 6.2 onward).
\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t\t\n\t\t \n\t\t cache.r6gd.xlarge,\n\t\t cache.r6gd.2xlarge,\n\t\t cache.r6gd.4xlarge,\n\t\t cache.r6gd.8xlarge,\n\t\t cache.r6gd.12xlarge,\n\t\t cache.r6gd.16xlarge\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t
Memory optimized:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\n\t\t\t\t\t \t\t \t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n R6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward).
\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t cache.r6g.large,\n\t\t\t\t\t\t\tcache.r6g.xlarge,\n\t\t\t\t\t\t\tcache.r6g.2xlarge,\n\t\t\t\t\t\t\tcache.r6g.4xlarge,\n\t\t\t\t\t\t\tcache.r6g.8xlarge,\n\t\t\t\t\t\t\tcache.r6g.12xlarge,\n\t\t\t\t\t\t\tcache.r6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n R5 node types:\n \t\t\t\t\t cache.r5.large,\n \t\t\t\t\t cache.r5.xlarge,\n \t\t\t\t\t cache.r5.2xlarge,\n \t\t\t\t\t cache.r5.4xlarge,\n \t\t\t\t\t cache.r5.12xlarge,\n \t\t\t\t\t cache.r5.24xlarge\n
\n R4 node types:\n \t\t\t\t\t cache.r4.large,\n \t\t\t\t\t cache.r4.xlarge,\n \t\t\t\t\t cache.r4.2xlarge,\n \t\t\t\t\t cache.r4.4xlarge,\n \t\t\t\t\t cache.r4.8xlarge,\n \t\t\t\t\t cache.r4.16xlarge\n
Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\n M2 node types:\t\t\t\t\t\t\n \t\t\t\t\t cache.m2.xlarge, \n \t\t\t\t\t\tcache.m2.2xlarge,\n \t\t\t\t\t\tcache.m2.4xlarge\n
\n R3 node types:\n \t\t\t\t\t cache.r3.large, \n \t\t\t\t\t\tcache.r3.xlarge,\n \t\t\t\t\t\tcache.r3.2xlarge, \n \t\t\t\t\t\tcache.r3.4xlarge,\n \t\t\t\t\t\tcache.r3.8xlarge\n
\n Additional node type info\n
\n\t\tAll current generation instance types are created in Amazon VPC by default.
\nRedis append-only files (AOF) are not supported for T1 or T2 instances.
\nRedis Multi-AZ with automatic failover is not supported on T1 instances.
\nRedis configuration variables appendonly and \n\t\t\t\tappendfsync are not supported on Redis version 2.8.22 and later.
The cache node type filter value. \n Use this parameter to show only those reservations matching the specified cache node type.
\n \nThe following node types are supported by ElastiCache. \n\t\t\t\tGenerally speaking, the current generation types provide more memory and computational power\n\t\t\tat lower cost when compared to their equivalent previous generation counterparts.
\n\t\tGeneral purpose:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n M6g node types: (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward):\n\t\t\t\t\t cache.m6g.large,\n\t\t\t\t\t\t\tcache.m6g.xlarge,\n\t\t\t\t\t\t\tcache.m6g.2xlarge,\n\t\t\t\t\t\t\tcache.m6g.4xlarge,\n\t\t\t\t\t\t\tcache.m6g.8xlarge,\n\t\t\t\t\t\t\tcache.m6g.12xlarge,\n\t\t\t\t\t\t\tcache.m6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n M5 node types:\n \t\t\t\t\t\t cache.m5.large,\n \t\t\t\t\t\tcache.m5.xlarge,\n \t\t\t\t\t\tcache.m5.2xlarge,\n \t\t\t\t\t\tcache.m5.4xlarge,\n \t\t\t\t\t\tcache.m5.12xlarge,\n \t\t\t\t\t\tcache.m5.24xlarge\n \t\t\t\t\t\t\n \t\t\t\t\t\t\n \t\t\t\t\t\t
\n M4 node types:\n \t\t\t\t\t\t cache.m4.large,\n \t\t\t\t\t\tcache.m4.xlarge,\n \t\t\t\t\t\tcache.m4.2xlarge,\n \t\t\t\t\t\tcache.m4.4xlarge,\n \t\t\t\t\t\tcache.m4.10xlarge\n
\n T4g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward):\n\t\t\t\t\t cache.t4g.micro,\n\t\t\t\t\t cache.t4g.small,\n\t\t\t\t\t cache.t4g.medium\n\t\t\t\t\t
\n T3 node types:\n\t\t\t\t\t cache.t3.micro, \n \t\t\t\t\t\tcache.t3.small,\n \t\t\t\t\t\tcache.t3.medium\n
\n T2 node types:\n\t\t\t\t\t cache.t2.micro, \n \t\t\t\t\t\tcache.t2.small,\n \t\t\t\t\t\tcache.t2.medium\n
Previous generation: (not recommended)
\n\t\t\t\t\t\t\n T1 node types:\n\t\t\t\t\t cache.t1.micro\n
\n M1 node types:\n\t\t\t\t\t\t cache.m1.small, \n\t\t\t\t\t\t cache.m1.medium, \n\t\t\t\t\t\t cache.m1.large,\n\t\t\t\t\t\t cache.m1.xlarge\n
\n M3 node types:\n \t\t\t\t\t\t cache.m3.medium,\n \t\t\t\t\t\tcache.m3.large, \n \t\t\t\t\t\tcache.m3.xlarge,\n \t\t\t\t\t\tcache.m3.2xlarge\n
Compute optimized:
\n\n\t\t\t\tPrevious generation: (not recommended)
\n\t\t\t\n C1 node types:\n\t\t\t cache.c1.xlarge\n
Memory optimized with data tiering:
\n\t\tCurrent generation:
\n\t\t \n\t\t\n R6gd node types (available only for Redis engine version 6.2 onward).
\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t\t\n\t\t \n\t\t cache.r6gd.xlarge,\n\t\t cache.r6gd.2xlarge,\n\t\t cache.r6gd.4xlarge,\n\t\t cache.r6gd.8xlarge,\n\t\t cache.r6gd.12xlarge,\n\t\t cache.r6gd.16xlarge\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t
Memory optimized:
\n\t\t\t\tCurrent generation:
\n\t\n\t\t\t\t\t\t\t\t \t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n R6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward).
\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t cache.r6g.large,\n\t\t\t\t\t\t\tcache.r6g.xlarge,\n\t\t\t\t\t\t\tcache.r6g.2xlarge,\n\t\t\t\t\t\t\tcache.r6g.4xlarge,\n\t\t\t\t\t\t\tcache.r6g.8xlarge,\n\t\t\t\t\t\t\tcache.r6g.12xlarge,\n\t\t\t\t\t\t\tcache.r6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n R5 node types:\n \t\t\t\t\t cache.r5.large,\n \t\t\t\t\t cache.r5.xlarge,\n \t\t\t\t\t cache.r5.2xlarge,\n \t\t\t\t\t cache.r5.4xlarge,\n \t\t\t\t\t cache.r5.12xlarge,\n \t\t\t\t\t cache.r5.24xlarge\n
\n R4 node types:\n \t\t\t\t\t cache.r4.large,\n \t\t\t\t\t cache.r4.xlarge,\n \t\t\t\t\t cache.r4.2xlarge,\n \t\t\t\t\t cache.r4.4xlarge,\n \t\t\t\t\t cache.r4.8xlarge,\n \t\t\t\t\t cache.r4.16xlarge\n
Previous generation: (not recommended)
\n\n M2 node types:\t\t\t\t\t\t\n \t\t\t\t\t cache.m2.xlarge, \n \t\t\t\t\t\tcache.m2.2xlarge,\n \t\t\t\t\t\tcache.m2.4xlarge\n
\n R3 node types:\n \t\t\t\t\t cache.r3.large, \n \t\t\t\t\t\tcache.r3.xlarge,\n \t\t\t\t\t\tcache.r3.2xlarge, \n \t\t\t\t\t\tcache.r3.4xlarge,\n \t\t\t\t\t\tcache.r3.8xlarge\n
\n Additional node type info\n
\n\t\tAll current generation instance types are created in Amazon VPC by default.
\nRedis append-only files (AOF) are not supported for T1 or T2 instances.
\nRedis Multi-AZ with automatic failover is not supported on T1 instances.
\nRedis configuration variables appendonly and \n\t\t\t\tappendfsync are not supported on Redis version 2.8.22 and later.
The cache node type filter value. \n Use this parameter to show only those reservations matching the specified cache node type.
\n \nThe following node types are supported by ElastiCache. \n\t\t\t\tGenerally speaking, the current generation types provide more memory and computational power\n\t\t\tat lower cost when compared to their equivalent previous generation counterparts.
\n\t\tGeneral purpose:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n M6g node types: (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward):\n\t\t\t\t\t cache.m6g.large,\n\t\t\t\t\t\t\tcache.m6g.xlarge,\n\t\t\t\t\t\t\tcache.m6g.2xlarge,\n\t\t\t\t\t\t\tcache.m6g.4xlarge,\n\t\t\t\t\t\t\tcache.m6g.8xlarge,\n\t\t\t\t\t\t\tcache.m6g.12xlarge,\n\t\t\t\t\t\t\tcache.m6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n M5 node types:\n \t\t\t\t\t\t cache.m5.large,\n \t\t\t\t\t\tcache.m5.xlarge,\n \t\t\t\t\t\tcache.m5.2xlarge,\n \t\t\t\t\t\tcache.m5.4xlarge,\n \t\t\t\t\t\tcache.m5.12xlarge,\n \t\t\t\t\t\tcache.m5.24xlarge\n \t\t\t\t\t\t\n \t\t\t\t\t\t\n \t\t\t\t\t\t
\n M4 node types:\n \t\t\t\t\t\t cache.m4.large,\n \t\t\t\t\t\tcache.m4.xlarge,\n \t\t\t\t\t\tcache.m4.2xlarge,\n \t\t\t\t\t\tcache.m4.4xlarge,\n \t\t\t\t\t\tcache.m4.10xlarge\n
\n T4g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward):\n\t\t\t\t\t cache.t4g.micro,\n\t\t\t\t\t cache.t4g.small,\n\t\t\t\t\t cache.t4g.medium\n\t\t\t\t\t
\n T3 node types:\n\t\t\t\t\t cache.t3.micro, \n \t\t\t\t\t\tcache.t3.small,\n \t\t\t\t\t\tcache.t3.medium\n
\n T2 node types:\n\t\t\t\t\t cache.t2.micro, \n \t\t\t\t\t\tcache.t2.small,\n \t\t\t\t\t\tcache.t2.medium\n
Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\t\t\t\t\t\t\n T1 node types:\n\t\t\t\t\t cache.t1.micro\n
\n M1 node types:\n\t\t\t\t\t\t cache.m1.small, \n\t\t\t\t\t\t cache.m1.medium, \n\t\t\t\t\t\t cache.m1.large,\n\t\t\t\t\t\t cache.m1.xlarge\n
\n M3 node types:\n \t\t\t\t\t\t cache.m3.medium,\n \t\t\t\t\t\tcache.m3.large, \n \t\t\t\t\t\tcache.m3.xlarge,\n \t\t\t\t\t\tcache.m3.2xlarge\n
Compute optimized:
\n\n\t\t\t\tPrevious generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\t\t\t\n C1 node types:\n\t\t\t cache.c1.xlarge\n
Memory optimized with data tiering:
\n\t\tCurrent generation:
\n\t\t \n\t\t\n R6gd node types (available only for Redis engine version 6.2 onward).
\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t\t\n\t\t \n\t\t cache.r6gd.xlarge,\n\t\t cache.r6gd.2xlarge,\n\t\t cache.r6gd.4xlarge,\n\t\t cache.r6gd.8xlarge,\n\t\t cache.r6gd.12xlarge,\n\t\t cache.r6gd.16xlarge\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t
Memory optimized:
\n\t\t\t\tCurrent generation:
\n\t\n\t\t\t\t\t\t\t\t \t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n R6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward).
\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t cache.r6g.large,\n\t\t\t\t\t\t\tcache.r6g.xlarge,\n\t\t\t\t\t\t\tcache.r6g.2xlarge,\n\t\t\t\t\t\t\tcache.r6g.4xlarge,\n\t\t\t\t\t\t\tcache.r6g.8xlarge,\n\t\t\t\t\t\t\tcache.r6g.12xlarge,\n\t\t\t\t\t\t\tcache.r6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n R5 node types:\n \t\t\t\t\t cache.r5.large,\n \t\t\t\t\t cache.r5.xlarge,\n \t\t\t\t\t cache.r5.2xlarge,\n \t\t\t\t\t cache.r5.4xlarge,\n \t\t\t\t\t cache.r5.12xlarge,\n \t\t\t\t\t cache.r5.24xlarge\n
\n R4 node types:\n \t\t\t\t\t cache.r4.large,\n \t\t\t\t\t cache.r4.xlarge,\n \t\t\t\t\t cache.r4.2xlarge,\n \t\t\t\t\t cache.r4.4xlarge,\n \t\t\t\t\t cache.r4.8xlarge,\n \t\t\t\t\t cache.r4.16xlarge\n
Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\n M2 node types:\t\t\t\t\t\t\n \t\t\t\t\t cache.m2.xlarge, \n \t\t\t\t\t\tcache.m2.2xlarge,\n \t\t\t\t\t\tcache.m2.4xlarge\n
\n R3 node types:\n \t\t\t\t\t cache.r3.large, \n \t\t\t\t\t\tcache.r3.xlarge,\n \t\t\t\t\t\tcache.r3.2xlarge, \n \t\t\t\t\t\tcache.r3.4xlarge,\n \t\t\t\t\t\tcache.r3.8xlarge\n
\n Additional node type info\n
\n\t\tAll current generation instance types are created in Amazon VPC by default.
\nRedis append-only files (AOF) are not supported for T1 or T2 instances.
\nRedis Multi-AZ with automatic failover is not supported on T1 instances.
\nRedis configuration variables appendonly and \n\t\t\t\tappendfsync are not supported on Redis version 2.8.22 and later.
The cache node type filter value. \n Use this parameter to show only the available offerings matching the specified cache node type.
\n\nThe following node types are supported by ElastiCache. \n\t\t\t\tGenerally speaking, the current generation types provide more memory and computational power\n\t\t\tat lower cost when compared to their equivalent previous generation counterparts.
\n\t\tGeneral purpose:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n M6g node types: (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward)\tcache.m6g.large,\n\t\t\t\t\t\t\tcache.m6g.xlarge,\n\t\t\t\t\t\t\tcache.m6g.2xlarge,\n\t\t\t\t\t\t\tcache.m6g.4xlarge,\n\t\t\t\t\t\t\tcache.m6g.8xlarge,\n\t\t\t\t\t\t\tcache.m6g.12xlarge,\n\t\t\t\t\t\t\tcache.m6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n M5 node types:\n \t\t\t\t\t\t cache.m5.large,\n \t\t\t\t\t\tcache.m5.xlarge,\n \t\t\t\t\t\tcache.m5.2xlarge,\n \t\t\t\t\t\tcache.m5.4xlarge,\n \t\t\t\t\t\tcache.m5.12xlarge,\n \t\t\t\t\t\tcache.m5.24xlarge\n \t\t\t\t\t\t\n \t\t\t\t\t\t\n \t\t\t\t\t\t
\n M4 node types:\n \t\t\t\t\t\t cache.m4.large,\n \t\t\t\t\t\tcache.m4.xlarge,\n \t\t\t\t\t\tcache.m4.2xlarge,\n \t\t\t\t\t\tcache.m4.4xlarge,\n \t\t\t\t\t\tcache.m4.10xlarge\n
\n T4g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward):\n\t\t\t\t\t cache.t4g.micro,\n\t\t\t\t\t cache.t4g.small,\n\t\t\t\t\t cache.t4g.medium\n\t\t\t\t\t
\n T3 node types:\n\t\t\t\t\t cache.t3.micro, \n \t\t\t\t\t\tcache.t3.small,\n \t\t\t\t\t\tcache.t3.medium\n
\n T2 node types:\n\t\t\t\t\t cache.t2.micro, \n \t\t\t\t\t\tcache.t2.small,\n \t\t\t\t\t\tcache.t2.medium\n
Previous generation: (not recommended)
\n\t\t\t\t\t\t\n T1 node types:\n\t\t\t\t\t cache.t1.micro\n
\n M1 node types:\n\t\t\t\t\t\t cache.m1.small, \n\t\t\t\t\t\t cache.m1.medium, \n\t\t\t\t\t\t cache.m1.large,\n\t\t\t\t\t\t cache.m1.xlarge\n
\n M3 node types:\n \t\t\t\t\t\t cache.m3.medium,\n \t\t\t\t\t\tcache.m3.large, \n \t\t\t\t\t\tcache.m3.xlarge,\n \t\t\t\t\t\tcache.m3.2xlarge\n
Compute optimized:
\n\n\t\t\t\tPrevious generation: (not recommended)
\n\t\t\t\n C1 node types:\n\t\t\t cache.c1.xlarge\n
Memory optimized with data tiering:
\n\t\tCurrent generation:
\n\t\t \n\t\t\n R6gd node types (available only for Redis engine version 6.2 onward).
\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t\t\n\t\t \n\t\t cache.r6gd.xlarge,\n\t\t cache.r6gd.2xlarge,\n\t\t cache.r6gd.4xlarge,\n\t\t cache.r6gd.8xlarge,\n\t\t cache.r6gd.12xlarge,\n\t\t cache.r6gd.16xlarge\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t
Memory optimized:
\n\t\t\t\tCurrent generation:
\n\n\n\t\t\t\t\t \t\t\t \t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n R6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward).
\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t cache.r6g.large,\n\t\t\t\t\t\t\tcache.r6g.xlarge,\n\t\t\t\t\t\t\tcache.r6g.2xlarge,\n\t\t\t\t\t\t\tcache.r6g.4xlarge,\n\t\t\t\t\t\t\tcache.r6g.8xlarge,\n\t\t\t\t\t\t\tcache.r6g.12xlarge,\n\t\t\t\t\t\t\tcache.r6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n R5 node types:\n \t\t\t\t\t cache.r5.large,\n \t\t\t\t\t cache.r5.xlarge,\n \t\t\t\t\t cache.r5.2xlarge,\n \t\t\t\t\t cache.r5.4xlarge,\n \t\t\t\t\t cache.r5.12xlarge,\n \t\t\t\t\t cache.r5.24xlarge\n
\n R4 node types:\n \t\t\t\t\t cache.r4.large,\n \t\t\t\t\t cache.r4.xlarge,\n \t\t\t\t\t cache.r4.2xlarge,\n \t\t\t\t\t cache.r4.4xlarge,\n \t\t\t\t\t cache.r4.8xlarge,\n \t\t\t\t\t cache.r4.16xlarge\n
Previous generation: (not recommended)
\n\n M2 node types:\t\t\t\t\t\t\n \t\t\t\t\t cache.m2.xlarge, \n \t\t\t\t\t\tcache.m2.2xlarge,\n \t\t\t\t\t\tcache.m2.4xlarge\n
\n R3 node types:\n \t\t\t\t\t cache.r3.large, \n \t\t\t\t\t\tcache.r3.xlarge,\n \t\t\t\t\t\tcache.r3.2xlarge, \n \t\t\t\t\t\tcache.r3.4xlarge,\n \t\t\t\t\t\tcache.r3.8xlarge\n
\n Additional node type info\n
\n\t\tAll current generation instance types are created in Amazon VPC by default.
\nRedis append-only files (AOF) are not supported for T1 or T2 instances.
\nRedis Multi-AZ with automatic failover is not supported on T1 instances.
\nRedis configuration variables appendonly and \n\t\t\t\tappendfsync are not supported on Redis version 2.8.22 and later.
The cache node type filter value. \n Use this parameter to show only the available offerings matching the specified cache node type.
\n\nThe following node types are supported by ElastiCache. \n\t\t\t\tGenerally speaking, the current generation types provide more memory and computational power\n\t\t\tat lower cost when compared to their equivalent previous generation counterparts.
\n\t\tGeneral purpose:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n M6g node types: (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward)\tcache.m6g.large,\n\t\t\t\t\t\t\tcache.m6g.xlarge,\n\t\t\t\t\t\t\tcache.m6g.2xlarge,\n\t\t\t\t\t\t\tcache.m6g.4xlarge,\n\t\t\t\t\t\t\tcache.m6g.8xlarge,\n\t\t\t\t\t\t\tcache.m6g.12xlarge,\n\t\t\t\t\t\t\tcache.m6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n M5 node types:\n \t\t\t\t\t\t cache.m5.large,\n \t\t\t\t\t\tcache.m5.xlarge,\n \t\t\t\t\t\tcache.m5.2xlarge,\n \t\t\t\t\t\tcache.m5.4xlarge,\n \t\t\t\t\t\tcache.m5.12xlarge,\n \t\t\t\t\t\tcache.m5.24xlarge\n \t\t\t\t\t\t\n \t\t\t\t\t\t\n \t\t\t\t\t\t
\n M4 node types:\n \t\t\t\t\t\t cache.m4.large,\n \t\t\t\t\t\tcache.m4.xlarge,\n \t\t\t\t\t\tcache.m4.2xlarge,\n \t\t\t\t\t\tcache.m4.4xlarge,\n \t\t\t\t\t\tcache.m4.10xlarge\n
\n T4g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward):\n\t\t\t\t\t cache.t4g.micro,\n\t\t\t\t\t cache.t4g.small,\n\t\t\t\t\t cache.t4g.medium\n\t\t\t\t\t
\n T3 node types:\n\t\t\t\t\t cache.t3.micro, \n \t\t\t\t\t\tcache.t3.small,\n \t\t\t\t\t\tcache.t3.medium\n
\n T2 node types:\n\t\t\t\t\t cache.t2.micro, \n \t\t\t\t\t\tcache.t2.small,\n \t\t\t\t\t\tcache.t2.medium\n
Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\t\t\t\t\t\t\n T1 node types:\n\t\t\t\t\t cache.t1.micro\n
\n M1 node types:\n\t\t\t\t\t\t cache.m1.small, \n\t\t\t\t\t\t cache.m1.medium, \n\t\t\t\t\t\t cache.m1.large,\n\t\t\t\t\t\t cache.m1.xlarge\n
\n M3 node types:\n \t\t\t\t\t\t cache.m3.medium,\n \t\t\t\t\t\tcache.m3.large, \n \t\t\t\t\t\tcache.m3.xlarge,\n \t\t\t\t\t\tcache.m3.2xlarge\n
Compute optimized:
\n\n\t\t\t\tPrevious generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\t\t\t\n C1 node types:\n\t\t\t cache.c1.xlarge\n
Memory optimized with data tiering:
\n\t\tCurrent generation:
\n\t\t \n\t\t\n R6gd node types (available only for Redis engine version 6.2 onward).
\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t\t\n\t\t \n\t\t cache.r6gd.xlarge,\n\t\t cache.r6gd.2xlarge,\n\t\t cache.r6gd.4xlarge,\n\t\t cache.r6gd.8xlarge,\n\t\t cache.r6gd.12xlarge,\n\t\t cache.r6gd.16xlarge\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t
Memory optimized:
\n\t\t\t\tCurrent generation:
\n\n\n\t\t\t\t\t \t\t\t \t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n R6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward).
\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t cache.r6g.large,\n\t\t\t\t\t\t\tcache.r6g.xlarge,\n\t\t\t\t\t\t\tcache.r6g.2xlarge,\n\t\t\t\t\t\t\tcache.r6g.4xlarge,\n\t\t\t\t\t\t\tcache.r6g.8xlarge,\n\t\t\t\t\t\t\tcache.r6g.12xlarge,\n\t\t\t\t\t\t\tcache.r6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n R5 node types:\n \t\t\t\t\t cache.r5.large,\n \t\t\t\t\t cache.r5.xlarge,\n \t\t\t\t\t cache.r5.2xlarge,\n \t\t\t\t\t cache.r5.4xlarge,\n \t\t\t\t\t cache.r5.12xlarge,\n \t\t\t\t\t cache.r5.24xlarge\n
\n R4 node types:\n \t\t\t\t\t cache.r4.large,\n \t\t\t\t\t cache.r4.xlarge,\n \t\t\t\t\t cache.r4.2xlarge,\n \t\t\t\t\t cache.r4.4xlarge,\n \t\t\t\t\t cache.r4.8xlarge,\n \t\t\t\t\t cache.r4.16xlarge\n
Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\n M2 node types:\t\t\t\t\t\t\n \t\t\t\t\t cache.m2.xlarge, \n \t\t\t\t\t\tcache.m2.2xlarge,\n \t\t\t\t\t\tcache.m2.4xlarge\n
\n R3 node types:\n \t\t\t\t\t cache.r3.large, \n \t\t\t\t\t\tcache.r3.xlarge,\n \t\t\t\t\t\tcache.r3.2xlarge, \n \t\t\t\t\t\tcache.r3.4xlarge,\n \t\t\t\t\t\tcache.r3.8xlarge\n
\n Additional node type info\n
\n\t\tAll current generation instance types are created in Amazon VPC by default.
\nRedis append-only files (AOF) are not supported for T1 or T2 instances.
\nRedis Multi-AZ with automatic failover is not supported on T1 instances.
\nRedis configuration variables appendonly and \n\t\t\t\tappendfsync are not supported on Redis version 2.8.22 and later.
Enables data tiering. Data tiering is only supported for replication groups using the r6gd node type. This parameter must be set to true when using r6gd nodes.\n For more information, see Data tiering.
" } + }, + "AutoMinorVersionUpgrade": { + "target": "com.amazonaws.elasticache#Boolean", + "traits": { + "smithy.api#documentation": "If you are running Redis engine version 6.0 or later, set this parameter to yes if you want to opt-in to the next auto minor version upgrade campaign. This parameter is disabled for previous versions. \n
" + } } }, "traits": { @@ -8730,7 +8736,7 @@ "CacheNodeType": { "target": "com.amazonaws.elasticache#String", "traits": { - "smithy.api#documentation": "The cache node type for the reserved cache nodes.
\n \nThe following node types are supported by ElastiCache. \n\t\t\t\tGenerally speaking, the current generation types provide more memory and computational power\n\t\t\tat lower cost when compared to their equivalent previous generation counterparts.
\n\t\tGeneral purpose:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n M6g node types: (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward):\tcache.m6g.large,\n\t\t\t\t\t\t\tcache.m6g.xlarge,\n\t\t\t\t\t\t\tcache.m6g.2xlarge,\n\t\t\t\t\t\t\tcache.m6g.4xlarge,\n\t\t\t\t\t\t\tcache.m6g.8xlarge,\n\t\t\t\t\t\t\tcache.m6g.12xlarge,\n\t\t\t\t\t\t\tcache.m6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n M5 node types:\n \t\t\t\t\t\t cache.m5.large,\n \t\t\t\t\t\tcache.m5.xlarge,\n \t\t\t\t\t\tcache.m5.2xlarge,\n \t\t\t\t\t\tcache.m5.4xlarge,\n \t\t\t\t\t\tcache.m5.12xlarge,\n \t\t\t\t\t\tcache.m5.24xlarge\n \t\t\t\t\t\t\n \t\t\t\t\t\t\n \t\t\t\t\t\t
\n M4 node types:\n \t\t\t\t\t\t cache.m4.large,\n \t\t\t\t\t\tcache.m4.xlarge,\n \t\t\t\t\t\tcache.m4.2xlarge,\n \t\t\t\t\t\tcache.m4.4xlarge,\n \t\t\t\t\t\tcache.m4.10xlarge\n
\n T4g node types (available only for Redis engine version 5.0.6 onward and Memcached engine version 1.5.16 onward):\n\t\t\t\t\t cache.t4g.micro,\n\t\t\t\t\t cache.t4g.small,\n\t\t\t\t\t cache.t4g.medium\n\t\t\t\t\t
\n T3 node types:\n\t\t\t\t\t cache.t3.micro, \n \t\t\t\t\t\tcache.t3.small,\n \t\t\t\t\t\tcache.t3.medium\n
\n T2 node types:\n\t\t\t\t\t cache.t2.micro, \n \t\t\t\t\t\tcache.t2.small,\n \t\t\t\t\t\tcache.t2.medium\n
Previous generation: (not recommended)
\n\t\t\t\t\t\t\n T1 node types:\n\t\t\t\t\t cache.t1.micro\n
\n M1 node types:\n\t\t\t\t\t\t cache.m1.small, \n\t\t\t\t\t\t cache.m1.medium, \n\t\t\t\t\t\t cache.m1.large,\n\t\t\t\t\t\t cache.m1.xlarge\n
\n M3 node types:\n \t\t\t\t\t\t cache.m3.medium,\n \t\t\t\t\t\tcache.m3.large, \n \t\t\t\t\t\tcache.m3.xlarge,\n \t\t\t\t\t\tcache.m3.2xlarge\n
Compute optimized:
\n\n\t\t\t\tPrevious generation: (not recommended)
\n\t\t\t\n C1 node types:\n\t\t\t cache.c1.xlarge\n
Memory optimized with data tiering:
\n\t\tCurrent generation:
\n\t\t \n\t\t\n R6gd node types (available only for Redis engine version 6.2 onward).
\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t\t\n\t\t \n\t\t cache.r6gd.xlarge,\n\t\t cache.r6gd.2xlarge,\n\t\t cache.r6gd.4xlarge,\n\t\t cache.r6gd.8xlarge,\n\t\t cache.r6gd.12xlarge,\n\t\t cache.r6gd.16xlarge\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t
Memory optimized:
\n\t\t\t\tCurrent generation:
\n\n\t\n\t\t\t\t\t \n\t\t\t\t\t\n R6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward).
\n\t\t\t\t\t\t\n\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t cache.r6g.large,\n\t\t\t\t\t\t\tcache.r6g.xlarge,\n\t\t\t\t\t\t\tcache.r6g.2xlarge,\n\t\t\t\t\t\t\tcache.r6g.4xlarge,\n\t\t\t\t\t\t\tcache.r6g.8xlarge,\n\t\t\t\t\t\t\tcache.r6g.12xlarge,\n\t\t\t\t\t\t\tcache.r6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n R5 node types:\n \t\t\t\t\t cache.r5.large,\n \t\t\t\t\t cache.r5.xlarge,\n \t\t\t\t\t cache.r5.2xlarge,\n \t\t\t\t\t cache.r5.4xlarge,\n \t\t\t\t\t cache.r5.12xlarge,\n \t\t\t\t\t cache.r5.24xlarge\n
\n R4 node types:\n \t\t\t\t\t cache.r4.large,\n \t\t\t\t\t cache.r4.xlarge,\n \t\t\t\t\t cache.r4.2xlarge,\n \t\t\t\t\t cache.r4.4xlarge,\n \t\t\t\t\t cache.r4.8xlarge,\n \t\t\t\t\t cache.r4.16xlarge\n
Previous generation: (not recommended)
\n\n M2 node types:\t\t\t\t\t\t\n \t\t\t\t\t cache.m2.xlarge, \n \t\t\t\t\t\tcache.m2.2xlarge,\n \t\t\t\t\t\tcache.m2.4xlarge\n
\n R3 node types:\n \t\t\t\t\t cache.r3.large, \n \t\t\t\t\t\tcache.r3.xlarge,\n \t\t\t\t\t\tcache.r3.2xlarge, \n \t\t\t\t\t\tcache.r3.4xlarge,\n \t\t\t\t\t\tcache.r3.8xlarge\n
\n Additional node type info\n
\n\t\tAll current generation instance types are created in Amazon VPC by default.
\nRedis append-only files (AOF) are not supported for T1 or T2 instances.
\nRedis Multi-AZ with automatic failover is not supported on T1 instances.
\nRedis configuration variables appendonly and \n\t\t\t\tappendfsync are not supported on Redis version 2.8.22 and later.
The cache node type for the reserved cache nodes.
\n \nThe following node types are supported by ElastiCache. \n\t\t\t\tGenerally speaking, the current generation types provide more memory and computational power\n\t\t\tat lower cost when compared to their equivalent previous generation counterparts.
\n\t\tGeneral purpose:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n M6g node types: (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward):\tcache.m6g.large,\n\t\t\t\t\t\t\tcache.m6g.xlarge,\n\t\t\t\t\t\t\tcache.m6g.2xlarge,\n\t\t\t\t\t\t\tcache.m6g.4xlarge,\n\t\t\t\t\t\t\tcache.m6g.8xlarge,\n\t\t\t\t\t\t\tcache.m6g.12xlarge,\n\t\t\t\t\t\t\tcache.m6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n M5 node types:\n \t\t\t\t\t\t cache.m5.large,\n \t\t\t\t\t\tcache.m5.xlarge,\n \t\t\t\t\t\tcache.m5.2xlarge,\n \t\t\t\t\t\tcache.m5.4xlarge,\n \t\t\t\t\t\tcache.m5.12xlarge,\n \t\t\t\t\t\tcache.m5.24xlarge\n \t\t\t\t\t\t\n \t\t\t\t\t\t\n \t\t\t\t\t\t
\n M4 node types:\n \t\t\t\t\t\t cache.m4.large,\n \t\t\t\t\t\tcache.m4.xlarge,\n \t\t\t\t\t\tcache.m4.2xlarge,\n \t\t\t\t\t\tcache.m4.4xlarge,\n \t\t\t\t\t\tcache.m4.10xlarge\n
\n T4g node types (available only for Redis engine version 5.0.6 onward and Memcached engine version 1.5.16 onward):\n\t\t\t\t\t cache.t4g.micro,\n\t\t\t\t\t cache.t4g.small,\n\t\t\t\t\t cache.t4g.medium\n\t\t\t\t\t
\n T3 node types:\n\t\t\t\t\t cache.t3.micro, \n \t\t\t\t\t\tcache.t3.small,\n \t\t\t\t\t\tcache.t3.medium\n
\n T2 node types:\n\t\t\t\t\t cache.t2.micro, \n \t\t\t\t\t\tcache.t2.small,\n \t\t\t\t\t\tcache.t2.medium\n
Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\t\t\t\t\t\t\n T1 node types:\n\t\t\t\t\t cache.t1.micro\n
\n M1 node types:\n\t\t\t\t\t\t cache.m1.small, \n\t\t\t\t\t\t cache.m1.medium, \n\t\t\t\t\t\t cache.m1.large,\n\t\t\t\t\t\t cache.m1.xlarge\n
\n M3 node types:\n \t\t\t\t\t\t cache.m3.medium,\n \t\t\t\t\t\tcache.m3.large, \n \t\t\t\t\t\tcache.m3.xlarge,\n \t\t\t\t\t\tcache.m3.2xlarge\n
Compute optimized:
\n\n\t\t\t\tPrevious generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\t\t\t\n C1 node types:\n\t\t\t cache.c1.xlarge\n
Memory optimized with data tiering:
\n\t\tCurrent generation:
\n\t\t \n\t\t\n R6gd node types (available only for Redis engine version 6.2 onward).
\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t\t\n\t\t \n\t\t cache.r6gd.xlarge,\n\t\t cache.r6gd.2xlarge,\n\t\t cache.r6gd.4xlarge,\n\t\t cache.r6gd.8xlarge,\n\t\t cache.r6gd.12xlarge,\n\t\t cache.r6gd.16xlarge\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t
Memory optimized:
\n\t\t\t\tCurrent generation:
\n\n\t\n\t\t\t\t\t \n\t\t\t\t\t\n R6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward).
\n\t\t\t\t\t\t\n\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t cache.r6g.large,\n\t\t\t\t\t\t\tcache.r6g.xlarge,\n\t\t\t\t\t\t\tcache.r6g.2xlarge,\n\t\t\t\t\t\t\tcache.r6g.4xlarge,\n\t\t\t\t\t\t\tcache.r6g.8xlarge,\n\t\t\t\t\t\t\tcache.r6g.12xlarge,\n\t\t\t\t\t\t\tcache.r6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n R5 node types:\n \t\t\t\t\t cache.r5.large,\n \t\t\t\t\t cache.r5.xlarge,\n \t\t\t\t\t cache.r5.2xlarge,\n \t\t\t\t\t cache.r5.4xlarge,\n \t\t\t\t\t cache.r5.12xlarge,\n \t\t\t\t\t cache.r5.24xlarge\n
\n R4 node types:\n \t\t\t\t\t cache.r4.large,\n \t\t\t\t\t cache.r4.xlarge,\n \t\t\t\t\t cache.r4.2xlarge,\n \t\t\t\t\t cache.r4.4xlarge,\n \t\t\t\t\t cache.r4.8xlarge,\n \t\t\t\t\t cache.r4.16xlarge\n
Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\n M2 node types:\t\t\t\t\t\t\n \t\t\t\t\t cache.m2.xlarge, \n \t\t\t\t\t\tcache.m2.2xlarge,\n \t\t\t\t\t\tcache.m2.4xlarge\n
\n R3 node types:\n \t\t\t\t\t cache.r3.large, \n \t\t\t\t\t\tcache.r3.xlarge,\n \t\t\t\t\t\tcache.r3.2xlarge, \n \t\t\t\t\t\tcache.r3.4xlarge,\n \t\t\t\t\t\tcache.r3.8xlarge\n
\n Additional node type info\n
\n\t\tAll current generation instance types are created in Amazon VPC by default.
\nRedis append-only files (AOF) are not supported for T1 or T2 instances.
\nRedis Multi-AZ with automatic failover is not supported on T1 instances.
\nRedis configuration variables appendonly and \n\t\t\t\tappendfsync are not supported on Redis version 2.8.22 and later.
The cache node type for the reserved cache node.
\nThe following node types are supported by ElastiCache. \n\t\t\t\tGenerally speaking, the current generation types provide more memory and computational power\n\t\t\tat lower cost when compared to their equivalent previous generation counterparts.
\n\t\tGeneral purpose:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n M6g node types: (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward): \tcache.m6g.large,\n\t\t\t\t\t\t\tcache.m6g.xlarge,\n\t\t\t\t\t\t\tcache.m6g.2xlarge,\n\t\t\t\t\t\t\tcache.m6g.4xlarge,\n\t\t\t\t\t\t\tcache.m6g.8xlarge,\n\t\t\t\t\t\t\tcache.m6g.12xlarge,\n\t\t\t\t\t\t\tcache.m6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n M5 node types:\n \t\t\t\t\t\t cache.m5.large,\n \t\t\t\t\t\tcache.m5.xlarge,\n \t\t\t\t\t\tcache.m5.2xlarge,\n \t\t\t\t\t\tcache.m5.4xlarge,\n \t\t\t\t\t\tcache.m5.12xlarge,\n \t\t\t\t\t\tcache.m5.24xlarge\n \t\t\t\t\t\t\n \t\t\t\t\t\t\n \t\t\t\t\t\t
\n M4 node types:\n \t\t\t\t\t\t cache.m4.large,\n \t\t\t\t\t\tcache.m4.xlarge,\n \t\t\t\t\t\tcache.m4.2xlarge,\n \t\t\t\t\t\tcache.m4.4xlarge,\n \t\t\t\t\t\tcache.m4.10xlarge\n
\n T4g node types (available only for Redis engine version 5.0.6 onward and Memcached engine version 1.5.16 onward):\n\t\t\t\t\t cache.t4g.micro,\n\t\t\t\t\t cache.t4g.small,\n\t\t\t\t\t cache.t4g.medium\n\t\t\t\t\t
\n T3 node types:\n\t\t\t\t\t cache.t3.micro, \n \t\t\t\t\t\tcache.t3.small,\n \t\t\t\t\t\tcache.t3.medium\n
\n T2 node types:\n\t\t\t\t\t cache.t2.micro, \n \t\t\t\t\t\tcache.t2.small,\n \t\t\t\t\t\tcache.t2.medium\n
Previous generation: (not recommended)
\n\t\t\t\t\t\t\n T1 node types:\n\t\t\t\t\t cache.t1.micro\n
\n M1 node types:\n\t\t\t\t\t\t cache.m1.small, \n\t\t\t\t\t\t cache.m1.medium, \n\t\t\t\t\t\t cache.m1.large,\n\t\t\t\t\t\t cache.m1.xlarge\n
\n M3 node types:\n \t\t\t\t\t\t cache.m3.medium,\n \t\t\t\t\t\tcache.m3.large, \n \t\t\t\t\t\tcache.m3.xlarge,\n \t\t\t\t\t\tcache.m3.2xlarge\n
Compute optimized:
\n\n\t\t\t\tPrevious generation: (not recommended)
\n\t\t\t\n C1 node types:\n\t\t\t cache.c1.xlarge\n
Memory optimized with data tiering:
\n\t\tCurrent generation:
\n\t\t \n\t\t\n R6gd node types (available only for Redis engine version 6.2 onward).
\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t\t\n\t\t \n\t\t cache.r6gd.xlarge,\n\t\t cache.r6gd.2xlarge,\n\t\t cache.r6gd.4xlarge,\n\t\t cache.r6gd.8xlarge,\n\t\t cache.r6gd.12xlarge,\n\t\t cache.r6gd.16xlarge\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t
Memory optimized:
\n\t\t\t\tCurrent generation:
\n\n\t\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n R6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward).
\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t cache.r6g.large,\n\t\t\t\t\t\t\tcache.r6g.xlarge,\n\t\t\t\t\t\t\tcache.r6g.2xlarge,\n\t\t\t\t\t\t\tcache.r6g.4xlarge,\n\t\t\t\t\t\t\tcache.r6g.8xlarge,\n\t\t\t\t\t\t\tcache.r6g.12xlarge,\n\t\t\t\t\t\t\tcache.r6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n R5 node types:\n \t\t\t\t\t cache.r5.large,\n \t\t\t\t\t cache.r5.xlarge,\n \t\t\t\t\t cache.r5.2xlarge,\n \t\t\t\t\t cache.r5.4xlarge,\n \t\t\t\t\t cache.r5.12xlarge,\n \t\t\t\t\t cache.r5.24xlarge\n
\n R4 node types:\n \t\t\t\t\t cache.r4.large,\n \t\t\t\t\t cache.r4.xlarge,\n \t\t\t\t\t cache.r4.2xlarge,\n \t\t\t\t\t cache.r4.4xlarge,\n \t\t\t\t\t cache.r4.8xlarge,\n \t\t\t\t\t cache.r4.16xlarge\n
Previous generation: (not recommended)
\n\n M2 node types:\t\t\t\t\t\t\n \t\t\t\t\t cache.m2.xlarge, \n \t\t\t\t\t\tcache.m2.2xlarge,\n \t\t\t\t\t\tcache.m2.4xlarge\n
\n R3 node types:\n \t\t\t\t\t cache.r3.large, \n \t\t\t\t\t\tcache.r3.xlarge,\n \t\t\t\t\t\tcache.r3.2xlarge, \n \t\t\t\t\t\tcache.r3.4xlarge,\n \t\t\t\t\t\tcache.r3.8xlarge\n
\n Additional node type info\n
\n\t\tAll current generation instance types are created in Amazon VPC by default.
\nRedis append-only files (AOF) are not supported for T1 or T2 instances.
\nRedis Multi-AZ with automatic failover is not supported on T1 instances.
\nRedis configuration variables appendonly and \n\t\t\t\tappendfsync are not supported on Redis version 2.8.22 and later.
The cache node type for the reserved cache node.
\nThe following node types are supported by ElastiCache. \n\t\t\t\tGenerally speaking, the current generation types provide more memory and computational power\n\t\t\tat lower cost when compared to their equivalent previous generation counterparts.
\n\t\tGeneral purpose:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n M6g node types: (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward): \tcache.m6g.large,\n\t\t\t\t\t\t\tcache.m6g.xlarge,\n\t\t\t\t\t\t\tcache.m6g.2xlarge,\n\t\t\t\t\t\t\tcache.m6g.4xlarge,\n\t\t\t\t\t\t\tcache.m6g.8xlarge,\n\t\t\t\t\t\t\tcache.m6g.12xlarge,\n\t\t\t\t\t\t\tcache.m6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n M5 node types:\n \t\t\t\t\t\t cache.m5.large,\n \t\t\t\t\t\tcache.m5.xlarge,\n \t\t\t\t\t\tcache.m5.2xlarge,\n \t\t\t\t\t\tcache.m5.4xlarge,\n \t\t\t\t\t\tcache.m5.12xlarge,\n \t\t\t\t\t\tcache.m5.24xlarge\n \t\t\t\t\t\t\n \t\t\t\t\t\t\n \t\t\t\t\t\t
\n M4 node types:\n \t\t\t\t\t\t cache.m4.large,\n \t\t\t\t\t\tcache.m4.xlarge,\n \t\t\t\t\t\tcache.m4.2xlarge,\n \t\t\t\t\t\tcache.m4.4xlarge,\n \t\t\t\t\t\tcache.m4.10xlarge\n
\n T4g node types (available only for Redis engine version 5.0.6 onward and Memcached engine version 1.5.16 onward):\n\t\t\t\t\t cache.t4g.micro,\n\t\t\t\t\t cache.t4g.small,\n\t\t\t\t\t cache.t4g.medium\n\t\t\t\t\t
\n T3 node types:\n\t\t\t\t\t cache.t3.micro, \n \t\t\t\t\t\tcache.t3.small,\n \t\t\t\t\t\tcache.t3.medium\n
\n T2 node types:\n\t\t\t\t\t cache.t2.micro, \n \t\t\t\t\t\tcache.t2.small,\n \t\t\t\t\t\tcache.t2.medium\n
Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\t\t\t\t\t\t\n T1 node types:\n\t\t\t\t\t cache.t1.micro\n
\n M1 node types:\n\t\t\t\t\t\t cache.m1.small, \n\t\t\t\t\t\t cache.m1.medium, \n\t\t\t\t\t\t cache.m1.large,\n\t\t\t\t\t\t cache.m1.xlarge\n
\n M3 node types:\n \t\t\t\t\t\t cache.m3.medium,\n \t\t\t\t\t\tcache.m3.large, \n \t\t\t\t\t\tcache.m3.xlarge,\n \t\t\t\t\t\tcache.m3.2xlarge\n
Compute optimized:
\n\n\t\t\t\tPrevious generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\t\t\t\n C1 node types:\n\t\t\t cache.c1.xlarge\n
Memory optimized with data tiering:
\n\t\tCurrent generation:
\n\t\t \n\t\t\n R6gd node types (available only for Redis engine version 6.2 onward).
\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t\t\n\t\t \n\t\t cache.r6gd.xlarge,\n\t\t cache.r6gd.2xlarge,\n\t\t cache.r6gd.4xlarge,\n\t\t cache.r6gd.8xlarge,\n\t\t cache.r6gd.12xlarge,\n\t\t cache.r6gd.16xlarge\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t
Memory optimized:
\n\t\t\t\tCurrent generation:
\n\n\t\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n R6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward).
\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t cache.r6g.large,\n\t\t\t\t\t\t\tcache.r6g.xlarge,\n\t\t\t\t\t\t\tcache.r6g.2xlarge,\n\t\t\t\t\t\t\tcache.r6g.4xlarge,\n\t\t\t\t\t\t\tcache.r6g.8xlarge,\n\t\t\t\t\t\t\tcache.r6g.12xlarge,\n\t\t\t\t\t\t\tcache.r6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n R5 node types:\n \t\t\t\t\t cache.r5.large,\n \t\t\t\t\t cache.r5.xlarge,\n \t\t\t\t\t cache.r5.2xlarge,\n \t\t\t\t\t cache.r5.4xlarge,\n \t\t\t\t\t cache.r5.12xlarge,\n \t\t\t\t\t cache.r5.24xlarge\n
\n R4 node types:\n \t\t\t\t\t cache.r4.large,\n \t\t\t\t\t cache.r4.xlarge,\n \t\t\t\t\t cache.r4.2xlarge,\n \t\t\t\t\t cache.r4.4xlarge,\n \t\t\t\t\t cache.r4.8xlarge,\n \t\t\t\t\t cache.r4.16xlarge\n
Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\n M2 node types:\t\t\t\t\t\t\n \t\t\t\t\t cache.m2.xlarge, \n \t\t\t\t\t\tcache.m2.2xlarge,\n \t\t\t\t\t\tcache.m2.4xlarge\n
\n R3 node types:\n \t\t\t\t\t cache.r3.large, \n \t\t\t\t\t\tcache.r3.xlarge,\n \t\t\t\t\t\tcache.r3.2xlarge, \n \t\t\t\t\t\tcache.r3.4xlarge,\n \t\t\t\t\t\tcache.r3.8xlarge\n
\n Additional node type info\n
\n\t\tAll current generation instance types are created in Amazon VPC by default.
\nRedis append-only files (AOF) are not supported for T1 or T2 instances.
\nRedis Multi-AZ with automatic failover is not supported on T1 instances.
\nRedis configuration variables appendonly and \n\t\t\t\tappendfsync are not supported on Redis version 2.8.22 and later.
The name of the compute and memory capacity node type for the source cluster.
\n \nThe following node types are supported by ElastiCache. \n\t\t\t\tGenerally speaking, the current generation types provide more memory and computational power\n\t\t\tat lower cost when compared to their equivalent previous generation counterparts.
\n\t\tGeneral purpose:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\t \n\t\t\t\t\t\n M6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward).
\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\t\n cache.m6g.large,\n\t\t\t\t\t\t\tcache.m6g.xlarge,\n\t\t\t\t\t\t\tcache.m6g.2xlarge,\n\t\t\t\t\t\t\tcache.m6g.4xlarge,\n\t\t\t\t\t\t\tcache.m6g.8xlarge,\n\t\t\t\t\t\t\tcache.m6g.12xlarge,\n\t\t\t\t\t\t\tcache.m6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n M5 node types:\n \t\t\t\t\t\t cache.m5.large,\n \t\t\t\t\t\tcache.m5.xlarge,\n \t\t\t\t\t\tcache.m5.2xlarge,\n \t\t\t\t\t\tcache.m5.4xlarge,\n \t\t\t\t\t\tcache.m5.12xlarge,\n \t\t\t\t\t\tcache.m5.24xlarge\n \t\t\t\t\t\t\n \t\t\t\t\t\t\n \t\t\t\t\t\t
\n M4 node types:\n \t\t\t\t\t\t cache.m4.large,\n \t\t\t\t\t\tcache.m4.xlarge,\n \t\t\t\t\t\tcache.m4.2xlarge,\n \t\t\t\t\t\tcache.m4.4xlarge,\n \t\t\t\t\t\tcache.m4.10xlarge\n
\n T4g node types (available only for Redis engine version 5.0.6 onward and Memcached engine version 1.5.16 onward):
\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n\t\t\t\t\t cache.t4g.micro,\n\t\t\t\t\t cache.t4g.small,\n\t\t\t\t\t cache.t4g.medium\n\t\t\t\t\t
\n T3 node types:\n\t\t\t\t\t cache.t3.micro, \n \t\t\t\t\t\tcache.t3.small,\n \t\t\t\t\t\tcache.t3.medium\n
\n T2 node types:\n\t\t\t\t\t cache.t2.micro, \n \t\t\t\t\t\tcache.t2.small,\n \t\t\t\t\t\tcache.t2.medium\n
Previous generation: (not recommended)
\n\t\t\t\t\t\t\n T1 node types:\n\t\t\t\t\t cache.t1.micro\n
\n M1 node types:\n\t\t\t\t\t\t cache.m1.small, \n\t\t\t\t\t\t cache.m1.medium, \n\t\t\t\t\t\t cache.m1.large,\n\t\t\t\t\t\t cache.m1.xlarge\n
\n M3 node types:\n \t\t\t\t\t\t cache.m3.medium,\n \t\t\t\t\t\tcache.m3.large, \n \t\t\t\t\t\tcache.m3.xlarge,\n \t\t\t\t\t\tcache.m3.2xlarge\n
Compute optimized:
\n\n\t\t\t\tPrevious generation: (not recommended)
\n\t\t\t\n C1 node types:\n\t\t\t cache.c1.xlarge\n
Memory optimized with data tiering:
\n\t\tCurrent generation:
\n\t\t \n\t\t\n R6gd node types (available only for Redis engine version 6.2 onward).
\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t\t\n\t\t \n\t\t cache.r6gd.xlarge,\n\t\t cache.r6gd.2xlarge,\n\t\t cache.r6gd.4xlarge,\n\t\t cache.r6gd.8xlarge,\n\t\t cache.r6gd.12xlarge,\n\t\t cache.r6gd.16xlarge\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t
Memory optimized:
\n\t\t \n\t\t \n\t\tCurrent generation:
\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t\n R6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward).
\n\t\t \n\t\t \n\t\t \n\t\t\t\n\t\t cache.r6g.large,\n\t\t cache.r6g.xlarge,\n\t\t cache.r6g.2xlarge,\n\t\t cache.r6g.4xlarge,\n\t\t cache.r6g.8xlarge,\n\t\t cache.r6g.12xlarge,\n\t\t cache.r6g.16xlarge\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t
For region availability, see Supported Node Types\n
\nFor region availability, see Supported Node Types\n
\n\n R5 node types:\n \t\t\t\t\t cache.r5.large,\n \t\t\t\t\t cache.r5.xlarge,\n \t\t\t\t\t cache.r5.2xlarge,\n \t\t\t\t\t cache.r5.4xlarge,\n \t\t\t\t\t cache.r5.12xlarge,\n \t\t\t\t\t cache.r5.24xlarge\n
\n R4 node types:\n \t\t\t\t\t cache.r4.large,\n \t\t\t\t\t cache.r4.xlarge,\n \t\t\t\t\t cache.r4.2xlarge,\n \t\t\t\t\t cache.r4.4xlarge,\n \t\t\t\t\t cache.r4.8xlarge,\n \t\t\t\t\t cache.r4.16xlarge\n
Previous generation: (not recommended)
\n\n M2 node types:\t\t\t\t\t\t\n \t\t\t\t\t cache.m2.xlarge, \n \t\t\t\t\t\tcache.m2.2xlarge,\n \t\t\t\t\t\tcache.m2.4xlarge\n
\n R3 node types:\n \t\t\t\t\t cache.r3.large, \n \t\t\t\t\t\tcache.r3.xlarge,\n \t\t\t\t\t\tcache.r3.2xlarge, \n \t\t\t\t\t\tcache.r3.4xlarge,\n \t\t\t\t\t\tcache.r3.8xlarge\n
\n Additional node type info\n
\n\t\tAll current generation instance types are created in Amazon VPC by default.
\nRedis append-only files (AOF) are not supported for T1 or T2 instances.
\nRedis Multi-AZ with automatic failover is not supported on T1 instances.
\nRedis configuration variables appendonly and \n\t\t\t\tappendfsync are not supported on Redis version 2.8.22 and later.
The name of the compute and memory capacity node type for the source cluster.
\n \nThe following node types are supported by ElastiCache. \n\t\t\t\tGenerally speaking, the current generation types provide more memory and computational power\n\t\t\tat lower cost when compared to their equivalent previous generation counterparts.
\n\t\tGeneral purpose:
\n\t\t\t\tCurrent generation:
\n\t\t\t\t\t \n\t\t\t\t\t\n M6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward).
\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\t\n cache.m6g.large,\n\t\t\t\t\t\t\tcache.m6g.xlarge,\n\t\t\t\t\t\t\tcache.m6g.2xlarge,\n\t\t\t\t\t\t\tcache.m6g.4xlarge,\n\t\t\t\t\t\t\tcache.m6g.8xlarge,\n\t\t\t\t\t\t\tcache.m6g.12xlarge,\n\t\t\t\t\t\t\tcache.m6g.16xlarge\n\t\t\t\t\t\t\t\n\t\t\t\t\t
For region availability, see Supported Node Types\n
\n\n M5 node types:\n \t\t\t\t\t\t cache.m5.large,\n \t\t\t\t\t\tcache.m5.xlarge,\n \t\t\t\t\t\tcache.m5.2xlarge,\n \t\t\t\t\t\tcache.m5.4xlarge,\n \t\t\t\t\t\tcache.m5.12xlarge,\n \t\t\t\t\t\tcache.m5.24xlarge\n \t\t\t\t\t\t\n \t\t\t\t\t\t\n \t\t\t\t\t\t
\n M4 node types:\n \t\t\t\t\t\t cache.m4.large,\n \t\t\t\t\t\tcache.m4.xlarge,\n \t\t\t\t\t\tcache.m4.2xlarge,\n \t\t\t\t\t\tcache.m4.4xlarge,\n \t\t\t\t\t\tcache.m4.10xlarge\n
\n T4g node types (available only for Redis engine version 5.0.6 onward and Memcached engine version 1.5.16 onward):
\n\t\t\t\t\t \n\t\t\t\t\t \n\t\t\t\t\t\n\t\t\t\t\t cache.t4g.micro,\n\t\t\t\t\t cache.t4g.small,\n\t\t\t\t\t cache.t4g.medium\n\t\t\t\t\t
\n T3 node types:\n\t\t\t\t\t cache.t3.micro, \n \t\t\t\t\t\tcache.t3.small,\n \t\t\t\t\t\tcache.t3.medium\n
\n T2 node types:\n\t\t\t\t\t cache.t2.micro, \n \t\t\t\t\t\tcache.t2.small,\n \t\t\t\t\t\tcache.t2.medium\n
Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\t\t\t\t\t\t\n T1 node types:\n\t\t\t\t\t cache.t1.micro\n
\n M1 node types:\n\t\t\t\t\t\t cache.m1.small, \n\t\t\t\t\t\t cache.m1.medium, \n\t\t\t\t\t\t cache.m1.large,\n\t\t\t\t\t\t cache.m1.xlarge\n
\n M3 node types:\n \t\t\t\t\t\t cache.m3.medium,\n \t\t\t\t\t\tcache.m3.large, \n \t\t\t\t\t\tcache.m3.xlarge,\n \t\t\t\t\t\tcache.m3.2xlarge\n
Compute optimized:
\n\n\t\t\t\tPrevious generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\t\t\t\n C1 node types:\n\t\t\t cache.c1.xlarge\n
Memory optimized with data tiering:
\n\t\tCurrent generation:
\n\t\t \n\t\t\n R6gd node types (available only for Redis engine version 6.2 onward).
\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t\t\n\t\t \n\t\t cache.r6gd.xlarge,\n\t\t cache.r6gd.2xlarge,\n\t\t cache.r6gd.4xlarge,\n\t\t cache.r6gd.8xlarge,\n\t\t cache.r6gd.12xlarge,\n\t\t cache.r6gd.16xlarge\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t
Memory optimized:
\n\t\t \n\t\t \n\t\tCurrent generation:
\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t\n R6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward).
\n\t\t \n\t\t \n\t\t \n\t\t\t\n\t\t cache.r6g.large,\n\t\t cache.r6g.xlarge,\n\t\t cache.r6g.2xlarge,\n\t\t cache.r6g.4xlarge,\n\t\t cache.r6g.8xlarge,\n\t\t cache.r6g.12xlarge,\n\t\t cache.r6g.16xlarge\n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t \n\t\t
For region availability, see Supported Node Types\n
\nFor region availability, see Supported Node Types\n
\n\n R5 node types:\n \t\t\t\t\t cache.r5.large,\n \t\t\t\t\t cache.r5.xlarge,\n \t\t\t\t\t cache.r5.2xlarge,\n \t\t\t\t\t cache.r5.4xlarge,\n \t\t\t\t\t cache.r5.12xlarge,\n \t\t\t\t\t cache.r5.24xlarge\n
\n R4 node types:\n \t\t\t\t\t cache.r4.large,\n \t\t\t\t\t cache.r4.xlarge,\n \t\t\t\t\t cache.r4.2xlarge,\n \t\t\t\t\t cache.r4.4xlarge,\n \t\t\t\t\t cache.r4.8xlarge,\n \t\t\t\t\t cache.r4.16xlarge\n
Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.)
\n\n M2 node types:\t\t\t\t\t\t\n \t\t\t\t\t cache.m2.xlarge, \n \t\t\t\t\t\tcache.m2.2xlarge,\n \t\t\t\t\t\tcache.m2.4xlarge\n
\n R3 node types:\n \t\t\t\t\t cache.r3.large, \n \t\t\t\t\t\tcache.r3.xlarge,\n \t\t\t\t\t\tcache.r3.2xlarge, \n \t\t\t\t\t\tcache.r3.4xlarge,\n \t\t\t\t\t\tcache.r3.8xlarge\n
\n Additional node type info\n
\n\t\tAll current generation instance types are created in Amazon VPC by default.
\nRedis append-only files (AOF) are not supported for T1 or T2 instances.
\nRedis Multi-AZ with automatic failover is not supported on T1 instances.
\nRedis configuration variables appendonly and \n\t\t\t\tappendfsync are not supported on Redis version 2.8.22 and later.
Creates an Evidently experiment. Before you create an experiment,\n you must create the feature to use for the experiment.
\nAn experiment helps you make feature design \n decisions based on evidence and data. An experiment can test as\n many as five variations at once. Evidently collects experiment data and analyzes it by statistical methods, and provides\n clear recommendations about which variations perform better.
\nDon't use this operation to update an existing experiment. Instead, use \n UpdateExperiment.
", + "smithy.api#documentation": "Creates an Evidently experiment. Before you create an experiment,\n you must create the feature to use for the experiment.
\nAn experiment helps you make feature design \n decisions based on evidence and data. An experiment can test as\n many as five variations at once. Evidently collects experiment data and analyzes it by statistical methods, and provides\n clear recommendations about which variations perform better.
\nYou can optionally specify a segment to have the experiment consider only certain audience \n types in the experiment, such as using only user sessions from a certain location or who use a certain internet browser.
Don't use this operation to update an existing experiment. Instead, use \n UpdateExperiment.
", "smithy.api#http": { "method": "POST", "uri": "/projects/{project}/experiments", @@ -252,6 +252,12 @@ "smithy.api#documentation": "A structure that contains the configuration of which variation to use as the \"control\"\n version. tThe \"control\" version is used for comparison with other variations. This structure\n also specifies how much experiment traffic is allocated to each variation.
" } }, + "segment": { + "target": "com.amazonaws.evidently#SegmentRef", + "traits": { + "smithy.api#documentation": "Specifies an audience segment to use in the experiment. When a segment is used in an experiment, only\n user sessions that match the segment pattern are used in the experiment.
" + } + }, "tags": { "target": "com.amazonaws.evidently#TagMap", "traits": { @@ -454,7 +460,7 @@ "randomizationSalt": { "target": "com.amazonaws.evidently#RandomizationSalt", "traits": { - "smithy.api#documentation": "When Evidently assigns a particular user session to a launch, it must use a randomization ID\n to determine which variation the user session is served. This randomization ID is a combination of the entity ID\n and randomizationSalt. If you omit randomizationSalt, Evidently uses\n the launch name as the randomizationsSalt.
When Evidently assigns a particular user session to a launch, it must use a randomization ID\n to determine which variation the user session is served. This randomization ID is a combination of the entity ID\n and randomizationSalt. If you omit randomizationSalt, Evidently uses\n the launch name as the randomizationSalt.
Use this operation to define a segment of your audience. A segment\n is a portion of your audience that share one or more characteristics. Examples could be Chrome browser users, \n users in Europe, or Firefox browser users in Europe who also fit other criteria that your application collects,\n such as age.
\nUsing a segment in an experiment limits that experiment to evaluate only the users who match the segment \n criteria. Using one or more segments in a launch allow you to define different traffic splits for the different\n audience segments.
\n \nFor more information about segment pattern syntax, see \n \n Segment rule pattern syntax.
\n \nThe pattern that you define for a segment is matched against the value of evaluationContext, which\n is passed into Evidently in the EvaluateFeature operation,\n when Evidently assigns a feature variation to a user.
A name for the segment.
", + "smithy.api#required": {} + } + }, + "pattern": { + "target": "com.amazonaws.evidently#SegmentPattern", + "traits": { + "smithy.api#documentation": "The pattern to use for the segment. For more information about pattern syntax, \n see \n Segment rule pattern syntax.
", + "smithy.api#required": {} + } + }, + "description": { + "target": "com.amazonaws.evidently#Description", + "traits": { + "smithy.api#documentation": "An optional description for this segment.
" + } + }, + "tags": { + "target": "com.amazonaws.evidently#TagMap", + "traits": { + "smithy.api#documentation": "Assigns one or more tags (key-value pairs) to the segment.
\nTags can help you organize and categorize your resources. You can also use them to scope user\n permissions by granting a user\n permission to access or change only resources with certain tag values.
\nTags don't have any semantic meaning to Amazon Web Services and are interpreted strictly as strings of characters.
\n \nYou can associate as many as 50 tags with a segment.
\nFor more information, see Tagging Amazon Web Services resources.
" + } + } + } + }, + "com.amazonaws.evidently#CreateSegmentResponse": { + "type": "structure", + "members": { + "segment": { + "target": "com.amazonaws.evidently#Segment", + "traits": { + "smithy.api#documentation": "A structure that contains the complete information about the segment that was just created.
", + "smithy.api#required": {} + } + } + } + }, "com.amazonaws.evidently#CwDimensionSafeName": { "type": "string", "traits": { @@ -805,6 +885,58 @@ "type": "structure", "members": {} }, + "com.amazonaws.evidently#DeleteSegment": { + "type": "operation", + "input": { + "target": "com.amazonaws.evidently#DeleteSegmentRequest" + }, + "output": { + "target": "com.amazonaws.evidently#DeleteSegmentResponse" + }, + "errors": [ + { + "target": "com.amazonaws.evidently#AccessDeniedException" + }, + { + "target": "com.amazonaws.evidently#ConflictException" + }, + { + "target": "com.amazonaws.evidently#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.evidently#ThrottlingException" + }, + { + "target": "com.amazonaws.evidently#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Deletes a segment. You can't delete a segment that is being used in a launch or experiment, even if that \n launch or experiment is not currently running.
", + "smithy.api#http": { + "method": "DELETE", + "uri": "/segments/{segment}", + "code": 200 + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.evidently#DeleteSegmentRequest": { + "type": "structure", + "members": { + "segment": { + "target": "com.amazonaws.evidently#SegmentRef", + "traits": { + "smithy.api#documentation": "Specifies the segment to delete.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.evidently#DeleteSegmentResponse": { + "type": "structure", + "members": {} + }, "com.amazonaws.evidently#Description": { "type": "string", "traits": { @@ -894,7 +1026,7 @@ } ], "traits": { - "smithy.api#documentation": "This operation assigns a feature variation to one given user session. You pass in an\n entityID that represents the user. Evidently then checks the evaluation rules\n and assigns the variation.
The first rules that are evaluated are the override rules. If the user's\n entityID matches an override rule, the user is served the variation specified\n by that rule.
Next, if there is a launch of the feature, the user might be assigned to a variation in\n the launch. The chance of this depends on the percentage of users that are allocated to that\n launch. If the user is enrolled in the launch, the variation they are served depends on the\n allocation of the various feature variations used for the launch.
\nIf the user is not assigned to a launch, and there is an ongoing experiment for this feature, the user might \n be assigned to a variation in the experiment. The chance of this\n depends on the percentage of users that are allocated to that experiment. If the user is enrolled in the experiment, \n the variation they are served depends on the allocation of the various feature variations used for the experiment.
\nIf the user is not assigned to a launch or experiment, they are served the default variation.
", + "smithy.api#documentation": "This operation assigns a feature variation to one given user session. You pass in an\n entityID that represents the user. Evidently then checks the evaluation rules\n and assigns the variation.
The first rules that are evaluated are the override rules. If the user's\n entityID matches an override rule, the user is served the variation specified\n by that rule.
If there is a current launch with this feature that uses segment overrides, and \n if the user session's evaluationContext matches a segment rule defined in a\n segment override, the configuration in the segment overrides is used. For more information\n about segments, see CreateSegment \n and \n Use segments to focus your \n audience.
If there is a launch with no segment overrides, the user might be assigned to a variation in\n the launch. The chance of this depends on the percentage of users that are allocated to that\n launch. If the user is enrolled in the launch, the variation they are served depends on the\n allocation of the various feature variations used for the launch.
\nIf the user is not assigned to a launch, and there is an ongoing experiment for this feature, the user might \n be assigned to a variation in the experiment. The chance of this\n depends on the percentage of users that are allocated to that experiment.
\nIf the experiment uses a segment, then only \n user sessions with evaluationContext values that match the segment rule are used in the experiment.
If the user is enrolled in the experiment, \n the variation they are served depends on the allocation of the various feature variations used for the experiment.
\nIf the user is not assigned to a launch or experiment, they are served the default variation.
", "smithy.api#endpoint": { "hostPrefix": "dataplane." }, @@ -937,7 +1069,7 @@ "evaluationContext": { "target": "com.amazonaws.evidently#JsonValue", "traits": { - "smithy.api#documentation": "A JSON block of attributes that you can optionally pass in. This JSON block is included\n in the evaluation events sent to Evidently from the user session.
" + "smithy.api#documentation": "A JSON object of attributes that you can optionally pass in as part of the evaluation event\n sent to Evidently from the user session. Evidently can use \n this value to match user sessions with defined audience segments. For more information, see\n Use segments to focus your \n audience.
\n \nIf you include this parameter, the value must be a JSON object. A JSON array is not supported.
" } } } @@ -1156,10 +1288,7 @@ "traits": { "aws.api#service": { "sdkId": "Evidently", - "arnNamespace": "evidently", - "cloudFormationName": "Evidently", - "cloudTrailEventSource": "evidently.amazonaws.com", - "endpointPrefix": "evidently" + "arnNamespace": "evidently" }, "aws.auth#sigv4": { "name": "evidently" @@ -1167,16 +1296,16 @@ "aws.protocols#restJson1": {}, "smithy.api#cors": { "additionalAllowedHeaders": [ - "Authorization", - "x-amz-content-sha256", + "Content-Type", "X-Amz-Date", - "X-Amz-Security-Token", + "Authorization", "X-Api-Key", - "Content-Type", + "X-Amz-Security-Token", + "x-amz-content-sha256", "X-Amz-User-Agent" ] }, - "smithy.api#documentation": "You can use Amazon CloudWatch Evidently to safely validate new features by serving them to a specified percentage\n of your users while you roll out the feature. You can monitor the performance of the new feature\n to help you decide when to ramp up traffic to your users. This helps you \n reduce risk and identify unintended consequences before you fully launch the feature.
\nYou can also conduct A/B experiments to make feature design decisions based on evidence\n and data. An experiment can test as many as five variations at once. Evidently collects\n experiment data and analyzes it using statistical methods. It also provides clear\n recommendations about which variations perform better. You can test both user-facing features\n and backend features.
", + "smithy.api#documentation": "You can use Amazon CloudWatch Evidently to safely validate new features by serving \n them to a specified percentage\n of your users while you roll out the feature. You can monitor the performance of the new feature\n to help you decide when to ramp up traffic to your users. This helps you \n reduce risk and identify unintended consequences before you fully launch the feature.
\nYou can also conduct A/B experiments to make feature design decisions based on evidence\n and data. An experiment can test as many as five variations at once. Evidently collects\n experiment data and analyzes it using statistical methods. It also provides clear\n recommendations about which variations perform better. You can test both user-facing features\n and backend features.
", "smithy.api#title": "Amazon CloudWatch Evidently" }, "version": "2021-02-01", @@ -1187,6 +1316,9 @@ { "target": "com.amazonaws.evidently#TagResource" }, + { + "target": "com.amazonaws.evidently#TestSegmentPattern" + }, { "target": "com.amazonaws.evidently#UntagResource" } @@ -1194,6 +1326,9 @@ "resources": [ { "target": "com.amazonaws.evidently#ProjectResource" + }, + { + "target": "com.amazonaws.evidently#SegmentResource" } ] }, @@ -1289,6 +1424,12 @@ "smithy.api#documentation": "In thousandths of a percent, the amount of the available audience that is allocated to this experiment. \n The available audience\n is the total audience minus the audience that you have allocated to overrides or current launches of\n this feature.
\nThis is represented in thousandths of a percent, so a value of 10,000 is 10% of the available audience.
" } }, + "segment": { + "target": "com.amazonaws.evidently#SegmentArn", + "traits": { + "smithy.api#documentation": "The audience segment being used for the experiment, if a segment is being used.
" + } + }, "type": { "target": "com.amazonaws.evidently#ExperimentType", "traits": { @@ -2294,6 +2435,63 @@ } } }, + "com.amazonaws.evidently#GetSegment": { + "type": "operation", + "input": { + "target": "com.amazonaws.evidently#GetSegmentRequest" + }, + "output": { + "target": "com.amazonaws.evidently#GetSegmentResponse" + }, + "errors": [ + { + "target": "com.amazonaws.evidently#AccessDeniedException" + }, + { + "target": "com.amazonaws.evidently#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.evidently#ThrottlingException" + }, + { + "target": "com.amazonaws.evidently#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Returns information about the specified segment. Specify the segment you want to view\n by specifying its ARN.
", + "smithy.api#http": { + "method": "GET", + "uri": "/segments/{segment}", + "code": 200 + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.evidently#GetSegmentRequest": { + "type": "structure", + "members": { + "segment": { + "target": "com.amazonaws.evidently#SegmentRef", + "traits": { + "smithy.api#documentation": "The ARN of the segment to return information for.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.evidently#GetSegmentResponse": { + "type": "structure", + "members": { + "segment": { + "target": "com.amazonaws.evidently#Segment", + "traits": { + "smithy.api#documentation": "A structure that contains the complete information about the segment.
", + "smithy.api#required": {} + } + } + } + }, "com.amazonaws.evidently#GroupName": { "type": "string", "traits": { @@ -2693,9 +2891,9 @@ }, "smithy.api#paginated": { "inputToken": "nextToken", + "pageSize": "maxResults", "outputToken": "nextToken", - "items": "experiments", - "pageSize": "maxResults" + "items": "experiments" }, "smithy.api#readonly": {} } @@ -2782,9 +2980,9 @@ }, "smithy.api#paginated": { "inputToken": "nextToken", + "pageSize": "maxResults", "outputToken": "nextToken", - "items": "features", - "pageSize": "maxResults" + "items": "features" }, "smithy.api#readonly": {} } @@ -2861,9 +3059,9 @@ }, "smithy.api#paginated": { "inputToken": "nextToken", + "pageSize": "maxResults", "outputToken": "nextToken", - "items": "launches", - "pageSize": "maxResults" + "items": "launches" }, "smithy.api#readonly": {} } @@ -2947,9 +3145,9 @@ }, "smithy.api#paginated": { "inputToken": "nextToken", + "pageSize": "maxResults", "outputToken": "nextToken", - "items": "projects", - "pageSize": "maxResults" + "items": "projects" }, "smithy.api#readonly": {} } @@ -2990,80 +3188,240 @@ } } }, - "com.amazonaws.evidently#ListTagsForResource": { + "com.amazonaws.evidently#ListSegmentReferences": { "type": "operation", "input": { - "target": "com.amazonaws.evidently#ListTagsForResourceRequest" + "target": "com.amazonaws.evidently#ListSegmentReferencesRequest" }, "output": { - "target": "com.amazonaws.evidently#ListTagsForResourceResponse" + "target": "com.amazonaws.evidently#ListSegmentReferencesResponse" }, "errors": [ { - "target": "com.amazonaws.evidently#ConflictException" + "target": "com.amazonaws.evidently#AccessDeniedException" }, { "target": "com.amazonaws.evidently#ResourceNotFoundException" }, + { + "target": "com.amazonaws.evidently#ThrottlingException" + }, { "target": "com.amazonaws.evidently#ValidationException" } ], "traits": { - "smithy.api#documentation": "Displays the tags associated with an Evidently resource.
", + "smithy.api#documentation": "Use this operation to find which experiments or launches are using a specified segment.
", "smithy.api#http": { "method": "GET", - "uri": "/tags/{resourceArn}", + "uri": "/segments/{segment}/references", "code": 200 }, + "smithy.api#paginated": { + "inputToken": "nextToken", + "pageSize": "maxResults", + "outputToken": "nextToken", + "items": "referencedBy" + }, "smithy.api#readonly": {} } }, - "com.amazonaws.evidently#ListTagsForResourceRequest": { + "com.amazonaws.evidently#ListSegmentReferencesRequest": { "type": "structure", "members": { - "resourceArn": { - "target": "com.amazonaws.evidently#Arn", + "segment": { + "target": "com.amazonaws.evidently#SegmentRef", "traits": { - "smithy.api#documentation": "The ARN of the resource that you want to see the tags of.
", + "smithy.api#documentation": "The ARN of the segment that you want to view information for.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } + }, + "maxResults": { + "target": "com.amazonaws.evidently#MaxReferences", + "traits": { + "smithy.api#documentation": "The maximum number of results to include in the response. If you omit this, the default of 50 is used.
", + "smithy.api#httpQuery": "maxResults" + } + }, + "nextToken": { + "target": "com.amazonaws.evidently#NextToken", + "traits": { + "smithy.api#documentation": "The token to use when requesting the next set of results. You received this token from a previous \n ListSegmentReferences operation.
Specifies whether to return information about launches or experiments that use this segment.
", + "smithy.api#httpQuery": "type", + "smithy.api#required": {} + } } } }, - "com.amazonaws.evidently#ListTagsForResourceResponse": { + "com.amazonaws.evidently#ListSegmentReferencesResponse": { "type": "structure", "members": { - "tags": { - "target": "com.amazonaws.evidently#TagMap", + "referencedBy": { + "target": "com.amazonaws.evidently#RefResourceList", "traits": { - "smithy.api#documentation": "The list of tag keys and values associated with the resource you specified.
" + "smithy.api#documentation": "An array of structures, where each structure contains information about one experiment or launch that\n uses this segment.
" + } + }, + "nextToken": { + "target": "com.amazonaws.evidently#NextToken", + "traits": { + "smithy.api#documentation": "The token to use in a subsequent ListSegmentReferences operation to return\n the next set of results.
Returns a list of audience segments that you have created in your account in this Region.
", + "smithy.api#http": { + "method": "GET", + "uri": "/segments", + "code": 200 + }, + "smithy.api#paginated": { + "inputToken": "nextToken", + "pageSize": "maxResults", + "outputToken": "nextToken", + "items": "segments" + }, + "smithy.api#readonly": {} } }, - "com.amazonaws.evidently#MaxFeatures": { - "type": "integer", - "traits": { - "smithy.api#box": {}, - "smithy.api#range": { - "min": 1, - "max": 100 + "com.amazonaws.evidently#ListSegmentsRequest": { + "type": "structure", + "members": { + "maxResults": { + "target": "com.amazonaws.evidently#MaxSegments", + "traits": { + "smithy.api#documentation": "The maximum number of results to include in the response. If you omit this, the default of 50 is used.
", + "smithy.api#httpQuery": "maxResults" + } + }, + "nextToken": { + "target": "com.amazonaws.evidently#NextToken", + "traits": { + "smithy.api#documentation": "The token to use when requesting the next set of results. You received this token from a previous \n ListSegments operation.
An array of structures that contain information about the segments in this Region.
" + } + }, + "nextToken": { + "target": "com.amazonaws.evidently#NextToken", + "traits": { + "smithy.api#documentation": "The token to use in a subsequent ListSegments operation to return\n the next set of results.
Displays the tags associated with an Evidently resource.
", + "smithy.api#http": { + "uri": "/tags/{resourceArn}", + "method": "GET" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.evidently#ListTagsForResourceRequest": { + "type": "structure", + "members": { + "resourceArn": { + "target": "com.amazonaws.evidently#Arn", + "traits": { + "smithy.api#documentation": "The ARN of the resource that you want to see the tags of.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.evidently#ListTagsForResourceResponse": { + "type": "structure", + "members": { + "tags": { + "target": "com.amazonaws.evidently#TagMap", + "traits": { + "smithy.api#documentation": "The list of tag keys and values associated with the resource you specified.
" + } + } + } + }, + "com.amazonaws.evidently#MaxExperiments": { + "type": "integer", + "traits": { + "smithy.api#box": {}, + "smithy.api#range": { + "min": 1, + "max": 100 + } + } + }, + "com.amazonaws.evidently#MaxFeatures": { + "type": "integer", + "traits": { + "smithy.api#box": {}, + "smithy.api#range": { + "min": 1, + "max": 100 + } + } + }, + "com.amazonaws.evidently#MaxLaunches": { "type": "integer", "traits": { "smithy.api#box": {}, @@ -3083,6 +3441,26 @@ } } }, + "com.amazonaws.evidently#MaxReferences": { + "type": "integer", + "traits": { + "smithy.api#box": {}, + "smithy.api#range": { + "min": 1, + "max": 100 + } + } + }, + "com.amazonaws.evidently#MaxSegments": { + "type": "integer", + "traits": { + "smithy.api#box": {}, + "smithy.api#range": { + "min": 1, + "max": 50 + } + } + }, "com.amazonaws.evidently#MetricDefinition": { "type": "structure", "members": { @@ -3514,7 +3892,7 @@ "min": 0, "max": 2048 }, - "smithy.api#pattern": "([-a-zA-Z0-9._]*)|(arn:[^:]*:[^:]*:[^:]*:[^:]*:project/[-a-zA-Z0-9._]*)" + "smithy.api#pattern": "(^[a-zA-Z0-9._-]*$)|(arn:[^:]*:[^:]*:[^:]*:[^:]*:project/[a-zA-Z0-9._-]*)" } }, "com.amazonaws.evidently#ProjectResource": { @@ -3567,9 +3945,7 @@ "traits": { "aws.api#arn": { "template": "{project}", - "absolute": false, - "noAccount": false, - "noRegion": false + "absolute": false } } }, @@ -3821,6 +4197,64 @@ "smithy.api#pattern": ".*" } }, + "com.amazonaws.evidently#RefResource": { + "type": "structure", + "members": { + "name": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The name of the experiment or launch.
", + "smithy.api#required": {} + } + }, + "type": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Specifies whether the resource that this structure contains information about is an experiment or a launch.
", + "smithy.api#required": {} + } + }, + "arn": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The ARN of the experiment or launch.
" + } + }, + "status": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The status of the experiment or launch.
" + } + }, + "startTime": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The day and time that this experiment or launch started.
" + } + }, + "endTime": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The day and time that this experiment or launch ended.
" + } + }, + "lastUpdatedOn": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The day and time that this experiment or launch was most recently updated.
" + } + } + }, + "traits": { + "smithy.api#documentation": "A structure that contains information about one experiment or launch that\n uses the specified segment.
" + } + }, + "com.amazonaws.evidently#RefResourceList": { + "type": "list", + "member": { + "target": "com.amazonaws.evidently#RefResource" + } + }, "com.amazonaws.evidently#ResourceNotFoundException": { "type": "structure", "members": { @@ -3946,7 +4380,13 @@ "groupWeights": { "target": "com.amazonaws.evidently#GroupToWeightMap", "traits": { - "smithy.api#documentation": "The traffic allocation percentages among the feature variations during one step of a\n launch. This is a set of key-value pairs. The keys are variation names. The values represent\n the percentage of traffic to allocate to that variation during this step.
" + "smithy.api#documentation": "The traffic allocation percentages among the feature variations during one step of a\n launch. This is a set of key-value pairs. The keys are variation names. The values represent\n the percentage of traffic to allocate to that variation during this step.
\nThe values is expressed in thousandths of a percent,\n so assigning a weight of 50000 assigns 50% of traffic to that variation.
\nIf the sum of the weights for all the variations in a segment override does not add up to 100,000, \n then the remaining traffic that matches this segment is not assigned by this segment override, and instead moves\n on to the next segment override or the default traffic split.
" + } + }, + "segmentOverrides": { + "target": "com.amazonaws.evidently#SegmentOverridesList", + "traits": { + "smithy.api#documentation": "Use this parameter to specify different traffic splits for one or more audience segments. \n A segment\n is a portion of your audience that share one or more characteristics. Examples could be Chrome browser users, \n users in Europe, or Firefox browser users in Europe who also fit other criteria that your application collects,\n such as age.
\nThis parameter is an array of up to six segment override objects. Each of these objects specifies a segment\n that you have already created, and defines the traffic split for that segment.
" } } }, @@ -3967,9 +4407,15 @@ "groupWeights": { "target": "com.amazonaws.evidently#GroupToWeightMap", "traits": { - "smithy.api#documentation": "The traffic allocation percentages among the feature variations during one step of a\n launch. This is a set of key-value pairs. The keys are variation names. The values represent\n the percentage of traffic to allocate to that variation during this step.
", + "smithy.api#documentation": "The traffic allocation percentages among the feature variations during one step of a\n launch. This is a set of key-value pairs. The keys are variation names. The values represent\n the percentage of traffic to allocate to that variation during this step.
\n \nThe values is expressed in thousandths of a percent,\n so assigning a weight of 50000 assigns 50% of traffic to that variation.
\nIf the sum of the weights for all the variations in a segment override does not add up to 100,000, \n then the remaining traffic that matches this segment is not assigned by this segment override, and instead moves\n on to the next segment override or the default traffic split.
", "smithy.api#required": {} } + }, + "segmentOverrides": { + "target": "com.amazonaws.evidently#SegmentOverridesList", + "traits": { + "smithy.api#documentation": "Use this parameter to specify different traffic splits for one or more audience segments. \n A segment\n is a portion of your audience that share one or more characteristics. Examples could be Chrome browser users, \n users in Europe, or Firefox browser users in Europe who also fit other criteria that your application collects,\n such as age.
\nThis parameter is an array of up to six segment override objects. Each of these objects specifies a segment\n that you have already created, and defines the traffic split for that segment.
" + } } }, "traits": { @@ -4029,6 +4475,200 @@ } } }, + "com.amazonaws.evidently#Segment": { + "type": "structure", + "members": { + "arn": { + "target": "com.amazonaws.evidently#SegmentArn", + "traits": { + "smithy.api#documentation": "The ARN of the segment.
", + "smithy.api#required": {} + } + }, + "name": { + "target": "com.amazonaws.evidently#SegmentName", + "traits": { + "smithy.api#documentation": "The name of the segment.
", + "smithy.api#required": {} + } + }, + "pattern": { + "target": "com.amazonaws.evidently#SegmentPattern", + "traits": { + "smithy.api#documentation": "", + "smithy.api#required": {} + } + }, + "createdTime": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "The date and time that this segment was created.
", + "smithy.api#required": {} + } + }, + "lastUpdatedTime": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "The date and time that this segment was most recently updated.
", + "smithy.api#required": {} + } + }, + "description": { + "target": "com.amazonaws.evidently#Description", + "traits": { + "smithy.api#documentation": "The customer-created description for this segment.
" + } + }, + "experimentCount": { + "target": "smithy.api#Long", + "traits": { + "smithy.api#documentation": "The number of experiments that this segment is used in. This count includes all current experiments, not just\n those that are currently running.
" + } + }, + "launchCount": { + "target": "smithy.api#Long", + "traits": { + "smithy.api#documentation": "The number of launches that this segment is used in. This count includes all current launches, not just\n those that are currently running.
" + } + }, + "tags": { + "target": "com.amazonaws.evidently#TagMap", + "traits": { + "smithy.api#documentation": "The list of tag keys and values associated with this launch.
" + } + } + }, + "traits": { + "smithy.api#documentation": "This structure contains information about one audience segment. You can use segments\n in your experiments and launches to narrow the user sessions used for experiment or launch to only the user\n sessions that match one or more criteria.
" + } + }, + "com.amazonaws.evidently#SegmentArn": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 2048 + }, + "smithy.api#pattern": "arn:[^:]*:[^:]*:[^:]*:[^:]*:segment/[-a-zA-Z0-9._]*" + } + }, + "com.amazonaws.evidently#SegmentList": { + "type": "list", + "member": { + "target": "com.amazonaws.evidently#Segment" + } + }, + "com.amazonaws.evidently#SegmentName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 64 + }, + "smithy.api#pattern": "^[-a-zA-Z0-9._]*$" + } + }, + "com.amazonaws.evidently#SegmentOverride": { + "type": "structure", + "members": { + "segment": { + "target": "com.amazonaws.evidently#SegmentRef", + "traits": { + "smithy.api#documentation": "The ARN of the segment to use.
", + "smithy.api#required": {} + } + }, + "evaluationOrder": { + "target": "smithy.api#Long", + "traits": { + "smithy.api#documentation": "A number indicating the order to use to evaluate segment overrides, if there are more\n than one. Segment overrides with lower numbers are evaluated first.
", + "smithy.api#required": {} + } + }, + "weights": { + "target": "com.amazonaws.evidently#GroupToWeightMap", + "traits": { + "smithy.api#documentation": "The traffic allocation percentages among the feature variations to assign to this \n segment. This is a set of key-value pairs. The keys are variation names. The values represent\n the amount of traffic to allocate to that variation for this segment. This is expressed in thousandths of a percent,\n so a weight of 50000 represents 50% of traffic.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "This structure specifies a segment\n that you have already created, and defines the traffic split for that segment to be used in a launch.
" + } + }, + "com.amazonaws.evidently#SegmentOverridesList": { + "type": "list", + "member": { + "target": "com.amazonaws.evidently#SegmentOverride" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 6 + } + } + }, + "com.amazonaws.evidently#SegmentPattern": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1024 + }, + "smithy.api#mediaType": "application/json" + } + }, + "com.amazonaws.evidently#SegmentRef": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 2048 + }, + "smithy.api#pattern": "(^[-a-zA-Z0-9._]*$)|(arn:[^:]*:[^:]*:[^:]*:[^:]*:segment/[-a-zA-Z0-9._]*)" + } + }, + "com.amazonaws.evidently#SegmentReferenceResourceType": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "EXPERIMENT", + "name": "EXPERIMENT" + }, + { + "value": "LAUNCH", + "name": "LAUNCH" + } + ] + } + }, + "com.amazonaws.evidently#SegmentResource": { + "type": "resource", + "identifiers": { + "segment": { + "target": "com.amazonaws.evidently#SegmentRef" + } + }, + "create": { + "target": "com.amazonaws.evidently#CreateSegment" + }, + "read": { + "target": "com.amazonaws.evidently#GetSegment" + }, + "delete": { + "target": "com.amazonaws.evidently#DeleteSegment" + }, + "list": { + "target": "com.amazonaws.evidently#ListSegments" + }, + "operations": [ + { + "target": "com.amazonaws.evidently#ListSegmentReferences" + } + ] + }, "com.amazonaws.evidently#ServiceQuotaExceededException": { "type": "structure", "members": { @@ -4443,9 +5083,8 @@ "traits": { "smithy.api#documentation": "Assigns one or more tags (key-value pairs) to the specified CloudWatch Evidently resource. Projects,\n features, launches, and experiments can be tagged.
\nTags can help you organize and categorize your resources. You can also use them to scope user\n permissions by granting a user\n permission to access or change only resources with certain tag values.
\nTags don't have any semantic meaning to Amazon Web Services and are interpreted strictly as strings of characters.
\nYou can use the TagResource action with a resource that already has tags. \n If you specify a new tag key for the resource, \n this tag is appended to the list of tags associated\n with the alarm. If you specify a tag key that is already associated with the resource, the new tag value that you specify replaces\n the previous value for that tag.
You can associate as many as 50 tags with a resource.
\nFor more information, see Tagging Amazon Web Services resources.
", "smithy.api#http": { - "method": "POST", "uri": "/tags/{resourceArn}", - "code": 200 + "method": "POST" }, "smithy.api#idempotent": {} } @@ -4483,6 +5122,65 @@ } } }, + "com.amazonaws.evidently#TestSegmentPattern": { + "type": "operation", + "input": { + "target": "com.amazonaws.evidently#TestSegmentPatternRequest" + }, + "output": { + "target": "com.amazonaws.evidently#TestSegmentPatternResponse" + }, + "errors": [ + { + "target": "com.amazonaws.evidently#AccessDeniedException" + }, + { + "target": "com.amazonaws.evidently#ThrottlingException" + }, + { + "target": "com.amazonaws.evidently#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Use this operation to test a rules pattern that you plan to use to create an audience segment. \n For more information about segments, see CreateSegment.
", + "smithy.api#http": { + "method": "POST", + "uri": "/test-segment-pattern", + "code": 200 + } + } + }, + "com.amazonaws.evidently#TestSegmentPatternRequest": { + "type": "structure", + "members": { + "pattern": { + "target": "com.amazonaws.evidently#SegmentPattern", + "traits": { + "smithy.api#documentation": "The pattern to test.
", + "smithy.api#required": {} + } + }, + "payload": { + "target": "com.amazonaws.evidently#JsonValue", + "traits": { + "smithy.api#documentation": "A sample evaluationContext JSON block to test against the specified pattern.
Returns true if the pattern matches the payload.
Removes one or more tags from the specified resource.
", "smithy.api#http": { - "method": "DELETE", "uri": "/tags/{resourceArn}", - "code": 200 + "method": "DELETE" }, "smithy.api#idempotent": {} } @@ -4770,6 +5467,18 @@ "smithy.api#documentation": "The portion of the available audience that you want to allocate to this experiment, in thousandths of a percent. The available audience\n is the total audience minus the audience that you have allocated to overrides or current launches of\n this feature.
\nThis is represented in thousandths of a percent. For example, specify 20,000 to allocate 20% of the available audience.
" } }, + "segment": { + "target": "com.amazonaws.evidently#SegmentRef", + "traits": { + "smithy.api#documentation": "Adds an audience segment to an experiment. When a segment is used in an experiment, only\n user sessions that match the segment pattern are used in the experiment. You can't use this parameter if the \n experiment is currently\n running.
" + } + }, + "removeSegment": { + "target": "smithy.api#PrimitiveBoolean", + "traits": { + "smithy.api#documentation": "Removes a segment from being used in an experiment. You can't use this parameter if the experiment is currently\n running.
" + } + }, "onlineAbConfig": { "target": "com.amazonaws.evidently#OnlineAbConfig", "traits": { @@ -4999,6 +5708,9 @@ { "target": "com.amazonaws.evidently#AccessDeniedException" }, + { + "target": "com.amazonaws.evidently#ConflictException" + }, { "target": "com.amazonaws.evidently#ResourceNotFoundException" }, diff --git a/codegen/sdk/aws-models/glue.json b/codegen/sdk/aws-models/glue.json index 952d894c971..dad3c6851a2 100644 --- a/codegen/sdk/aws-models/glue.json +++ b/codegen/sdk/aws-models/glue.json @@ -16018,7 +16018,7 @@ "Timeout": { "target": "com.amazonaws.glue#Timeout", "traits": { - "smithy.api#documentation": "The JobRun timeout in minutes. This is the maximum time that a job run can\n consume resources before it is terminated and enters TIMEOUT status. The default\n is 2,880 minutes (48 hours). This overrides the timeout value set in the parent job.
The JobRun timeout in minutes. This is the maximum time that a job run can\n consume resources before it is terminated and enters TIMEOUT status. This value overrides the timeout value set in the parent job.
Streaming jobs do not have a timeout. The default for non-streaming jobs is 2,880 minutes (48 hours).
" } }, "MaxCapacity": { @@ -16066,7 +16066,7 @@ "DPUSeconds": { "target": "com.amazonaws.glue#NullableDouble", "traits": { - "smithy.api#documentation": "This field populates only when an Auto Scaling job run completes, and represents the total time each executor ran during the lifecycle of a job run in seconds, multiplied by a DPU factor (1 for G.1X and 2 for G.2X workers). This value may be different than the executionEngineRuntime * MaxCapacity as in the case of Auto Scaling jobs, as the number of executors running at a given time may be less than the MaxCapacity. Therefore, it is possible that the value of DPUSeconds is less than executionEngineRuntime * MaxCapacity.
This field populates only for Auto Scaling job runs, and represents the total time each executor ran during the lifecycle of a job run in seconds, multiplied by a DPU factor (1 for G.1X, 2 for G.2X, or 0.25 for G.025X workers). This value may be different than the executionEngineRuntime * MaxCapacity as in the case of Auto Scaling jobs, as the number of executors running at a given time may be less than the MaxCapacity. Therefore, it is possible that the value of DPUSeconds is less than executionEngineRuntime * MaxCapacity.
The JobRun timeout in minutes. This is the maximum time that a job run can\n consume resources before it is terminated and enters TIMEOUT status. The default\n is 2,880 minutes (48 hours). This overrides the timeout value set in the parent job.
The JobRun timeout in minutes. This is the maximum time that a job run can\n consume resources before it is terminated and enters TIMEOUT status. This value overrides the timeout value set in the parent job.
Streaming jobs do not have a timeout. The default for non-streaming jobs is 2,880 minutes (48 hours).
" } }, "MaxCapacity": { diff --git a/codegen/sdk/aws-models/iot.json b/codegen/sdk/aws-models/iot.json index 365d01437cf..c5f20e60fb5 100644 --- a/codegen/sdk/aws-models/iot.json +++ b/codegen/sdk/aws-models/iot.json @@ -1802,7 +1802,7 @@ ], "traits": { "smithy.api#deprecated": {}, - "smithy.api#documentation": "Attaches the specified policy to the specified principal (certificate or other\n credential).
\n\n Note: This action is deprecated. Please use AttachPolicy instead.
\nRequires permission to access the AttachPrincipalPolicy action.
", + "smithy.api#documentation": "Attaches the specified policy to the specified principal (certificate or other\n credential).
\n\n Note: This action is deprecated and works as\n expected for backward compatibility, but we won't add enhancements. Use AttachPolicy instead.
\nRequires permission to access the AttachPrincipalPolicy action.
", "smithy.api#http": { "method": "PUT", "uri": "/principal-policies/{policyName}", @@ -15615,6 +15615,20 @@ ] } }, + "com.amazonaws.iot#IndexingFilter": { + "type": "structure", + "members": { + "namedShadowNames": { + "target": "com.amazonaws.iot#NamedShadowNamesFilter", + "traits": { + "smithy.api#documentation": "The shadow names that you select to index. The default maximum number of shadow names for indexing is 10. To increase \n the limit, see Amazon Web Services IoT Device Management \n Quotas in the Amazon Web Services General Reference.\n
" + } + } + }, + "traits": { + "smithy.api#documentation": "Provides additional filters for specific data sources. Named shadow is the only data source that currently supports and requires a filter.\n To add named shadows to your fleet indexing configuration, set namedShadowIndexingMode to be ON and \n specify your shadow names in filter.
Contains custom field names and their data type.
" } + }, + "filter": { + "target": "com.amazonaws.iot#IndexingFilter", + "traits": { + "smithy.api#documentation": "Provides additional filters for specific data sources. Named shadow is the only data source that currently supports and requires a filter.\n To add named shadows to your fleet indexing configuration, set namedShadowIndexingMode to be ON and \n specify your shadow names in filter.
Creates a custom key store that is associated with an CloudHSM cluster that you own and\n manage.
\nThis operation is part of the Custom Key Store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.
\nBefore you create the custom key store, you must assemble\n the required elements, including an CloudHSM cluster that fulfills the requirements for a custom\n key store. For details about the required elements, see Assemble the Prerequisites\n in the Key Management Service Developer Guide.
\nWhen the operation completes successfully, it returns the ID of the new custom key store.\n Before you can use your new custom key store, you need to use the ConnectCustomKeyStore operation to connect the new key store to its CloudHSM\n cluster. Even if you are not going to use your custom key store immediately, you might want to\n connect it to verify that all settings are correct and then disconnect it until you are ready\n to use it.
\nFor help with failures, see Troubleshooting a Custom Key Store in the\n Key Management Service Developer Guide.
\n\n Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.
\n\n Required permissions: kms:CreateCustomKeyStore (IAM policy).
\n\n Related operations:\n
\n\n DeleteCustomKeyStore\n
\n\n UpdateCustomKeyStore\n
\nCreates a custom key store that is associated with an CloudHSM cluster that you own and\n manage.
\nThis operation is part of the custom key store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.
\nBefore you create the custom key store, you must assemble\n the required elements, including an CloudHSM cluster that fulfills the requirements for a custom\n key store. For details about the required elements, see Assemble the Prerequisites\n in the Key Management Service Developer Guide.
\nWhen the operation completes successfully, it returns the ID of the new custom key store.\n Before you can use your new custom key store, you need to use the ConnectCustomKeyStore operation to connect the new key store to its CloudHSM\n cluster. Even if you are not going to use your custom key store immediately, you might want to\n connect it to verify that all settings are correct and then disconnect it until you are ready\n to use it.
\nFor help with failures, see Troubleshooting a Custom Key Store in the\n Key Management Service Developer Guide.
\n\n Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.
\n\n Required permissions: kms:CreateCustomKeyStore (IAM policy).
\n\n Related operations:\n
\n\n DeleteCustomKeyStore\n
\n\n UpdateCustomKeyStore\n
\nIdentifies the CloudHSM cluster for the custom key store. Enter the cluster ID of any active\n CloudHSM cluster that is not already associated with a custom key store. To find the cluster ID,\n use the DescribeClusters operation.
", - "smithy.api#required": {} + "smithy.api#documentation": "Identifies the CloudHSM cluster for the custom key store. Enter the cluster ID of any active\n CloudHSM cluster that is not already associated with a custom key store. To find the cluster ID,\n use the DescribeClusters operation.
" } }, "TrustAnchorCertificate": { "target": "com.amazonaws.kms#TrustAnchorCertificateType", "traits": { - "smithy.api#documentation": "Enter the content of the trust anchor certificate for the cluster. This is the content of\n the customerCA.crt file that you created when you initialized the cluster.
Enter the content of the trust anchor certificate for the cluster. This is the content of\n the customerCA.crt file that you created when you initialized the cluster.
Enter the password of the \n kmsuser crypto user\n (CU) account in the specified CloudHSM cluster. KMS logs into the cluster as this\n user to manage key material on your behalf.
The password must be a string of 7 to 32 characters. Its value is case sensitive.
\nThis parameter tells KMS the kmsuser account password; it does not change\n the password in the CloudHSM cluster.
Enter the password of the \n kmsuser crypto user\n (CU) account in the specified CloudHSM cluster. KMS logs into the cluster as this\n user to manage key material on your behalf.
The password must be a string of 7 to 32 characters. Its value is case sensitive.
\nThis parameter tells KMS the kmsuser account password; it does not change\n the password in the CloudHSM cluster.
Creates a unique customer managed KMS key in your Amazon Web Services account and\n Region.
\nIn addition to the required parameters, you can use the optional parameters to specify a key policy, description, tags, and other useful elements for any key type.
\nKMS is replacing the term customer master key (CMK) with KMS key and KMS key. The concept has not changed. To prevent breaking changes, KMS is keeping some variations of this term.
\nTo create different types of KMS keys, use the following guidance:
\n\nTo create a symmetric encryption KMS key, you aren't required to specify any parameters. The default value for\n KeySpec, SYMMETRIC_DEFAULT, and the default value for\n KeyUsage, ENCRYPT_DECRYPT, create a symmetric encryption KMS key.
If you need a key for basic encryption and decryption or you \n are creating a KMS key to protect your resources in an Amazon Web Services service, create a symmetric encryption KMS key. The key material in a symmetric encryption key never leaves KMS unencrypted. You can use a symmetric encryption KMS key to encrypt and decrypt data up to 4,096 bytes, but they are typically used to generate data keys and data keys pairs. For details, see GenerateDataKey and GenerateDataKeyPair.
\n\n
To create an asymmetric KMS key, use the KeySpec parameter to specify\n the type of key material in the KMS key. Then, use the KeyUsage parameter\n to determine whether the KMS key will be used to encrypt and decrypt or sign and verify.\n You can't change these properties after the KMS key is created.
Asymmetric KMS keys contain an RSA key pair or an Elliptic Curve (ECC) key pair. The private key in an asymmetric \n KMS key never leaves KMS unencrypted. However, you can use the GetPublicKey operation to download the public key\n so it can be used outside of KMS. KMS keys with RSA key pairs can be used to encrypt or decrypt data or sign and verify messages (but not both). \n KMS keys with ECC key pairs can be used only to sign and verify messages. \n For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer Guide.
\n\n
To create an HMAC KMS key, set the KeySpec parameter to a\n key spec value for HMAC KMS keys. Then set the KeyUsage parameter to\n GENERATE_VERIFY_MAC. You must set the key usage even though\n GENERATE_VERIFY_MAC is the only valid key usage value for HMAC KMS keys.\n You can't change these properties after the KMS key is created.
HMAC KMS keys are symmetric keys that never leave KMS unencrypted. You can use\n HMAC keys to generate (GenerateMac) and verify (VerifyMac) HMAC codes for messages up to 4096 bytes.
\nHMAC KMS keys are not supported in all Amazon Web Services Regions. If you try to create an HMAC\n KMS key in an Amazon Web Services Region in which HMAC keys are not supported, the\n CreateKey operation returns an\n UnsupportedOperationException. For a list of Regions in which HMAC KMS keys\n are supported, see HMAC keys in\n KMS in the Key Management Service Developer Guide.
\n
To create a multi-Region primary key in the local Amazon Web Services Region,\n use the MultiRegion parameter with a value of True. To create\n a multi-Region replica key, that is, a KMS key with the same key ID\n and key material as a primary key, but in a different Amazon Web Services Region, use the ReplicateKey operation. To change a replica key to a primary key, and its\n primary key to a replica key, use the UpdatePrimaryRegion\n operation.
You can create multi-Region KMS keys for all supported KMS key types: symmetric\n encryption KMS keys, HMAC KMS keys, asymmetric encryption KMS keys, and asymmetric\n signing KMS keys. You can also create multi-Region keys with imported key material.\n However, you can't create multi-Region keys in a custom key store.
\nThis operation supports multi-Region keys, an KMS feature that lets you create multiple\n interoperable KMS keys in different Amazon Web Services Regions. Because these KMS keys have the same key ID, key\n material, and other metadata, you can use them interchangeably to encrypt data in one Amazon Web Services Region and decrypt\n it in a different Amazon Web Services Region without re-encrypting the data or making a cross-Region call. For more information about multi-Region keys, see Multi-Region keys in KMS in the Key Management Service Developer Guide.
\n\n
To import your own key material, begin by creating a symmetric encryption KMS key with no key\n material. To do this, use the Origin parameter of CreateKey\n with a value of EXTERNAL. Next, use GetParametersForImport operation to get a public key and import token, and use the public key to encrypt\n your key material. Then, use ImportKeyMaterial with your import token\n to import the key material. For step-by-step instructions, see Importing Key Material in the \n Key Management Service Developer Guide\n .
This feature supports only symmetric encryption KMS keys, including multi-Region symmetric encryption KMS keys. You cannot import key\n material into any other type of KMS key.
\nTo create a multi-Region primary key with imported key material, use the\n Origin parameter of CreateKey with a value of\n EXTERNAL and the MultiRegion parameter with a value of\n True. To create replicas of the multi-Region primary key, use the ReplicateKey operation. For more information about multi-Region keys, see Multi-Region keys in KMS in the Key Management Service Developer Guide.
\n
To create a symmetric encryption KMS key in a custom key store, use the\n CustomKeyStoreId parameter to specify the custom key store. You must also\n use the Origin parameter with a value of AWS_CLOUDHSM. The\n CloudHSM cluster that is associated with the custom key store must have at least two active\n HSMs in different Availability Zones in the Amazon Web Services Region.
Custom key stores support only symmetric encryption KMS keys. You cannot create an\n HMAC KMS key or an asymmetric KMS key in a custom key store. For information about\n custom key stores in KMS see Custom key stores in KMS in\n the \n Key Management Service Developer Guide\n .
\n\n Cross-account use: No. You cannot use this operation to\n create a KMS key in a different Amazon Web Services account.
\n\n\n Required permissions: kms:CreateKey (IAM policy). To use the\n Tags parameter, kms:TagResource (IAM policy). For examples and information about related\n permissions, see Allow a user to create\n KMS keys in the Key Management Service Developer Guide.
\n Related operations:\n
\n\n DescribeKey\n
\n\n ListKeys\n
\n\n ScheduleKeyDeletion\n
\nCreates a unique customer managed KMS key in your Amazon Web Services account and\n Region.
\nIn addition to the required parameters, you can use the optional parameters to specify a key policy, description, tags, and other useful elements for any key type.
\nKMS is replacing the term customer master key (CMK) with KMS key and KMS key. The concept has not changed. To prevent breaking changes, KMS is keeping some variations of this term.
\nTo create different types of KMS keys, use the following guidance:
\n\nTo create a symmetric encryption KMS key, you aren't required to specify any parameters. The default value for\n KeySpec, SYMMETRIC_DEFAULT, and the default value for\n KeyUsage, ENCRYPT_DECRYPT, create a symmetric encryption KMS key. For technical details, see\n \n SYMMETRIC_DEFAULT key spec in the Key Management Service Developer Guide.
If you need a key for basic encryption and decryption or you \n are creating a KMS key to protect your resources in an Amazon Web Services service, create a symmetric encryption KMS key. The key material in a symmetric encryption key never leaves KMS unencrypted. You can use a symmetric encryption KMS key to encrypt and decrypt data up to 4,096 bytes, but they are typically used to generate data keys and data keys pairs. For details, see GenerateDataKey and GenerateDataKeyPair.
\n\n
To create an asymmetric KMS key, use the KeySpec parameter to specify\n the type of key material in the KMS key. Then, use the KeyUsage parameter\n to determine whether the KMS key will be used to encrypt and decrypt or sign and verify.\n You can't change these properties after the KMS key is created.
Asymmetric KMS keys contain an RSA key pair, Elliptic Curve (ECC) key pair, or an SM2 key pair (China Regions only). The private key in an asymmetric \n KMS key never leaves KMS unencrypted. However, you can use the GetPublicKey operation to download the public key\n so it can be used outside of KMS. KMS keys with RSA or SM2 key pairs can be used to encrypt or decrypt data or sign and verify messages (but not both). \n KMS keys with ECC key pairs can be used only to sign and verify messages. \n For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer Guide.
\n\n
To create an HMAC KMS key, set the KeySpec parameter to a\n key spec value for HMAC KMS keys. Then set the KeyUsage parameter to\n GENERATE_VERIFY_MAC. You must set the key usage even though\n GENERATE_VERIFY_MAC is the only valid key usage value for HMAC KMS keys.\n You can't change these properties after the KMS key is created.
HMAC KMS keys are symmetric keys that never leave KMS unencrypted. You can use\n HMAC keys to generate (GenerateMac) and verify (VerifyMac) HMAC codes for messages up to 4096 bytes.
\nHMAC KMS keys are not supported in all Amazon Web Services Regions. If you try to create an HMAC\n KMS key in an Amazon Web Services Region in which HMAC keys are not supported, the\n CreateKey operation returns an\n UnsupportedOperationException. For a list of Regions in which HMAC KMS keys\n are supported, see HMAC keys in\n KMS in the Key Management Service Developer Guide.
\n
To create a multi-Region primary key in the local Amazon Web Services Region,\n use the MultiRegion parameter with a value of True. To create\n a multi-Region replica key, that is, a KMS key with the same key ID\n and key material as a primary key, but in a different Amazon Web Services Region, use the ReplicateKey operation. To change a replica key to a primary key, and its\n primary key to a replica key, use the UpdatePrimaryRegion\n operation.
You can create multi-Region KMS keys for all supported KMS key types: symmetric\n encryption KMS keys, HMAC KMS keys, asymmetric encryption KMS keys, and asymmetric\n signing KMS keys. You can also create multi-Region keys with imported key material.\n However, you can't create multi-Region keys in a custom key store.
\nThis operation supports multi-Region keys, an KMS feature that lets you create multiple\n interoperable KMS keys in different Amazon Web Services Regions. Because these KMS keys have the same key ID, key\n material, and other metadata, you can use them interchangeably to encrypt data in one Amazon Web Services Region and decrypt\n it in a different Amazon Web Services Region without re-encrypting the data or making a cross-Region call. For more information about multi-Region keys, see Multi-Region keys in KMS in the Key Management Service Developer Guide.
\n\n
To import your own key material, begin by creating a symmetric encryption KMS key with no key\n material. To do this, use the Origin parameter of CreateKey\n with a value of EXTERNAL. Next, use GetParametersForImport operation to get a public key and import token, and use the public key to encrypt\n your key material. Then, use ImportKeyMaterial with your import token\n to import the key material. For step-by-step instructions, see Importing Key Material in the \n Key Management Service Developer Guide\n .
This feature supports only symmetric encryption KMS keys, including multi-Region symmetric encryption KMS keys. You cannot import key\n material into any other type of KMS key.
\nTo create a multi-Region primary key with imported key material, use the\n Origin parameter of CreateKey with a value of\n EXTERNAL and the MultiRegion parameter with a value of\n True. To create replicas of the multi-Region primary key, use the ReplicateKey operation. For more information about multi-Region keys, see Multi-Region keys in KMS in the Key Management Service Developer Guide.
\n
To create a symmetric encryption KMS key in a custom key store, use the\n CustomKeyStoreId parameter to specify the custom key store. You must also\n use the Origin parameter with a value of AWS_CLOUDHSM. The\n CloudHSM cluster that is associated with the custom key store must have at least two active\n HSMs in different Availability Zones in the Amazon Web Services Region.
Custom key stores support only symmetric encryption KMS keys. You cannot create an\n HMAC KMS key or an asymmetric KMS key in a custom key store. For information about\n custom key stores in KMS see Custom key stores in KMS in\n the \n Key Management Service Developer Guide\n .
\n\n Cross-account use: No. You cannot use this operation to\n create a KMS key in a different Amazon Web Services account.
\n\n\n Required permissions: kms:CreateKey (IAM policy). To use the\n Tags parameter, kms:TagResource (IAM policy). For examples and information about related\n permissions, see Allow a user to create\n KMS keys in the Key Management Service Developer Guide.
\n Related operations:\n
\n\n DescribeKey\n
\n\n ListKeys\n
\n\n ScheduleKeyDeletion\n
\nThe key policy to attach to the KMS key. If you do not specify a key policy, KMS attaches a default key policy to the KMS key.\n For more information, see Default key policy in the\n Key Management Service Developer Guide.
\nIf you provide a key policy, it must meet the following criteria:
\nIf you don't set BypassPolicyLockoutSafetyCheck to True, the key policy\n must allow the principal that is making the CreateKey request to make a\n subsequent PutKeyPolicy request on the KMS key. This reduces the risk\n that the KMS key becomes unmanageable. For more information, refer to the scenario in the\n Default Key Policy section of the \n Key Management Service Developer Guide\n .
Each statement in the key policy must contain one or more principals. The principals\n in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services\n principal (for example, an IAM user or role), you might need to enforce a delay before\n including the new principal in a key policy because the new principal might not be\n immediately visible to KMS. For more information, see Changes that I make are not always immediately visible in the Amazon Web Services\n Identity and Access Management User Guide.
\nA key policy document must conform to the following rules.
\nUp to 32 kilobytes (32768 bytes)
\nMust be UTF-8 encoded
\nThe only Unicode characters that are permitted in a key policy document are the horizontal tab (U+0009), linefeed (U+000A), carriage return (U+000D), and characters in the range U+0020 to U+00FF.
\nThe Sid element in a key policy statement can include spaces. (Spaces are\n prohibited in the Sid element of an IAM policy document.)
For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in the \n Identity and Access Management User Guide\n .
" + "smithy.api#documentation": "The key policy to attach to the KMS key. If you do not specify a key policy, KMS attaches a default key policy to the KMS key.\n For more information, see Default key policy in the\n Key Management Service Developer Guide.
\nIf you provide a key policy, it must meet the following criteria:
\nIf you don't set BypassPolicyLockoutSafetyCheck to True, the key policy\n must allow the principal that is making the CreateKey request to make a\n subsequent PutKeyPolicy request on the KMS key. This reduces the risk\n that the KMS key becomes unmanageable. For more information, refer to the scenario in the\n Default Key Policy section of the \n Key Management Service Developer Guide\n .
Each statement in the key policy must contain one or more principals. The principals\n in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services\n principal (for example, an IAM user or role), you might need to enforce a delay before\n including the new principal in a key policy because the new principal might not be\n immediately visible to KMS. For more information, see Changes that I make are not always immediately visible in the Amazon Web Services\n Identity and Access Management User Guide.
\nA key policy document can include only the following characters:
\nPrintable ASCII characters from the space character (\\u0020) through the end of the ASCII character range.
Printable characters in the Basic Latin and Latin-1 Supplement character set (through \\u00FF).
The tab (\\u0009), line feed (\\u000A), and carriage return (\\u000D) special characters
For information about key policies, see Key policies in KMS in the\n Key Management Service Developer Guide. For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in the \n Identity and Access Management User Guide\n .
" } }, "Description": { @@ -704,7 +705,7 @@ "KeyUsage": { "target": "com.amazonaws.kms#KeyUsageType", "traits": { - "smithy.api#documentation": "Determines the cryptographic operations for which you can use the KMS key. The default value is\n ENCRYPT_DECRYPT. This parameter is optional when you are creating a symmetric\n encryption KMS key; otherwise, it is required. You\n can't change the KeyUsage value after the KMS key is created.
Select only one valid value.
\nFor symmetric encryption KMS keys, omit the parameter or specify\n ENCRYPT_DECRYPT.
For HMAC KMS keys (symmetric), specify GENERATE_VERIFY_MAC.
For asymmetric KMS keys with RSA key material, specify ENCRYPT_DECRYPT or\n SIGN_VERIFY.
For asymmetric KMS keys with ECC key material, specify\n SIGN_VERIFY.
Determines the cryptographic operations for which you can use the KMS key. The default value is\n ENCRYPT_DECRYPT. This parameter is optional when you are creating a symmetric\n encryption KMS key; otherwise, it is required. You\n can't change the KeyUsage value after the KMS key is created.
Select only one valid value.
\nFor symmetric encryption KMS keys, omit the parameter or specify\n ENCRYPT_DECRYPT.
For HMAC KMS keys (symmetric), specify GENERATE_VERIFY_MAC.
For asymmetric KMS keys with RSA key material, specify ENCRYPT_DECRYPT or\n SIGN_VERIFY.
For asymmetric KMS keys with ECC key material, specify\n SIGN_VERIFY.
For asymmetric KMS keys with SM2 key material (China Regions only), specify ENCRYPT_DECRYPT or\n SIGN_VERIFY.
Specifies the type of KMS key to create. The default value,\n SYMMETRIC_DEFAULT, creates a KMS key with a 256-bit symmetric key for encryption\n and decryption. For help choosing a key spec for your KMS key, see Choosing a KMS key type in the \n Key Management Service Developer Guide\n .
The KeySpec determines whether the KMS key contains a symmetric key or an\n asymmetric key pair. It also determines the cryptographic algorithms that the KMS key supports. You can't\n change the KeySpec after the KMS key is created.\n To further restrict the algorithms that can be used with the KMS key, use a condition key in\n its key policy or IAM policy. For more information, see kms:EncryptionAlgorithm, kms:MacAlgorithm or kms:Signing Algorithm in the \n Key Management Service Developer Guide\n .
\n Amazon Web Services services that\n are integrated with KMS use symmetric encryption KMS keys to protect your data.\n These services do not support asymmetric KMS keys or HMAC KMS keys.
\nKMS supports the following key specs for KMS keys:
\nSymmetric encryption key (default)
\n\n SYMMETRIC_DEFAULT (AES-256-GCM)
HMAC keys (symmetric)
\n\n HMAC_224\n
\n HMAC_256\n
\n HMAC_384\n
\n HMAC_512\n
Asymmetric RSA key pairs
\n\n RSA_2048\n
\n RSA_3072\n
\n RSA_4096\n
Asymmetric NIST-recommended elliptic curve key pairs
\n\n ECC_NIST_P256 (secp256r1)
\n ECC_NIST_P384 (secp384r1)
\n ECC_NIST_P521 (secp521r1)
Other asymmetric elliptic curve key pairs
\n\n ECC_SECG_P256K1 (secp256k1), commonly used for\n cryptocurrencies.
Specifies the type of KMS key to create. The default value,\n SYMMETRIC_DEFAULT, creates a KMS key with a 256-bit AES-GCM key that is used for encryption and decryption, except in China Regions, \n where it creates a 128-bit symmetric key that uses SM4 encryption. For help choosing a key spec for your KMS key, see Choosing a KMS key type in the \n Key Management Service Developer Guide\n .
The KeySpec determines whether the KMS key contains a symmetric key or an\n asymmetric key pair. It also determines the cryptographic algorithms that the KMS key supports. You can't\n change the KeySpec after the KMS key is created.\n To further restrict the algorithms that can be used with the KMS key, use a condition key in\n its key policy or IAM policy. For more information, see kms:EncryptionAlgorithm, kms:MacAlgorithm or kms:Signing Algorithm in the \n Key Management Service Developer Guide\n .
\n Amazon Web Services services that\n are integrated with KMS use symmetric encryption KMS keys to protect your data.\n These services do not support asymmetric KMS keys or HMAC KMS keys.
\nKMS supports the following key specs for KMS keys:
\nSymmetric encryption key (default)
\n\n SYMMETRIC_DEFAULT\n
HMAC keys (symmetric)
\n\n HMAC_224\n
\n HMAC_256\n
\n HMAC_384\n
\n HMAC_512\n
Asymmetric RSA key pairs
\n\n RSA_2048\n
\n RSA_3072\n
\n RSA_4096\n
Asymmetric NIST-recommended elliptic curve key pairs
\n\n ECC_NIST_P256 (secp256r1)
\n ECC_NIST_P384 (secp384r1)
\n ECC_NIST_P521 (secp521r1)
Other asymmetric elliptic curve key pairs
\n\n ECC_SECG_P256K1 (secp256k1), commonly used for\n cryptocurrencies.
SM2 key pairs (China Regions only)
\n\n SM2\n
Creates the KMS key in the specified custom key store and the key material in its\n associated CloudHSM cluster. To create a KMS key in a custom key store, you must also specify the\n Origin parameter with a value of AWS_CLOUDHSM. The CloudHSM cluster\n that is associated with the custom key store must have at least two active HSMs, each in a\n different Availability Zone in the Region.
This parameter is valid only for symmetric encryption KMS keys in a single Region. You \n cannot create any other type of KMS key in a custom key store.
\nTo find the ID of a custom key store, use the DescribeCustomKeyStores operation.
\nThe response includes the custom key store ID and the ID of the CloudHSM cluster.
\nThis operation is part of the Custom Key Store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.
" + "smithy.api#documentation": "Creates the KMS key in the specified custom key store and the key material in its\n associated CloudHSM cluster. To create a KMS key in a custom key store, you must also specify the\n Origin parameter with a value of AWS_CLOUDHSM. The CloudHSM cluster\n that is associated with the custom key store must have at least two active HSMs, each in a\n different Availability Zone in the Region.
This parameter is valid only for symmetric encryption KMS keys in a single Region. You \n cannot create any other type of KMS key in a custom key store.
\nTo find the ID of a custom key store, use the DescribeCustomKeyStores operation.
\nThe response includes the custom key store ID and the ID of the CloudHSM cluster.
\nThis operation is part of the custom key store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.
" } }, "BypassPolicyLockoutSafetyCheck": { @@ -961,6 +962,10 @@ { "value": "HMAC_512", "name": "HMAC_512" + }, + { + "value": "SM2", + "name": "SM2" } ] } @@ -996,6 +1001,10 @@ { "value": "ECC_SECG_P256K1", "name": "ECC_SECG_P256K1" + }, + { + "value": "SM2", + "name": "SM2" } ] } @@ -1182,7 +1191,7 @@ } ], "traits": { - "smithy.api#documentation": "Deletes a custom key store. This operation does not delete the CloudHSM cluster that is\n associated with the custom key store, or affect any users or keys in the cluster.
\nThe custom key store that you delete cannot contain any KMS KMS keys. Before deleting the key store,\n verify that you will never need to use any of the KMS keys in the key store for any\n cryptographic operations. Then, use ScheduleKeyDeletion to delete the KMS keys from the\n key store. When the scheduled waiting period expires, the ScheduleKeyDeletion\n operation deletes the KMS keys. Then it makes a best effort to delete the key material from\n the associated cluster. However, you might need to manually delete the orphaned key\n material from the cluster and its backups.
After all KMS keys are deleted from KMS, use DisconnectCustomKeyStore\n to disconnect the key store from KMS. Then, you can delete the custom key store.
\nInstead of deleting the custom key store, consider using DisconnectCustomKeyStore to disconnect it from KMS. While the key store is\n disconnected, you cannot create or use the KMS keys in the key store. But, you do not need to\n delete KMS keys and you can reconnect a disconnected custom key store at any time.
\nIf the operation succeeds, it returns a JSON object with no\nproperties.
\nThis operation is part of the Custom Key Store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.
\n\n Cross-account use: No.\n You cannot perform this operation on a custom key store in a different Amazon Web Services account.
\n\n\n Required permissions: kms:DeleteCustomKeyStore (IAM policy)
\n\n Related operations:\n
\n\n CreateCustomKeyStore\n
\n\n UpdateCustomKeyStore\n
\nDeletes a custom key store. This operation does not delete the CloudHSM cluster that is\n associated with the custom key store, or affect any users or keys in the cluster.
\nThe custom key store that you delete cannot contain any KMS keys. Before deleting the key store,\n verify that you will never need to use any of the KMS keys in the key store for any\n cryptographic operations. Then, use ScheduleKeyDeletion to delete the KMS keys from the\n key store. When the scheduled waiting period expires, the ScheduleKeyDeletion\n operation deletes the KMS keys. Then it makes a best effort to delete the key material from\n the associated cluster. However, you might need to manually delete the orphaned key\n material from the cluster and its backups.
After all KMS keys are deleted from KMS, use DisconnectCustomKeyStore\n to disconnect the key store from KMS. Then, you can delete the custom key store.
\nInstead of deleting the custom key store, consider using DisconnectCustomKeyStore to disconnect it from KMS. While the key store is\n disconnected, you cannot create or use the KMS keys in the key store. But, you do not need to\n delete KMS keys and you can reconnect a disconnected custom key store at any time.
\nIf the operation succeeds, it returns a JSON object with no\nproperties.
\nThis operation is part of the custom key store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.
\n\n Cross-account use: No.\n You cannot perform this operation on a custom key store in a different Amazon Web Services account.
\n\n\n Required permissions: kms:DeleteCustomKeyStore (IAM policy)
\n\n Related operations:\n
\n\n CreateCustomKeyStore\n
\n\n UpdateCustomKeyStore\n
\nGets information about custom key stores in the account and Region.
\nThis operation is part of the Custom Key Store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.
\nBy default, this operation returns information about all custom key\n stores in the account and Region. To get only information about a particular custom key store,\n use either the CustomKeyStoreName or CustomKeyStoreId parameter (but\n not both).
To determine whether the custom key store is connected to its CloudHSM cluster, use the\n ConnectionState element in the response. If an attempt to connect the custom\n key store failed, the ConnectionState value is FAILED and the\n ConnectionErrorCode element in the response indicates the cause of the failure.\n For help interpreting the ConnectionErrorCode, see CustomKeyStoresListEntry.
Custom key stores have a DISCONNECTED connection state if the key store has\n never been connected or you use the DisconnectCustomKeyStore operation to\n disconnect it. If your custom key store state is CONNECTED but you are having\n trouble using it, make sure that its associated CloudHSM cluster is active and contains the\n minimum number of HSMs required for the operation, if any.
For help repairing your custom key store, see the Troubleshooting Custom Key Stores topic in the\n Key Management Service Developer Guide.
\n\n Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.
\n\n Required permissions: kms:DescribeCustomKeyStores (IAM policy)
\n\n Related operations:\n
\n\n CreateCustomKeyStore\n
\n\n DeleteCustomKeyStore\n
\n\n UpdateCustomKeyStore\n
\nGets information about custom key stores in the account and Region.
\nThis operation is part of the custom key store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.
\nBy default, this operation returns information about all custom key\n stores in the account and Region. To get only information about a particular custom key store,\n use either the CustomKeyStoreName or CustomKeyStoreId parameter (but\n not both).
To determine whether the custom key store is connected to its CloudHSM cluster, use the\n ConnectionState element in the response. If an attempt to connect the custom\n key store failed, the ConnectionState value is FAILED and the\n ConnectionErrorCode element in the response indicates the cause of the failure.\n For help interpreting the ConnectionErrorCode, see CustomKeyStoresListEntry.
Custom key stores have a DISCONNECTED connection state if the key store has\n never been connected or you use the DisconnectCustomKeyStore operation to\n disconnect it. If your custom key store state is CONNECTED but you are having\n trouble using it, make sure that its associated CloudHSM cluster is active and contains the\n minimum number of HSMs required for the operation, if any.
For help repairing your custom key store, see the Troubleshooting Custom Key Stores topic in the\n Key Management Service Developer Guide.
\n\n Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.
\n\n Required permissions: kms:DescribeCustomKeyStores (IAM policy)
\n\n Related operations:\n
\n\n CreateCustomKeyStore\n
\n\n DeleteCustomKeyStore\n
\n\n UpdateCustomKeyStore\n
\nProvides detailed information about a KMS key. You can run DescribeKey on a\n customer managed\n key or an Amazon Web Services managed key.
This detailed information includes the key ARN, creation date (and deletion date, if\n applicable), the key state, and the origin and expiration date (if any) of the key material.\n It includes fields, like KeySpec, that help you distinguish different types of KMS keys. It also displays the key usage (encryption, signing, or generating and verifying MACs) and the algorithms that the KMS key supports. For KMS keys in custom key stores, it includes\n information about the custom key store, such as the key store ID and the CloudHSM cluster ID. For\n multi-Region keys, it displays the primary key and all related replica keys.
\n DescribeKey does not return the following information:
Aliases associated with the KMS key. To get this information, use ListAliases.
\nWhether automatic key rotation is enabled on the KMS key. To get this information, use\n GetKeyRotationStatus. Also, some key states prevent a KMS key from\n being automatically rotated. For details, see How Automatic Key Rotation\n Works in Key Management Service Developer Guide.
\nTags on the KMS key. To get this information, use ListResourceTags.
\nKey policies and grants on the KMS key. To get this information, use GetKeyPolicy and ListGrants.
\nIn general, DescribeKey is a non-mutating operation. It returns data about\n KMS keys, but doesn't change them. However, Amazon Web Services services use DescribeKey to\n create Amazon Web Services\n managed keys from a predefined Amazon Web Services alias with no key\n ID.
\n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n Required permissions: kms:DescribeKey (key policy)
\n\n Related operations:\n
\n\n GetKeyPolicy\n
\n\n GetKeyRotationStatus\n
\n\n ListAliases\n
\n\n ListGrants\n
\n\n ListKeys\n
\n\n ListResourceTags\n
\n\n ListRetirableGrants\n
\nProvides detailed information about a KMS key. You can run DescribeKey on a\n customer managed\n key or an Amazon Web Services managed key.
This detailed information includes the key ARN, creation date (and deletion date, if\n applicable), the key state, and the origin and expiration date (if any) of the key material.\n It includes fields, like KeySpec, that help you distinguish different types of KMS keys. It also displays the key usage (encryption, signing, or generating and verifying MACs) and the algorithms that the KMS key supports. For KMS keys in custom key stores, it includes\n information about the custom key store, such as the key store ID and the CloudHSM cluster ID. For\n multi-Region keys, it displays the primary key and all related replica keys.
\n DescribeKey does not return the following information:
Aliases associated with the KMS key. To get this information, use ListAliases.
\nWhether automatic key rotation is enabled on the KMS key. To get this information, use\n GetKeyRotationStatus. Also, some key states prevent a KMS key from\n being automatically rotated. For details, see How Automatic Key Rotation\n Works in the Key Management Service Developer Guide.
\nTags on the KMS key. To get this information, use ListResourceTags.
\nKey policies and grants on the KMS key. To get this information, use GetKeyPolicy and ListGrants.
\nIn general, DescribeKey is a non-mutating operation. It returns data about\n KMS keys, but doesn't change them. However, Amazon Web Services services use DescribeKey to\n create Amazon Web Services\n managed keys from a predefined Amazon Web Services alias with no key\n ID.
\n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n Required permissions: kms:DescribeKey (key policy)
\n\n Related operations:\n
\n\n GetKeyPolicy\n
\n\n GetKeyRotationStatus\n
\n\n ListAliases\n
\n\n ListGrants\n
\n\n ListKeys\n
\n\n ListResourceTags\n
\n\n ListRetirableGrants\n
\nDisconnects the custom key store from its associated CloudHSM cluster. While a custom key\n store is disconnected, you can manage the custom key store and its KMS keys, but you cannot\n create or use KMS keys in the custom key store. You can reconnect the custom key store at any\n time.
\nWhile a custom key store is disconnected, all attempts to create KMS keys in the custom key store or to use existing KMS keys in cryptographic operations will\n fail. This action can prevent users from storing and accessing sensitive data.
\nTo find the connection state of a custom key store, use the DescribeCustomKeyStores operation. To reconnect a custom key store, use the\n ConnectCustomKeyStore operation.
\nIf the operation succeeds, it returns a JSON object with no\nproperties.
\nThis operation is part of the Custom Key Store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.
\n\n\n Cross-account use: No.\n You cannot perform this operation on a custom key store in a different Amazon Web Services account.
\n\n\n Required permissions: kms:DisconnectCustomKeyStore (IAM policy)
\n\n Related operations:\n
\n\n CreateCustomKeyStore\n
\n\n DeleteCustomKeyStore\n
\n\n UpdateCustomKeyStore\n
\nDisconnects the custom key store from its associated CloudHSM cluster. While a custom key\n store is disconnected, you can manage the custom key store and its KMS keys, but you cannot\n create or use KMS keys in the custom key store. You can reconnect the custom key store at any\n time.
\nWhile a custom key store is disconnected, all attempts to create KMS keys in the custom key store or to use existing KMS keys in cryptographic operations will\n fail. This action can prevent users from storing and accessing sensitive data.
\nTo find the connection state of a custom key store, use the DescribeCustomKeyStores operation. To reconnect a custom key store, use the\n ConnectCustomKeyStore operation.
\nIf the operation succeeds, it returns a JSON object with no\nproperties.
\nThis operation is part of the custom key store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.
\n\n\n Cross-account use: No.\n You cannot perform this operation on a custom key store in a different Amazon Web Services account.
\n\n\n Required permissions: kms:DisconnectCustomKeyStore (IAM policy)
\n\n Related operations:\n
\n\n CreateCustomKeyStore\n
\n\n DeleteCustomKeyStore\n
\n\n UpdateCustomKeyStore\n
\nEncrypts plaintext of up to 4,096 bytes using a KMS key. You can use a symmetric or\n asymmetric KMS key with a KeyUsage of ENCRYPT_DECRYPT.
You can use this operation to encrypt small amounts of arbitrary data, such as a personal identifier or\n database password, or other sensitive information. You don't need to use the Encrypt operation to encrypt a data key. The GenerateDataKey and GenerateDataKeyPair operations return a\n plaintext data key and an encrypted copy of that data key.
If you use a symmetric encryption KMS key, you can use an encryption context to add additional\n security to your encryption operation. If you specify an EncryptionContext when\n encrypting data, you must specify the same encryption context (a case-sensitive exact match)\n when decrypting the data. Otherwise, the request to decrypt fails with an\n InvalidCiphertextException. For more information, see Encryption\n Context in the Key Management Service Developer Guide.
If you specify an asymmetric KMS key, you must also specify the encryption algorithm. The\n algorithm must be compatible with the KMS key type.
\nWhen you use an asymmetric KMS key to encrypt or reencrypt data, be sure to record the KMS key and encryption algorithm that you choose. You will be required to provide the same KMS key and encryption algorithm when you decrypt the data. If the KMS key and algorithm do not match the values used to encrypt the data, the decrypt operation fails.
\nYou are not required to supply the key ID and encryption algorithm when you decrypt with symmetric encryption KMS keys because KMS stores this information in the ciphertext blob. KMS cannot store metadata in ciphertext generated with asymmetric keys. The standard format for asymmetric key ciphertext does not include configurable fields.
\nThe maximum size of the data that you can encrypt varies with the type of KMS key and the\n encryption algorithm that you choose.
\nSymmetric encryption KMS keys
\n\n SYMMETRIC_DEFAULT: 4096 bytes
\n RSA_2048\n
\n RSAES_OAEP_SHA_1: 214 bytes
\n RSAES_OAEP_SHA_256: 190 bytes
\n RSA_3072\n
\n RSAES_OAEP_SHA_1: 342 bytes
\n RSAES_OAEP_SHA_256: 318 bytes
\n RSA_4096\n
\n RSAES_OAEP_SHA_1: 470 bytes
\n RSAES_OAEP_SHA_256: 446 bytes
The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n\n Cross-account use: Yes.\n To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n Required permissions: kms:Encrypt (key policy)
\n\n Related operations:\n
\n\n Decrypt\n
\n\n GenerateDataKey\n
\n\n GenerateDataKeyPair\n
\nEncrypts plaintext of up to 4,096 bytes using a KMS key. You can use a symmetric or\n asymmetric KMS key with a KeyUsage of ENCRYPT_DECRYPT.
You can use this operation to encrypt small amounts of arbitrary data, such as a personal identifier or\n database password, or other sensitive information. You don't need to use the Encrypt operation to encrypt a data key. The GenerateDataKey and GenerateDataKeyPair operations return a\n plaintext data key and an encrypted copy of that data key.
If you use a symmetric encryption KMS key, you can use an encryption context to add additional\n security to your encryption operation. If you specify an EncryptionContext when\n encrypting data, you must specify the same encryption context (a case-sensitive exact match)\n when decrypting the data. Otherwise, the request to decrypt fails with an\n InvalidCiphertextException. For more information, see Encryption\n Context in the Key Management Service Developer Guide.
If you specify an asymmetric KMS key, you must also specify the encryption algorithm. The\n algorithm must be compatible with the KMS key spec.
\nWhen you use an asymmetric KMS key to encrypt or reencrypt data, be sure to record the KMS key and encryption algorithm that you choose. You will be required to provide the same KMS key and encryption algorithm when you decrypt the data. If the KMS key and algorithm do not match the values used to encrypt the data, the decrypt operation fails.
\nYou are not required to supply the key ID and encryption algorithm when you decrypt with symmetric encryption KMS keys because KMS stores this information in the ciphertext blob. KMS cannot store metadata in ciphertext generated with asymmetric keys. The standard format for asymmetric key ciphertext does not include configurable fields.
\nThe maximum size of the data that you can encrypt varies with the type of KMS key and the\n encryption algorithm that you choose.
\nSymmetric encryption KMS keys
\n\n SYMMETRIC_DEFAULT: 4096 bytes
\n RSA_2048\n
\n RSAES_OAEP_SHA_1: 214 bytes
\n RSAES_OAEP_SHA_256: 190 bytes
\n RSA_3072\n
\n RSAES_OAEP_SHA_1: 342 bytes
\n RSAES_OAEP_SHA_256: 318 bytes
\n RSA_4096\n
\n RSAES_OAEP_SHA_1: 470 bytes
\n RSAES_OAEP_SHA_256: 446 bytes
\n SM2PKE: 1024 bytes (China Regions only)
The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n\n Cross-account use: Yes.\n To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n Required permissions: kms:Encrypt (key policy)
\n\n Related operations:\n
\n\n Decrypt\n
\n\n GenerateDataKey\n
\n\n GenerateDataKeyPair\n
\nReturns a unique symmetric data key for use outside of KMS. This operation returns a\n plaintext copy of the data key and a copy that is encrypted under a symmetric encryption KMS\n key that you specify. The bytes in the plaintext key are random; they are not related to the caller or the KMS\n key. You can use the plaintext key to encrypt your data outside of KMS and store the encrypted\n data key with the encrypted data.
\n\nTo generate a data key, specify the symmetric encryption KMS key that will be used to\n encrypt the data key. You cannot use an asymmetric KMS key to encrypt data keys. To get the\n type of your KMS key, use the DescribeKey operation. You must also specify the length of\n the data key. Use either the KeySpec or NumberOfBytes parameters\n (but not both). For 128-bit and 256-bit data keys, use the KeySpec parameter.
To get only an encrypted copy of the data key, use GenerateDataKeyWithoutPlaintext. To generate an asymmetric data key pair, use\n the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext operation. To get a cryptographically secure\n random byte string, use GenerateRandom.
\n\nYou can use an optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.
Applications in Amazon Web Services Nitro Enclaves can call this operation by using the Amazon Web Services Nitro Enclaves Development Kit. For information about the supporting parameters, see How Amazon Web Services Nitro Enclaves use KMS in the Key Management Service Developer Guide.
\nThe KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n\n How to use your data\n key\n
\nWe recommend that you use the following pattern to encrypt data locally in your\n application. You can write your own code or use a client-side encryption library, such as the\n Amazon Web Services Encryption SDK, the\n Amazon DynamoDB Encryption Client,\n or Amazon S3\n client-side encryption to do these tasks for you.
\nTo encrypt data outside of KMS:
\nUse the GenerateDataKey operation to get a data key.
Use the plaintext data key (in the Plaintext field of the response) to\n encrypt your data outside of KMS. Then erase the plaintext data key from memory.
Store the encrypted data key (in the CiphertextBlob field of the\n response) with the encrypted data.
To decrypt data outside of KMS:
\nUse the Decrypt operation to decrypt the encrypted data key. The\n operation returns a plaintext copy of the data key.
\nUse the plaintext data key to decrypt data outside of KMS, then erase the plaintext\n data key from memory.
\n\n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n Required permissions: kms:GenerateDataKey (key policy)
\n\n Related operations:\n
\n\n Decrypt\n
\n\n Encrypt\n
\n\n GenerateDataKeyPair\n
\nReturns a unique symmetric data key for use outside of KMS. This operation returns a\n plaintext copy of the data key and a copy that is encrypted under a symmetric encryption KMS\n key that you specify. The bytes in the plaintext key are random; they are not related \n to the caller or the KMS key. You can use the plaintext key to encrypt your data outside of KMS \n and store the encrypted data key with the encrypted data.
\n\nTo generate a data key, specify the symmetric encryption KMS key that will be used to\n encrypt the data key. You cannot use an asymmetric KMS key to encrypt data keys. To get the\n type of your KMS key, use the DescribeKey operation.
\n \nYou must also specify the length of the data key. Use either the KeySpec or \n NumberOfBytes parameters (but not both). For 128-bit and 256-bit data keys, use \n the KeySpec parameter.
To generate an SM4 data key (China Regions only), specify a KeySpec value of\n AES_128 or NumberOfBytes value of 128. The symmetric \n encryption key used in China Regions to encrypt your data key is an SM4 encryption key.
To get only an encrypted copy of the data key, use GenerateDataKeyWithoutPlaintext. To generate an asymmetric data key pair, use\n the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext operation. To get a cryptographically secure\n random byte string, use GenerateRandom.
\n\nYou can use an optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.
Applications in Amazon Web Services Nitro Enclaves can call this operation by using the Amazon Web Services Nitro Enclaves Development Kit. For information about the supporting parameters, see How Amazon Web Services Nitro Enclaves use KMS in the Key Management Service Developer Guide.
\nThe KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n\n How to use your data\n key\n
\nWe recommend that you use the following pattern to encrypt data locally in your\n application. You can write your own code or use a client-side encryption library, such as the\n Amazon Web Services Encryption SDK, the\n Amazon DynamoDB Encryption Client,\n or Amazon S3\n client-side encryption to do these tasks for you.
\nTo encrypt data outside of KMS:
\nUse the GenerateDataKey operation to get a data key.
Use the plaintext data key (in the Plaintext field of the response) to\n encrypt your data outside of KMS. Then erase the plaintext data key from memory.
Store the encrypted data key (in the CiphertextBlob field of the\n response) with the encrypted data.
To decrypt data outside of KMS:
\nUse the Decrypt operation to decrypt the encrypted data key. The\n operation returns a plaintext copy of the data key.
\nUse the plaintext data key to decrypt data outside of KMS, then erase the plaintext\n data key from memory.
\n\n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n Required permissions: kms:GenerateDataKey (key policy)
\n\n Related operations:\n
\n\n Decrypt\n
\n\n Encrypt\n
\n\n GenerateDataKeyPair\n
\nReturns a unique asymmetric data key pair for use outside of KMS. This operation returns\n a plaintext public key, a plaintext private key, and a copy of the private key that is\n encrypted under the symmetric encryption KMS key you specify. You can use the data key pair to\n perform asymmetric cryptography and implement digital signatures outside of KMS. The bytes\n in the keys are random; they not related to the caller or to the KMS key that is used to encrypt the\n private key.
\n\nYou can use the public key that GenerateDataKeyPair returns to encrypt data\n or verify a signature outside of KMS. Then, store the encrypted private key with the data.\n When you are ready to decrypt data or sign a message, you can use the Decrypt operation to decrypt the encrypted private key.
To generate a data key pair, you must specify a symmetric encryption KMS key to encrypt\n the private key in a data key pair. You cannot use an asymmetric KMS key or a KMS key in a\n custom key store. To get the type and origin of your KMS key, use the DescribeKey\n operation.
\nUse the KeyPairSpec parameter to choose an RSA or Elliptic Curve (ECC) data\n key pair. KMS recommends that your use ECC key pairs for signing, and use RSA key pairs for\n either encryption or signing, but not both. However, KMS cannot enforce any restrictions on\n the use of data key pairs outside of KMS.
If you are using the data key pair to encrypt data, or for any operation where you don't\n immediately need a private key, consider using the GenerateDataKeyPairWithoutPlaintext operation.\n GenerateDataKeyPairWithoutPlaintext returns a plaintext public key and an\n encrypted private key, but omits the plaintext private key that you need only to decrypt\n ciphertext or sign a message. Later, when you need to decrypt the data or sign a message, use\n the Decrypt operation to decrypt the encrypted private key in the data key\n pair.
\n GenerateDataKeyPair returns a unique data key pair for each request. The\n bytes in the keys are random; they are not related to the caller or the KMS key that is used to encrypt the\n private key. The public key is a DER-encoded X.509 SubjectPublicKeyInfo, as specified in\n RFC 5280. The private key is a\n DER-encoded PKCS8 PrivateKeyInfo, as specified in RFC 5958.
You can use an optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.
The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n\n Cross-account\n use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n Required permissions: kms:GenerateDataKeyPair (key policy)
\n\n Related operations:\n
\n\n Decrypt\n
\n\n Encrypt\n
\n\n GenerateDataKey\n
\nReturns a unique asymmetric data key pair for use outside of KMS. This operation returns\n a plaintext public key, a plaintext private key, and a copy of the private key that is\n encrypted under the symmetric encryption KMS key you specify. You can use the data key pair to\n perform asymmetric cryptography and implement digital signatures outside of KMS. The bytes\n in the keys are random; they not related to the caller or to the KMS key that is used to encrypt the\n private key.
\n\nYou can use the public key that GenerateDataKeyPair returns to encrypt data\n or verify a signature outside of KMS. Then, store the encrypted private key with the data.\n When you are ready to decrypt data or sign a message, you can use the Decrypt operation to decrypt the encrypted private key.
To generate a data key pair, you must specify a symmetric encryption KMS key to encrypt\n the private key in a data key pair. You cannot use an asymmetric KMS key or a KMS key in a\n custom key store. To get the type and origin of your KMS key, use the DescribeKey\n operation.
\nUse the KeyPairSpec parameter to choose an RSA or Elliptic Curve (ECC) data\n key pair. In China Regions, you can also choose an SM2 data key pair. KMS recommends that you use\n ECC key pairs for signing, and use RSA and SM2 key pairs for either encryption or signing, but not both.\n However, KMS cannot enforce any restrictions on the use of data key pairs outside of KMS.
If you are using the data key pair to encrypt data, or for any operation where you don't\n immediately need a private key, consider using the GenerateDataKeyPairWithoutPlaintext operation.\n GenerateDataKeyPairWithoutPlaintext returns a plaintext public key and an\n encrypted private key, but omits the plaintext private key that you need only to decrypt\n ciphertext or sign a message. Later, when you need to decrypt the data or sign a message, use\n the Decrypt operation to decrypt the encrypted private key in the data key\n pair.
\n GenerateDataKeyPair returns a unique data key pair for each request. The\n bytes in the keys are random; they are not related to the caller or the KMS key that is used to encrypt the\n private key. The public key is a DER-encoded X.509 SubjectPublicKeyInfo, as specified in\n RFC 5280. The private key is a\n DER-encoded PKCS8 PrivateKeyInfo, as specified in RFC 5958.
You can use an optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.
The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n\n Cross-account\n use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n Required permissions: kms:GenerateDataKeyPair (key policy)
\n\n Related operations:\n
\n\n Decrypt\n
\n\n Encrypt\n
\n\n GenerateDataKey\n
\nDetermines the type of data key pair that is generated.
\nThe KMS rule that restricts the use of asymmetric RSA KMS keys to encrypt and decrypt or to sign and verify (but not both), and the rule that permits you to use ECC KMS keys only to sign and verify, are not effective on data key pairs, which are used outside of KMS.
", + "smithy.api#documentation": "Determines the type of data key pair that is generated.
\nThe KMS rule that restricts the use of asymmetric RSA and SM2 KMS keys to encrypt and decrypt or to sign and verify (but not both), and the rule that permits you to use ECC KMS keys only to sign and verify, are not effective on data key pairs, which are used outside of KMS. The SM2 key spec is only available in China Regions. RSA and ECC asymmetric key pairs are also available in China Regions.
", "smithy.api#required": {} } }, @@ -1992,7 +2011,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns a unique asymmetric data key pair for use outside of KMS. This operation returns\n a plaintext public key and a copy of the private key that is encrypted under the symmetric\n encryption KMS key you specify. Unlike GenerateDataKeyPair, this operation\n does not return a plaintext private key. The bytes in the keys are random; they are not related to the caller\n or to the KMS key that is used to encrypt the private key.
\nYou can use the public key that GenerateDataKeyPairWithoutPlaintext returns\n to encrypt data or verify a signature outside of KMS. Then, store the encrypted private key\n with the data. When you are ready to decrypt data or sign a message, you can use the Decrypt operation to decrypt the encrypted private key.
To generate a data key pair, you must specify a symmetric encryption KMS key to encrypt\n the private key in a data key pair. You cannot use an asymmetric KMS key or a KMS key in a\n custom key store. To get the type and origin of your KMS key, use the DescribeKey\n operation.
\nUse the KeyPairSpec parameter to choose an RSA or Elliptic Curve (ECC) data\n key pair. KMS recommends that your use ECC key pairs for signing, and use RSA key pairs for\n either encryption or signing, but not both. However, KMS cannot enforce any restrictions on\n the use of data key pairs outside of KMS.
\n GenerateDataKeyPairWithoutPlaintext returns a unique data key pair for each\n request. The bytes in the key are not related to the caller or KMS key that is used to encrypt\n the private key. The public key is a DER-encoded X.509 SubjectPublicKeyInfo, as specified in\n RFC 5280.
You can use an optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.
The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n\n Cross-account\n use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n Required permissions: kms:GenerateDataKeyPairWithoutPlaintext (key\n policy)
\n\n Related operations:\n
\n\n Decrypt\n
\n\n Encrypt\n
\n\n GenerateDataKey\n
\n\n GenerateDataKeyPair\n
\nReturns a unique asymmetric data key pair for use outside of KMS. This operation returns\n a plaintext public key and a copy of the private key that is encrypted under the symmetric\n encryption KMS key you specify. Unlike GenerateDataKeyPair, this operation\n does not return a plaintext private key. The bytes in the keys are random; they are not related to the caller\n or to the KMS key that is used to encrypt the private key.
\nYou can use the public key that GenerateDataKeyPairWithoutPlaintext returns\n to encrypt data or verify a signature outside of KMS. Then, store the encrypted private key\n with the data. When you are ready to decrypt data or sign a message, you can use the Decrypt operation to decrypt the encrypted private key.
To generate a data key pair, you must specify a symmetric encryption KMS key to encrypt\n the private key in a data key pair. You cannot use an asymmetric KMS key or a KMS key in a\n custom key store. To get the type and origin of your KMS key, use the DescribeKey\n operation.
\nUse the KeyPairSpec parameter to choose an RSA or Elliptic Curve (ECC) data\n key pair. In China Regions, you can also choose an SM2 data key pair. KMS recommends that you \n use ECC key pairs for signing, and use RSA and SM2 key pairs for either encryption or signing, but not\n both. However, KMS cannot enforce any restrictions on the use of data key pairs outside of KMS.
\n GenerateDataKeyPairWithoutPlaintext returns a unique data key pair for each\n request. The bytes in the key are not related to the caller or KMS key that is used to encrypt\n the private key. The public key is a DER-encoded X.509 SubjectPublicKeyInfo, as specified in\n RFC 5280.
You can use an optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.
The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n\n Cross-account\n use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n Required permissions: kms:GenerateDataKeyPairWithoutPlaintext (key\n policy)
\n\n Related operations:\n
\n\n Decrypt\n
\n\n Encrypt\n
\n\n GenerateDataKey\n
\n\n GenerateDataKeyPair\n
\nDetermines the type of data key pair that is generated.
\nThe KMS rule that restricts the use of asymmetric RSA KMS keys to encrypt and decrypt or to sign and verify (but not both), and the rule that permits you to use ECC KMS keys only to sign and verify, are not effective on data key pairs, which are used outside of KMS.
", + "smithy.api#documentation": "Determines the type of data key pair that is generated.
\nThe KMS rule that restricts the use of asymmetric RSA and SM2 KMS keys to encrypt and decrypt or to sign and verify (but not both), and the rule that permits you to use ECC KMS keys only to sign and verify, are not effective on data key pairs, which are used outside of KMS. The SM2 key spec is only available in China Regions. RSA and ECC asymmetric key pairs are also available in China Regions.
", "smithy.api#required": {} } }, @@ -2318,7 +2337,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns a random byte string that is cryptographically secure.
\nBy default, the random byte string is generated in KMS. To generate the byte string in\n the CloudHSM cluster that is associated with a custom key store, specify the custom key store\n ID.
\nApplications in Amazon Web Services Nitro Enclaves can call this operation by using the Amazon Web Services Nitro Enclaves Development Kit. For information about the supporting parameters, see How Amazon Web Services Nitro Enclaves use KMS in the Key Management Service Developer Guide.
\nFor more information about entropy and random number generation, see\n Key Management Service Cryptographic Details.
\n\n\n Required permissions: kms:GenerateRandom (IAM policy)
" + "smithy.api#documentation": "Returns a random byte string that is cryptographically secure.
\nYou must use the NumberOfBytes parameter to specify the length of the random\n byte string. There is no default value for string length.
By default, the random byte string is generated in KMS. To generate the byte string in\n the CloudHSM cluster that is associated with a custom key store, specify the custom key store\n ID.
\nApplications in Amazon Web Services Nitro Enclaves can call this operation by using the Amazon Web Services Nitro Enclaves Development Kit. For information about the supporting parameters, see How Amazon Web Services Nitro Enclaves use KMS in the Key Management Service Developer Guide.
\nFor more information about entropy and random number generation, see\n Key Management Service Cryptographic Details.
\n\n Cross-account use: Not applicable. GenerateRandom does not use any account-specific resources, such as KMS keys.
\n Required permissions: kms:GenerateRandom (IAM policy)
" } }, "com.amazonaws.kms#GenerateRandomRequest": { @@ -2327,7 +2346,7 @@ "NumberOfBytes": { "target": "com.amazonaws.kms#NumberOfBytesType", "traits": { - "smithy.api#documentation": "The length of the byte string.
" + "smithy.api#documentation": "The length of the random byte string. This parameter is required.
" } }, "CustomKeyStoreId": { @@ -2591,7 +2610,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns the public key of an asymmetric KMS key. Unlike the private key of a asymmetric\n KMS key, which never leaves KMS unencrypted, callers with kms:GetPublicKey\n permission can download the public key of an asymmetric KMS key. You can share the public key\n to allow others to encrypt messages and verify signatures outside of KMS.\n For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer Guide.
You do not need to download the public key. Instead, you can use the public key within\n KMS by calling the Encrypt, ReEncrypt, or Verify operations with the identifier of an asymmetric KMS key. When you use the\n public key within KMS, you benefit from the authentication, authorization, and logging that\n are part of every KMS operation. You also reduce of risk of encrypting data that cannot be\n decrypted. These features are not effective outside of KMS. For details, see Special\n Considerations for Downloading Public Keys.
\nTo help you use the public key safely outside of KMS, GetPublicKey returns\n important information about the public key in the response, including:
\n KeySpec: The type of key material in the public key, such as\n RSA_4096 or ECC_NIST_P521.
\n KeyUsage: Whether the key is used for encryption or signing.
\n\n EncryptionAlgorithms or SigningAlgorithms: A list of the encryption algorithms or the signing\n algorithms for the key.
\nAlthough KMS cannot enforce these restrictions on external operations, it is crucial\n that you use this information to prevent the public key from being used improperly. For\n example, you can prevent a public signing key from being used encrypt data, or prevent a\n public key from being used with an encryption algorithm that is not supported by KMS. You\n can also avoid errors, such as using the wrong signing algorithm in a verification\n operation.
\nThe KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n\n Cross-account use:\n Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n Required permissions: kms:GetPublicKey (key policy)
\n\n Related operations: CreateKey\n
" + "smithy.api#documentation": "Returns the public key of an asymmetric KMS key. Unlike the private key of a asymmetric\n KMS key, which never leaves KMS unencrypted, callers with kms:GetPublicKey\n permission can download the public key of an asymmetric KMS key. You can share the public key\n to allow others to encrypt messages and verify signatures outside of KMS.\n For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer Guide.
You do not need to download the public key. Instead, you can use the public key within\n KMS by calling the Encrypt, ReEncrypt, or Verify operations with the identifier of an asymmetric KMS key. When you use the\n public key within KMS, you benefit from the authentication, authorization, and logging that\n are part of every KMS operation. You also reduce of risk of encrypting data that cannot be\n decrypted. These features are not effective outside of KMS.
\nTo verify a signature outside of KMS with an SM2 public key (China Regions only), you must \n specify the distinguishing ID. By default, KMS uses 1234567812345678 as the \n distinguishing ID. For more information, see Offline verification\n with SM2 key pairs.
To help you use the public key safely outside of KMS, GetPublicKey returns\n important information about the public key in the response, including:
\n KeySpec: The type of key material in the public key, such as\n RSA_4096 or ECC_NIST_P521.
\n KeyUsage: Whether the key is used for encryption or signing.
\n\n EncryptionAlgorithms or SigningAlgorithms: A list of the encryption algorithms or the signing\n algorithms for the key.
\nAlthough KMS cannot enforce these restrictions on external operations, it is crucial\n that you use this information to prevent the public key from being used improperly. For\n example, you can prevent a public signing key from being used encrypt data, or prevent a\n public key from being used with an encryption algorithm that is not supported by KMS. You\n can also avoid errors, such as using the wrong signing algorithm in a verification\n operation.
\nThe KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n\n Cross-account use:\n Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n Required permissions: kms:GetPublicKey (key policy)
\n\n Related operations: CreateKey\n
" } }, "com.amazonaws.kms#GetPublicKeyRequest": { @@ -3459,6 +3478,10 @@ { "value": "HMAC_512", "name": "HMAC_512" + }, + { + "value": "SM2", + "name": "SM2" } ] } @@ -3930,7 +3953,13 @@ } ], "traits": { - "smithy.api#documentation": "Returns all tags on the specified KMS key.
\nFor general information about tags, including the format and syntax, see Tagging Amazon Web Services resources in\n the Amazon Web Services General Reference. For information about using\n tags in KMS, see Tagging\n keys.
\n\n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n\n\n Required permissions: kms:ListResourceTags (key policy)
\n\n Related operations:\n
\n\n CreateKey\n
\n\n ReplicateKey\n
\n\n TagResource\n
\n\n UntagResource\n
\nReturns all tags on the specified KMS key.
\nFor general information about tags, including the format and syntax, see Tagging Amazon Web Services resources in\n the Amazon Web Services General Reference. For information about using\n tags in KMS, see Tagging\n keys.
\n\n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n\n\n Required permissions: kms:ListResourceTags (key policy)
\n\n Related operations:\n
\n\n CreateKey\n
\n\n ReplicateKey\n
\n\n TagResource\n
\n\n UntagResource\n
\nReturns information about all grants in the Amazon Web Services account and Region that have the\n specified retiring principal.
\nYou can specify any principal in your Amazon Web Services account. The grants that are returned include\n grants for KMS keys in your Amazon Web Services account and other Amazon Web Services accounts. You might use this\n operation to determine which grants you may retire. To retire a grant, use the RetireGrant operation.
\nFor detailed information about grants, including grant terminology, see Grants in KMS in the\n \n Key Management Service Developer Guide\n . For examples of working with grants in several\n programming languages, see Programming grants.
\n\n Cross-account use: You must specify a principal in your\n Amazon Web Services account. However, this operation can return grants in any Amazon Web Services account. You do not need\n kms:ListRetirableGrants permission (or any other additional permission) in any\n Amazon Web Services account other than your own.
\n Required permissions: kms:ListRetirableGrants (IAM policy) in your\n Amazon Web Services account.
\n\n Related operations:\n
\n\n CreateGrant\n
\n\n ListGrants\n
\n\n RetireGrant\n
\n\n RevokeGrant\n
\nReturns information about all grants in the Amazon Web Services account and Region that have the\n specified retiring principal.
\nYou can specify any principal in your Amazon Web Services account. The grants that are returned include\n grants for KMS keys in your Amazon Web Services account and other Amazon Web Services accounts. You might use this\n operation to determine which grants you may retire. To retire a grant, use the RetireGrant operation.
\nFor detailed information about grants, including grant terminology, see Grants in KMS in the\n \n Key Management Service Developer Guide\n . For examples of working with grants in several\n programming languages, see Programming grants.
\n\n Cross-account use: You must specify a principal in your\n Amazon Web Services account. However, this operation can return grants in any Amazon Web Services account. You do not need\n kms:ListRetirableGrants permission (or any other additional permission) in any\n Amazon Web Services account other than your own.
\n Required permissions: kms:ListRetirableGrants (IAM policy) in your\n Amazon Web Services account.
\n\n Related operations:\n
\n\n CreateGrant\n
\n\n ListGrants\n
\n\n RetireGrant\n
\n\n RevokeGrant\n
\nThe key policy to attach to the KMS key.
\nThe key policy must meet the following criteria:
\nIf you don't set BypassPolicyLockoutSafetyCheck to true, the key policy\n must allow the principal that is making the PutKeyPolicy request to make a\n subsequent PutKeyPolicy request on the KMS key. This reduces the risk that\n the KMS key becomes unmanageable. For more information, refer to the scenario in the\n Default Key Policy section of the Key Management Service Developer Guide.
Each statement in the key policy must contain one or more principals. The principals\n in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services\n principal (for example, an IAM user or role), you might need to enforce a delay before\n including the new principal in a key policy because the new principal might not be\n immediately visible to KMS. For more information, see Changes that I make are not always immediately visible in the Amazon Web Services\n Identity and Access Management User Guide.
\nA key policy document must conform to the following rules.
\nUp to 32 kilobytes (32768 bytes)
\nMust be UTF-8 encoded
\nThe only Unicode characters that are permitted in a key policy document are the horizontal tab (U+0009), linefeed (U+000A), carriage return (U+000D), and characters in the range U+0020 to U+00FF.
\nThe Sid element in a key policy statement can include spaces. (Spaces are\n prohibited in the Sid element of an IAM policy document.)
The key policy to attach to the KMS key.
\nThe key policy must meet the following criteria:
\nIf you don't set BypassPolicyLockoutSafetyCheck to true, the key policy\n must allow the principal that is making the PutKeyPolicy request to make a\n subsequent PutKeyPolicy request on the KMS key. This reduces the risk that\n the KMS key becomes unmanageable. For more information, refer to the scenario in the\n Default Key Policy section of the Key Management Service Developer Guide.
Each statement in the key policy must contain one or more principals. The principals\n in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services\n principal (for example, an IAM user or role), you might need to enforce a delay before\n including the new principal in a key policy because the new principal might not be\n immediately visible to KMS. For more information, see Changes that I make are not always immediately visible in the Amazon Web Services\n Identity and Access Management User Guide.
\nA key policy document can include only the following characters:
\nPrintable ASCII characters from the space character (\\u0020) through the end of the ASCII character range.
Printable characters in the Basic Latin and Latin-1 Supplement character set (through \\u00FF).
The tab (\\u0009), line feed (\\u000A), and carriage return (\\u000D) special characters
For information about key policies, see Key policies in KMS in the\n Key Management Service Developer Guide. For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in the \n Identity and Access Management User Guide\n .
", "smithy.api#required": {} } }, @@ -4566,7 +4601,7 @@ "Policy": { "target": "com.amazonaws.kms#PolicyType", "traits": { - "smithy.api#documentation": "The key policy to attach to the KMS key. This parameter is optional. If you do not provide\n a key policy, KMS attaches the default key policy to the\n KMS key.
\nThe key policy is not a shared property of multi-Region keys. You can specify the same key\n policy or a different key policy for each key in a set of related multi-Region keys. KMS\n does not synchronize this property.
\nIf you provide a key policy, it must meet the following criteria:
\nIf you don't set BypassPolicyLockoutSafetyCheck to true, the key policy\n must give the caller kms:PutKeyPolicy permission on the replica key. This\n reduces the risk that the KMS key becomes unmanageable. For more information, refer to the\n scenario in the Default Key Policy section of the \n Key Management Service Developer Guide\n .
Each statement in the key policy must contain one or more principals. The principals\n in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services\n principal (for example, an IAM user or role), you might need to enforce a delay before\n including the new principal in a key policy because the new principal might not be\n immediately visible to KMS. For more information, see Changes that I make are not always immediately visible in the\n \n Identity and Access Management User Guide\n .
\nA key policy document must conform to the following rules.
\nUp to 32 kilobytes (32768 bytes)
\nMust be UTF-8 encoded
\nThe only Unicode characters that are permitted in a key policy document are the horizontal tab (U+0009), linefeed (U+000A), carriage return (U+000D), and characters in the range U+0020 to U+00FF.
\nThe Sid element in a key policy statement can include spaces. (Spaces are\n prohibited in the Sid element of an IAM policy document.)
The key policy to attach to the KMS key. This parameter is optional. If you do not provide\n a key policy, KMS attaches the default key policy to the\n KMS key.
\nThe key policy is not a shared property of multi-Region keys. You can specify the same key\n policy or a different key policy for each key in a set of related multi-Region keys. KMS\n does not synchronize this property.
\nIf you provide a key policy, it must meet the following criteria:
\nIf you don't set BypassPolicyLockoutSafetyCheck to true, the key policy\n must give the caller kms:PutKeyPolicy permission on the replica key. This\n reduces the risk that the KMS key becomes unmanageable. For more information, refer to the\n scenario in the Default Key Policy section of the \n Key Management Service Developer Guide\n .
Each statement in the key policy must contain one or more principals. The principals\n in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services\n principal (for example, an IAM user or role), you might need to enforce a delay before\n including the new principal in a key policy because the new principal might not be\n immediately visible to KMS. For more information, see Changes that I make are not always immediately visible in the\n \n Identity and Access Management User Guide\n .
\nA key policy document can include only the following characters:
\nPrintable ASCII characters from the space character (\\u0020) through the end of the ASCII character range.
Printable characters in the Basic Latin and Latin-1 Supplement character set (through \\u00FF).
The tab (\\u0009), line feed (\\u000A), and carriage return (\\u000D) special characters
For information about key policies, see Key policies in KMS in the\n Key Management Service Developer Guide. For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in the \n Identity and Access Management User Guide\n .
" } }, "BypassPolicyLockoutSafetyCheck": { @@ -4935,6 +4970,10 @@ { "value": "ECDSA_SHA_512", "name": "ECDSA_SHA_512" + }, + { + "value": "SM2DSA", + "name": "SM2DSA" } ] } @@ -5348,7 +5387,7 @@ "AliasName": { "target": "com.amazonaws.kms#AliasNameType", "traits": { - "smithy.api#documentation": "Identifies the alias that is changing its KMS key. This value must begin with\n alias/ followed by the alias name, such as alias/ExampleAlias. You\n cannot use UpdateAlias to change the alias name.
Identifies the alias that is changing its KMS key. This value must begin with\n alias/ followed by the alias name, such as alias/ExampleAlias. You\n cannot use UpdateAlias to change the alias name.
Changes the properties of a custom key store. Use the CustomKeyStoreId\n parameter to identify the custom key store you want to edit. Use the remaining parameters to\n change the properties of the custom key store.
You can only update a custom key store that is disconnected. To disconnect the custom key\n store, use DisconnectCustomKeyStore. To reconnect the custom key store after\n the update completes, use ConnectCustomKeyStore. To find the connection\n state of a custom key store, use the DescribeCustomKeyStores\n operation.
\nThe CustomKeyStoreId parameter is required in all commands. Use the other\n parameters of UpdateCustomKeyStore to edit your key store settings.
Use the NewCustomKeyStoreName parameter to change the friendly name of\n the custom key store to the value that you specify.
\n
Use the KeyStorePassword parameter tell KMS the current password of the\n \n kmsuser crypto user (CU) in the associated CloudHSM cluster. You\n can use this parameter to fix connection\n failures that occur when KMS cannot log into the associated cluster because\n the kmsuser password has changed. This value does not change the password in\n the CloudHSM cluster.
\n
Use the CloudHsmClusterId parameter to associate the custom key store\n with a different, but related, CloudHSM cluster. You can use this parameter to repair a\n custom key store if its CloudHSM cluster becomes corrupted or is deleted, or when you need to\n create or restore a cluster from a backup.
If the operation succeeds, it returns a JSON object with no\nproperties.
\nThis operation is part of the Custom Key Store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.
\n\n Cross-account\n use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.
\n\n Required permissions: kms:UpdateCustomKeyStore (IAM policy)
\n\n Related operations:\n
\n\n CreateCustomKeyStore\n
\n\n DeleteCustomKeyStore\n
\nChanges the properties of a custom key store. Use the CustomKeyStoreId\n parameter to identify the custom key store you want to edit. Use the remaining parameters to\n change the properties of the custom key store.
You can only update a custom key store that is disconnected. To disconnect the custom key\n store, use DisconnectCustomKeyStore. To reconnect the custom key store after\n the update completes, use ConnectCustomKeyStore. To find the connection\n state of a custom key store, use the DescribeCustomKeyStores\n operation.
\nThe CustomKeyStoreId parameter is required in all commands. Use the other\n parameters of UpdateCustomKeyStore to edit your key store settings.
Use the NewCustomKeyStoreName parameter to change the friendly name of\n the custom key store to the value that you specify.
\n
Use the KeyStorePassword parameter tell KMS the current password of the\n \n kmsuser crypto user (CU) in the associated CloudHSM cluster. You\n can use this parameter to fix connection\n failures that occur when KMS cannot log into the associated cluster because\n the kmsuser password has changed. This value does not change the password in\n the CloudHSM cluster.
\n
Use the CloudHsmClusterId parameter to associate the custom key store\n with a different, but related, CloudHSM cluster. You can use this parameter to repair a\n custom key store if its CloudHSM cluster becomes corrupted or is deleted, or when you need to\n create or restore a cluster from a backup.
If the operation succeeds, it returns a JSON object with no\nproperties.
\nThis operation is part of the custom key store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.
\n\n Cross-account\n use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.
\n\n Required permissions: kms:UpdateCustomKeyStore (IAM policy)
\n\n Related operations:\n
\n\n CreateCustomKeyStore\n
\n\n DeleteCustomKeyStore\n
\nVerifies a digital signature that was generated by the Sign operation.
\n \nVerification confirms that an authorized user signed the message with the specified KMS\n key and signing algorithm, and the message hasn't changed since it was signed. If the\n signature is verified, the value of the SignatureValid field in the response is\n True. If the signature verification fails, the Verify operation\n fails with an KMSInvalidSignatureException exception.
A digital signature is generated by using the private key in an asymmetric KMS key. The\n signature is verified by using the public key in the same asymmetric KMS key.\n For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer Guide.
\nTo verify a digital signature, you can use the Verify operation. Specify the\n same asymmetric KMS key, message, and signing algorithm that were used to produce the\n signature.
You can also verify the digital signature by using the public key of the KMS key outside\n of KMS. Use the GetPublicKey operation to download the public key in the\n asymmetric KMS key and then use the public key to verify the signature outside of KMS. The\n advantage of using the Verify operation is that it is performed within KMS. As\n a result, it's easy to call, the operation is performed within the FIPS boundary, it is logged\n in CloudTrail, and you can use key policy and IAM policy to determine who is authorized to use\n the KMS key to verify signatures.
The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n\n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n Required permissions: kms:Verify (key policy)
\n\n Related operations: Sign\n
" + "smithy.api#documentation": "Verifies a digital signature that was generated by the Sign operation.
\n \nVerification confirms that an authorized user signed the message with the specified KMS\n key and signing algorithm, and the message hasn't changed since it was signed. If the\n signature is verified, the value of the SignatureValid field in the response is\n True. If the signature verification fails, the Verify operation\n fails with an KMSInvalidSignatureException exception.
A digital signature is generated by using the private key in an asymmetric KMS key. The\n signature is verified by using the public key in the same asymmetric KMS key.\n For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer Guide.
\nTo verify a digital signature, you can use the Verify operation. Specify the\n same asymmetric KMS key, message, and signing algorithm that were used to produce the\n signature.
You can also verify the digital signature by using the public key of the KMS key outside\n of KMS. Use the GetPublicKey operation to download the public key in the\n asymmetric KMS key and then use the public key to verify the signature outside of KMS. To \n verify a signature outside of KMS with an SM2 public key, you must specify the distinguishing \n ID. By default, KMS uses 1234567812345678 as the distinguishing ID. For more \n information, see Offline\n verification with SM2 key pairs in Key Management Service Developer Guide. The\n advantage of using the Verify operation is that it is performed within KMS. As\n a result, it's easy to call, the operation is performed within the FIPS boundary, it is logged\n in CloudTrail, and you can use key policy and IAM policy to determine who is authorized to use\n the KMS key to verify signatures.
The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n\n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n Required permissions: kms:Verify (key policy)
\n\n Related operations: Sign\n
" } }, "com.amazonaws.kms#VerifyMac": { diff --git a/codegen/sdk/aws-models/mediapackage.json b/codegen/sdk/aws-models/mediapackage.json index 10e3f4f106f..82d407dd8a7 100644 --- a/codegen/sdk/aws-models/mediapackage.json +++ b/codegen/sdk/aws-models/mediapackage.json @@ -948,6 +948,13 @@ "smithy.api#jsonName": "encryption" } }, + "IncludeIframeOnlyStream": { + "target": "com.amazonaws.mediapackage#__boolean", + "traits": { + "smithy.api#documentation": "When enabled, an I-Frame only stream will be included in the output.", + "smithy.api#jsonName": "includeIframeOnlyStream" + } + }, "ManifestLayout": { "target": "com.amazonaws.mediapackage#ManifestLayout", "traits": { @@ -2635,6 +2642,22 @@ { "value": "PRESET-AUDIO-1", "name": "PRESET_AUDIO_1" + }, + { + "value": "PRESET-AUDIO-2", + "name": "PRESET_AUDIO_2" + }, + { + "value": "PRESET-AUDIO-3", + "name": "PRESET_AUDIO_3" + }, + { + "value": "SHARED", + "name": "SHARED" + }, + { + "value": "UNENCRYPTED", + "name": "UNENCRYPTED" } ] } @@ -2646,6 +2669,42 @@ { "value": "PRESET-VIDEO-1", "name": "PRESET_VIDEO_1" + }, + { + "value": "PRESET-VIDEO-2", + "name": "PRESET_VIDEO_2" + }, + { + "value": "PRESET-VIDEO-3", + "name": "PRESET_VIDEO_3" + }, + { + "value": "PRESET-VIDEO-4", + "name": "PRESET_VIDEO_4" + }, + { + "value": "PRESET-VIDEO-5", + "name": "PRESET_VIDEO_5" + }, + { + "value": "PRESET-VIDEO-6", + "name": "PRESET_VIDEO_6" + }, + { + "value": "PRESET-VIDEO-7", + "name": "PRESET_VIDEO_7" + }, + { + "value": "PRESET-VIDEO-8", + "name": "PRESET_VIDEO_8" + }, + { + "value": "SHARED", + "name": "SHARED" + }, + { + "value": "UNENCRYPTED", + "name": "UNENCRYPTED" } ] } @@ -3082,6 +3141,9 @@ "input": { "target": "com.amazonaws.mediapackage#TagResourceRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "traits": { "smithy.api#http": { "method": "POST", @@ -3158,6 +3220,9 @@ "input": { "target": "com.amazonaws.mediapackage#UntagResourceRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "traits": { "smithy.api#http": { "method": "DELETE", diff --git a/codegen/sdk/aws-models/sagemaker-edge.json b/codegen/sdk/aws-models/sagemaker-edge.json index db65f81413b..1b015f170e4 100644 --- a/codegen/sdk/aws-models/sagemaker-edge.json +++ b/codegen/sdk/aws-models/sagemaker-edge.json @@ -31,15 +31,6 @@ "shapes": { "com.amazonaws.sagemakeredge#AmazonSageMakerEdge": { "type": "service", - "version": "2020-09-23", - "operations": [ - { - "target": "com.amazonaws.sagemakeredge#GetDeviceRegistration" - }, - { - "target": "com.amazonaws.sagemakeredge#SendHeartbeat" - } - ], "traits": { "aws.api#service": { "sdkId": "Sagemaker Edge", @@ -54,7 +45,19 @@ "aws.protocols#restJson1": {}, "smithy.api#documentation": "SageMaker Edge Manager dataplane service for communicating with active agents.
", "smithy.api#title": "Amazon Sagemaker Edge Manager" - } + }, + "version": "2020-09-23", + "operations": [ + { + "target": "com.amazonaws.sagemakeredge#GetDeployments" + }, + { + "target": "com.amazonaws.sagemakeredge#GetDeviceRegistration" + }, + { + "target": "com.amazonaws.sagemakeredge#SendHeartbeat" + } + ] }, "com.amazonaws.sagemakeredge#CacheTTLSeconds": { "type": "string", @@ -65,6 +68,217 @@ } } }, + "com.amazonaws.sagemakeredge#Checksum": { + "type": "structure", + "members": { + "Type": { + "target": "com.amazonaws.sagemakeredge#ChecksumType", + "traits": { + "smithy.api#documentation": "The type of the checksum.
" + } + }, + "Sum": { + "target": "com.amazonaws.sagemakeredge#ChecksumString", + "traits": { + "smithy.api#documentation": "The checksum of the model.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about the checksum of a model deployed on a device.
" + } + }, + "com.amazonaws.sagemakeredge#ChecksumString": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 63 + }, + "smithy.api#pattern": "^[a-z0-9](-*[a-z0-9])*$" + } + }, + "com.amazonaws.sagemakeredge#ChecksumType": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "SHA1", + "name": "Sha1" + } + ] + } + }, + "com.amazonaws.sagemakeredge#Definition": { + "type": "structure", + "members": { + "ModelHandle": { + "target": "com.amazonaws.sagemakeredge#EntityName", + "traits": { + "smithy.api#documentation": "The unique model handle.
" + } + }, + "S3Url": { + "target": "com.amazonaws.sagemakeredge#S3Uri", + "traits": { + "smithy.api#documentation": "The absolute S3 location of the model.
" + } + }, + "Checksum": { + "target": "com.amazonaws.sagemakeredge#Checksum", + "traits": { + "smithy.api#documentation": "The checksum information of the model.
" + } + }, + "State": { + "target": "com.amazonaws.sagemakeredge#ModelState", + "traits": { + "smithy.api#documentation": "The desired state of the model.
" + } + } + }, + "traits": { + "smithy.api#documentation": "" + } + }, + "com.amazonaws.sagemakeredge#Definitions": { + "type": "list", + "member": { + "target": "com.amazonaws.sagemakeredge#Definition" + } + }, + "com.amazonaws.sagemakeredge#DeploymentModel": { + "type": "structure", + "members": { + "ModelHandle": { + "target": "com.amazonaws.sagemakeredge#EntityName", + "traits": { + "smithy.api#documentation": "The unique handle of the model.
" + } + }, + "ModelName": { + "target": "com.amazonaws.sagemakeredge#ModelName", + "traits": { + "smithy.api#documentation": "The name of the model.
" + } + }, + "ModelVersion": { + "target": "com.amazonaws.sagemakeredge#Version", + "traits": { + "smithy.api#documentation": "The version of the model.
" + } + }, + "DesiredState": { + "target": "com.amazonaws.sagemakeredge#ModelState", + "traits": { + "smithy.api#documentation": "The desired state of the model.
" + } + }, + "State": { + "target": "com.amazonaws.sagemakeredge#ModelState", + "traits": { + "smithy.api#documentation": "Returns the current state of the model.
" + } + }, + "Status": { + "target": "com.amazonaws.sagemakeredge#DeploymentStatus", + "traits": { + "smithy.api#documentation": "Returns the deployment status of the model.
" + } + }, + "StatusReason": { + "target": "com.amazonaws.sagemakeredge#String", + "traits": { + "smithy.api#documentation": "Returns the error message for the deployment status result.
" + } + }, + "RollbackFailureReason": { + "target": "com.amazonaws.sagemakeredge#String", + "traits": { + "smithy.api#documentation": "Returns the error message if there is a rollback.
" + } + } + }, + "traits": { + "smithy.api#documentation": "" + } + }, + "com.amazonaws.sagemakeredge#DeploymentModels": { + "type": "list", + "member": { + "target": "com.amazonaws.sagemakeredge#DeploymentModel" + } + }, + "com.amazonaws.sagemakeredge#DeploymentResult": { + "type": "structure", + "members": { + "DeploymentName": { + "target": "com.amazonaws.sagemakeredge#EntityName", + "traits": { + "smithy.api#documentation": "The name and unique ID of the deployment.
" + } + }, + "DeploymentStatus": { + "target": "com.amazonaws.sagemakeredge#EntityName", + "traits": { + "smithy.api#documentation": "Returns the bucket error code.
" + } + }, + "DeploymentStatusMessage": { + "target": "com.amazonaws.sagemakeredge#String", + "traits": { + "smithy.api#documentation": "Returns the detailed error message.
" + } + }, + "DeploymentStartTime": { + "target": "com.amazonaws.sagemakeredge#Timestamp", + "traits": { + "smithy.api#documentation": "The timestamp of when the deployment was started on the agent.
" + } + }, + "DeploymentEndTime": { + "target": "com.amazonaws.sagemakeredge#Timestamp", + "traits": { + "smithy.api#documentation": "The timestamp of when the deployment was ended, and the agent got the deployment results.
" + } + }, + "DeploymentModels": { + "target": "com.amazonaws.sagemakeredge#DeploymentModels", + "traits": { + "smithy.api#documentation": "Returns a list of models deployed on the agent.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about the result of a deployment on an edge device that is registered with SageMaker Edge Manager.
" + } + }, + "com.amazonaws.sagemakeredge#DeploymentStatus": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "SUCCESS", + "name": "Success" + }, + { + "value": "FAIL", + "name": "Fail" + } + ] + } + }, + "com.amazonaws.sagemakeredge#DeploymentType": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "Model", + "name": "Model" + } + ] + } + }, "com.amazonaws.sagemakeredge#DeviceFleetName": { "type": "string", "traits": { @@ -104,6 +318,44 @@ "smithy.api#pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9\\/])*$" } }, + "com.amazonaws.sagemakeredge#EdgeDeployment": { + "type": "structure", + "members": { + "DeploymentName": { + "target": "com.amazonaws.sagemakeredge#EntityName", + "traits": { + "smithy.api#documentation": "The name and unique ID of the deployment.
" + } + }, + "Type": { + "target": "com.amazonaws.sagemakeredge#DeploymentType", + "traits": { + "smithy.api#documentation": "The type of the deployment.
" + } + }, + "FailureHandlingPolicy": { + "target": "com.amazonaws.sagemakeredge#FailureHandlingPolicy", + "traits": { + "smithy.api#documentation": "Determines whether to rollback to previous configuration if deployment fails.
" + } + }, + "Definitions": { + "target": "com.amazonaws.sagemakeredge#Definitions", + "traits": { + "smithy.api#documentation": "Returns a list of Definition objects.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about a deployment on an edge device that is registered with SageMaker Edge Manager.
" + } + }, + "com.amazonaws.sagemakeredge#EdgeDeployments": { + "type": "list", + "member": { + "target": "com.amazonaws.sagemakeredge#EdgeDeployment" + } + }, "com.amazonaws.sagemakeredge#EdgeMetric": { "type": "structure", "members": { @@ -142,9 +394,86 @@ "target": "com.amazonaws.sagemakeredge#EdgeMetric" } }, + "com.amazonaws.sagemakeredge#EntityName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 63 + }, + "smithy.api#pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9])*$" + } + }, "com.amazonaws.sagemakeredge#ErrorMessage": { "type": "string" }, + "com.amazonaws.sagemakeredge#FailureHandlingPolicy": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "ROLLBACK_ON_FAILURE", + "name": "RollbackOnFailure" + }, + { + "value": "DO_NOTHING", + "name": "DoNothing" + } + ] + } + }, + "com.amazonaws.sagemakeredge#GetDeployments": { + "type": "operation", + "input": { + "target": "com.amazonaws.sagemakeredge#GetDeploymentsRequest" + }, + "output": { + "target": "com.amazonaws.sagemakeredge#GetDeploymentsResult" + }, + "errors": [ + { + "target": "com.amazonaws.sagemakeredge#InternalServiceException" + } + ], + "traits": { + "smithy.api#documentation": "Use to get the active deployments from a device.
", + "smithy.api#http": { + "method": "POST", + "uri": "/GetDeployments", + "code": 200 + } + } + }, + "com.amazonaws.sagemakeredge#GetDeploymentsRequest": { + "type": "structure", + "members": { + "DeviceName": { + "target": "com.amazonaws.sagemakeredge#DeviceName", + "traits": { + "smithy.api#documentation": "The unique name of the device you want to get the configuration of active deployments from.
", + "smithy.api#required": {} + } + }, + "DeviceFleetName": { + "target": "com.amazonaws.sagemakeredge#DeviceFleetName", + "traits": { + "smithy.api#documentation": "The name of the fleet that the device belongs to.
", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.sagemakeredge#GetDeploymentsResult": { + "type": "structure", + "members": { + "Deployments": { + "target": "com.amazonaws.sagemakeredge#EdgeDeployments", + "traits": { + "smithy.api#documentation": "Returns a list of the configurations of the active deployments on the device.
" + } + } + } + }, "com.amazonaws.sagemakeredge#GetDeviceRegistration": { "type": "operation", "input": { @@ -211,7 +540,7 @@ } }, "traits": { - "smithy.api#documentation": "An internal failure occurred. Try your request again. If the problem \n persists, contact AWS customer support.
", + "smithy.api#documentation": "An internal failure occurred. Try your request again. If the problem \n persists, contact Amazon Web Services customer support.
", "smithy.api#error": "client" } }, @@ -273,17 +602,45 @@ "smithy.api#pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9])*$" } }, + "com.amazonaws.sagemakeredge#ModelState": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "DEPLOY", + "name": "Deploy" + }, + { + "value": "UNDEPLOY", + "name": "Undeploy" + } + ] + } + }, "com.amazonaws.sagemakeredge#Models": { "type": "list", "member": { "target": "com.amazonaws.sagemakeredge#Model" } }, + "com.amazonaws.sagemakeredge#S3Uri": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 1024 + }, + "smithy.api#pattern": "^s3://([^/]+)/?(.*)$" + } + }, "com.amazonaws.sagemakeredge#SendHeartbeat": { "type": "operation", "input": { "target": "com.amazonaws.sagemakeredge#SendHeartbeatRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.sagemakeredge#InternalServiceException" @@ -333,9 +690,18 @@ "smithy.api#documentation": "The name of the fleet that the device belongs to.
", "smithy.api#required": {} } + }, + "DeploymentResult": { + "target": "com.amazonaws.sagemakeredge#DeploymentResult", + "traits": { + "smithy.api#documentation": "Returns the result of a deployment on the device.
" + } } } }, + "com.amazonaws.sagemakeredge#String": { + "type": "string" + }, "com.amazonaws.sagemakeredge#Timestamp": { "type": "timestamp" }, @@ -349,7 +715,7 @@ "min": 1, "max": 64 }, - "smithy.api#pattern": "[a-zA-Z0-9\\ \\_\\.]+" + "smithy.api#pattern": "^[a-zA-Z0-9\\ \\_\\.]+$" } } } diff --git a/codegen/sdk/aws-models/sagemaker.json b/codegen/sdk/aws-models/sagemaker.json index 7af4bc8a128..b04e2a4f145 100644 --- a/codegen/sdk/aws-models/sagemaker.json +++ b/codegen/sdk/aws-models/sagemaker.json @@ -5360,6 +5360,109 @@ } } }, + "com.amazonaws.sagemaker#CreateEdgeDeploymentPlan": { + "type": "operation", + "input": { + "target": "com.amazonaws.sagemaker#CreateEdgeDeploymentPlanRequest" + }, + "output": { + "target": "com.amazonaws.sagemaker#CreateEdgeDeploymentPlanResponse" + }, + "errors": [ + { + "target": "com.amazonaws.sagemaker#ResourceLimitExceeded" + } + ], + "traits": { + "smithy.api#documentation": "Creates an edge deployment plan, consisting of multiple stages. Each stage may have a different deployment configuration and devices.
" + } + }, + "com.amazonaws.sagemaker#CreateEdgeDeploymentPlanRequest": { + "type": "structure", + "members": { + "EdgeDeploymentPlanName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the edge deployment plan.
", + "smithy.api#required": {} + } + }, + "ModelConfigs": { + "target": "com.amazonaws.sagemaker#EdgeDeploymentModelConfigs", + "traits": { + "smithy.api#documentation": "List of models associated with the edge deployment plan.
", + "smithy.api#required": {} + } + }, + "DeviceFleetName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The device fleet used for this edge deployment plan.
", + "smithy.api#required": {} + } + }, + "Stages": { + "target": "com.amazonaws.sagemaker#DeploymentStages", + "traits": { + "smithy.api#documentation": "List of stages of the edge deployment plan. The number of stages is limited to 10 per deployment.
" + } + }, + "Tags": { + "target": "com.amazonaws.sagemaker#TagList", + "traits": { + "smithy.api#documentation": "List of tags with which to tag the edge deployment plan.
" + } + } + } + }, + "com.amazonaws.sagemaker#CreateEdgeDeploymentPlanResponse": { + "type": "structure", + "members": { + "EdgeDeploymentPlanArn": { + "target": "com.amazonaws.sagemaker#EdgeDeploymentPlanArn", + "traits": { + "smithy.api#documentation": "The ARN of the edge deployment plan.
", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.sagemaker#CreateEdgeDeploymentStage": { + "type": "operation", + "input": { + "target": "com.amazonaws.sagemaker#CreateEdgeDeploymentStageRequest" + }, + "output": { + "target": "smithy.api#Unit" + }, + "errors": [ + { + "target": "com.amazonaws.sagemaker#ResourceLimitExceeded" + } + ], + "traits": { + "smithy.api#documentation": "Creates a new stage in an existing edge deployment plan.
" + } + }, + "com.amazonaws.sagemaker#CreateEdgeDeploymentStageRequest": { + "type": "structure", + "members": { + "EdgeDeploymentPlanName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the edge deployment plan.
", + "smithy.api#required": {} + } + }, + "Stages": { + "target": "com.amazonaws.sagemaker#DeploymentStages", + "traits": { + "smithy.api#documentation": "List of stages to be added to the edge deployment plan.
", + "smithy.api#required": {} + } + } + } + }, "com.amazonaws.sagemaker#CreateEdgePackagingJob": { "type": "operation", "input": { @@ -9142,6 +9245,71 @@ } } }, + "com.amazonaws.sagemaker#DeleteEdgeDeploymentPlan": { + "type": "operation", + "input": { + "target": "com.amazonaws.sagemaker#DeleteEdgeDeploymentPlanRequest" + }, + "output": { + "target": "smithy.api#Unit" + }, + "errors": [ + { + "target": "com.amazonaws.sagemaker#ResourceInUse" + } + ], + "traits": { + "smithy.api#documentation": "Deletes an edge deployment plan if (and only if) all the stages in the plan are inactive or there are no stages in the plan.
" + } + }, + "com.amazonaws.sagemaker#DeleteEdgeDeploymentPlanRequest": { + "type": "structure", + "members": { + "EdgeDeploymentPlanName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the edge deployment plan to delete.
", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.sagemaker#DeleteEdgeDeploymentStage": { + "type": "operation", + "input": { + "target": "com.amazonaws.sagemaker#DeleteEdgeDeploymentStageRequest" + }, + "output": { + "target": "smithy.api#Unit" + }, + "errors": [ + { + "target": "com.amazonaws.sagemaker#ResourceInUse" + } + ], + "traits": { + "smithy.api#documentation": "Delete a stage in an edge deployment plan if (and only if) the stage is inactive.
" + } + }, + "com.amazonaws.sagemaker#DeleteEdgeDeploymentStageRequest": { + "type": "structure", + "members": { + "EdgeDeploymentPlanName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the edge deployment plan from which the stage will be deleted.
", + "smithy.api#required": {} + } + }, + "StageName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the stage.
", + "smithy.api#required": {} + } + } + } + }, "com.amazonaws.sagemaker#DeleteEndpoint": { "type": "operation", "input": { @@ -10062,6 +10230,90 @@ "smithy.api#documentation": "The deployment configuration for an endpoint, which contains the desired deployment\n strategy and rollback configurations.
" } }, + "com.amazonaws.sagemaker#DeploymentStage": { + "type": "structure", + "members": { + "StageName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the stage.
", + "smithy.api#required": {} + } + }, + "DeviceSelectionConfig": { + "target": "com.amazonaws.sagemaker#DeviceSelectionConfig", + "traits": { + "smithy.api#documentation": "Configuration of the devices in the stage.
", + "smithy.api#required": {} + } + }, + "DeploymentConfig": { + "target": "com.amazonaws.sagemaker#EdgeDeploymentConfig", + "traits": { + "smithy.api#documentation": "Configuration of the deployment details.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information about a stage in an edge deployment plan.
" + } + }, + "com.amazonaws.sagemaker#DeploymentStageMaxResults": { + "type": "integer", + "traits": { + "smithy.api#range": { + "max": 10 + } + } + }, + "com.amazonaws.sagemaker#DeploymentStageStatusSummaries": { + "type": "list", + "member": { + "target": "com.amazonaws.sagemaker#DeploymentStageStatusSummary" + } + }, + "com.amazonaws.sagemaker#DeploymentStageStatusSummary": { + "type": "structure", + "members": { + "StageName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the stage.
", + "smithy.api#required": {} + } + }, + "DeviceSelectionConfig": { + "target": "com.amazonaws.sagemaker#DeviceSelectionConfig", + "traits": { + "smithy.api#documentation": "Configuration of the devices in the stage.
", + "smithy.api#required": {} + } + }, + "DeploymentConfig": { + "target": "com.amazonaws.sagemaker#EdgeDeploymentConfig", + "traits": { + "smithy.api#documentation": "Configuration of the deployment details.
", + "smithy.api#required": {} + } + }, + "DeploymentStatus": { + "target": "com.amazonaws.sagemaker#EdgeDeploymentStatus", + "traits": { + "smithy.api#documentation": "General status of the current state.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information summarizing the deployment stage results.
" + } + }, + "com.amazonaws.sagemaker#DeploymentStages": { + "type": "list", + "member": { + "target": "com.amazonaws.sagemaker#DeploymentStage" + } + }, "com.amazonaws.sagemaker#DeregisterDevices": { "type": "operation", "input": { @@ -11509,6 +11761,123 @@ } } }, + "com.amazonaws.sagemaker#DescribeEdgeDeploymentPlan": { + "type": "operation", + "input": { + "target": "com.amazonaws.sagemaker#DescribeEdgeDeploymentPlanRequest" + }, + "output": { + "target": "com.amazonaws.sagemaker#DescribeEdgeDeploymentPlanResponse" + }, + "errors": [ + { + "target": "com.amazonaws.sagemaker#ResourceNotFound" + } + ], + "traits": { + "smithy.api#documentation": "Describes an edge deployment plan with deployment status per stage.
" + } + }, + "com.amazonaws.sagemaker#DescribeEdgeDeploymentPlanRequest": { + "type": "structure", + "members": { + "EdgeDeploymentPlanName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the deployment plan to describe.
", + "smithy.api#required": {} + } + }, + "NextToken": { + "target": "com.amazonaws.sagemaker#NextToken", + "traits": { + "smithy.api#documentation": "If the edge deployment plan has enough stages to require tokening, then this is the response from the last list of stages returned.
" + } + }, + "MaxResults": { + "target": "com.amazonaws.sagemaker#DeploymentStageMaxResults", + "traits": { + "smithy.api#documentation": "The maximum number of results to select (50 by default).
" + } + } + } + }, + "com.amazonaws.sagemaker#DescribeEdgeDeploymentPlanResponse": { + "type": "structure", + "members": { + "EdgeDeploymentPlanArn": { + "target": "com.amazonaws.sagemaker#EdgeDeploymentPlanArn", + "traits": { + "smithy.api#documentation": "The ARN of edge deployment plan.
", + "smithy.api#required": {} + } + }, + "EdgeDeploymentPlanName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the edge deployment plan.
", + "smithy.api#required": {} + } + }, + "ModelConfigs": { + "target": "com.amazonaws.sagemaker#EdgeDeploymentModelConfigs", + "traits": { + "smithy.api#documentation": "List of models associated with the edge deployment plan.
", + "smithy.api#required": {} + } + }, + "DeviceFleetName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The device fleet used for this edge deployment plan.
", + "smithy.api#required": {} + } + }, + "EdgeDeploymentSuccess": { + "target": "com.amazonaws.sagemaker#Integer", + "traits": { + "smithy.api#documentation": "The number of edge devices with the successful deployment.
" + } + }, + "EdgeDeploymentPending": { + "target": "com.amazonaws.sagemaker#Integer", + "traits": { + "smithy.api#documentation": "The number of edge devices yet to pick up deployment, or in progress.
" + } + }, + "EdgeDeploymentFailed": { + "target": "com.amazonaws.sagemaker#Integer", + "traits": { + "smithy.api#documentation": "The number of edge devices that failed the deployment.
" + } + }, + "Stages": { + "target": "com.amazonaws.sagemaker#DeploymentStageStatusSummaries", + "traits": { + "smithy.api#documentation": "List of stages in the edge deployment plan.
", + "smithy.api#required": {} + } + }, + "NextToken": { + "target": "com.amazonaws.sagemaker#NextToken", + "traits": { + "smithy.api#documentation": "Token to use when calling the next set of stages in the edge deployment plan.
" + } + }, + "CreationTime": { + "target": "com.amazonaws.sagemaker#Timestamp", + "traits": { + "smithy.api#documentation": "The time when the edge deployment plan was created.
" + } + }, + "LastModifiedTime": { + "target": "com.amazonaws.sagemaker#Timestamp", + "traits": { + "smithy.api#documentation": "The time when the edge deployment plan was last updated.
" + } + } + } + }, "com.amazonaws.sagemaker#DescribeEdgePackagingJob": { "type": "operation", "input": { @@ -15950,6 +16319,122 @@ "smithy.api#pattern": "^arn:aws[a-z\\-]*:[a-z\\-]*:[a-z\\-]*:\\d{12}:[a-z\\-]*/?[a-zA-Z_0-9+=,.@\\-_/]+$" } }, + "com.amazonaws.sagemaker#DeviceDeploymentStatus": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "READYTODEPLOY", + "name": "ReadyToDeploy" + }, + { + "value": "INPROGRESS", + "name": "InProgress" + }, + { + "value": "DEPLOYED", + "name": "Deployed" + }, + { + "value": "FAILED", + "name": "Failed" + }, + { + "value": "STOPPING", + "name": "Stopping" + }, + { + "value": "STOPPED", + "name": "Stopped" + } + ] + } + }, + "com.amazonaws.sagemaker#DeviceDeploymentSummaries": { + "type": "list", + "member": { + "target": "com.amazonaws.sagemaker#DeviceDeploymentSummary" + } + }, + "com.amazonaws.sagemaker#DeviceDeploymentSummary": { + "type": "structure", + "members": { + "EdgeDeploymentPlanArn": { + "target": "com.amazonaws.sagemaker#EdgeDeploymentPlanArn", + "traits": { + "smithy.api#documentation": "The ARN of the edge deployment plan.
", + "smithy.api#required": {} + } + }, + "EdgeDeploymentPlanName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the edge deployment plan.
", + "smithy.api#required": {} + } + }, + "StageName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the stage in the edge deployment plan.
", + "smithy.api#required": {} + } + }, + "DeployedStageName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the deployed stage.
" + } + }, + "DeviceFleetName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the fleet to which the device belongs to.
" + } + }, + "DeviceName": { + "target": "com.amazonaws.sagemaker#DeviceName", + "traits": { + "smithy.api#documentation": "The name of the device.
", + "smithy.api#required": {} + } + }, + "DeviceArn": { + "target": "com.amazonaws.sagemaker#DeviceArn", + "traits": { + "smithy.api#documentation": "The ARN of the device.
", + "smithy.api#required": {} + } + }, + "DeviceDeploymentStatus": { + "target": "com.amazonaws.sagemaker#DeviceDeploymentStatus", + "traits": { + "smithy.api#documentation": "The deployment status of the device.
" + } + }, + "DeviceDeploymentStatusMessage": { + "target": "com.amazonaws.sagemaker#String", + "traits": { + "smithy.api#documentation": "The detailed error message for the deployoment status result.
" + } + }, + "Description": { + "target": "com.amazonaws.sagemaker#DeviceDescription", + "traits": { + "smithy.api#documentation": "The description of the device.
" + } + }, + "DeploymentStartTime": { + "target": "com.amazonaws.sagemaker#Timestamp", + "traits": { + "smithy.api#documentation": "The time when the deployment on the device started.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information summarizing device details and deployment status.
" + } + }, "com.amazonaws.sagemaker#DeviceDescription": { "type": "string", "traits": { @@ -16032,6 +16517,39 @@ "target": "com.amazonaws.sagemaker#DeviceName" } }, + "com.amazonaws.sagemaker#DeviceSelectionConfig": { + "type": "structure", + "members": { + "DeviceSubsetType": { + "target": "com.amazonaws.sagemaker#DeviceSubsetType", + "traits": { + "smithy.api#documentation": "Type of device subsets to deploy to the current stage.
", + "smithy.api#required": {} + } + }, + "Percentage": { + "target": "com.amazonaws.sagemaker#Percentage", + "traits": { + "smithy.api#documentation": "Percentage of devices in the fleet to deploy to the current stage.
" + } + }, + "DeviceNames": { + "target": "com.amazonaws.sagemaker#DeviceNames", + "traits": { + "smithy.api#documentation": "List of devices chosen to deploy.
" + } + }, + "DeviceNameContains": { + "target": "com.amazonaws.sagemaker#DeviceName", + "traits": { + "smithy.api#documentation": "A filter to select devices with names containing this name.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information about the configurations of selected devices.
" + } + }, "com.amazonaws.sagemaker#DeviceStats": { "type": "structure", "members": { @@ -16054,6 +16572,25 @@ "smithy.api#documentation": "Status of devices.
" } }, + "com.amazonaws.sagemaker#DeviceSubsetType": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "PERCENTAGE", + "name": "Percentage" + }, + { + "value": "SELECTION", + "name": "Selection" + }, + { + "value": "NAMECONTAINS", + "name": "NameContains" + } + ] + } + }, "com.amazonaws.sagemaker#DeviceSummaries": { "type": "list", "member": { @@ -16619,6 +17156,175 @@ "smithy.api#documentation": "A directed edge connecting two lineage entities.
" } }, + "com.amazonaws.sagemaker#EdgeDeploymentConfig": { + "type": "structure", + "members": { + "FailureHandlingPolicy": { + "target": "com.amazonaws.sagemaker#FailureHandlingPolicy", + "traits": { + "smithy.api#documentation": "Toggle that determines whether to rollback to previous configuration if the current deployment fails.\n By default this is turned on. You may turn this off if you want to investigate the errors yourself.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information about the configuration of a deployment.
" + } + }, + "com.amazonaws.sagemaker#EdgeDeploymentModelConfig": { + "type": "structure", + "members": { + "ModelHandle": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name the device application uses to reference this model.
", + "smithy.api#required": {} + } + }, + "EdgePackagingJobName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The edge packaging job associated with this deployment.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information about the configuration of a model in a deployment.
" + } + }, + "com.amazonaws.sagemaker#EdgeDeploymentModelConfigs": { + "type": "list", + "member": { + "target": "com.amazonaws.sagemaker#EdgeDeploymentModelConfig" + } + }, + "com.amazonaws.sagemaker#EdgeDeploymentPlanArn": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 20, + "max": 2048 + }, + "smithy.api#pattern": "^arn:aws[a-z\\-]*:sagemaker:[a-z\\-]*:\\d{12}:edge-deployment/?[a-zA-Z_0-9+=,.@\\-_/]+$" + } + }, + "com.amazonaws.sagemaker#EdgeDeploymentPlanSummaries": { + "type": "list", + "member": { + "target": "com.amazonaws.sagemaker#EdgeDeploymentPlanSummary" + } + }, + "com.amazonaws.sagemaker#EdgeDeploymentPlanSummary": { + "type": "structure", + "members": { + "EdgeDeploymentPlanArn": { + "target": "com.amazonaws.sagemaker#EdgeDeploymentPlanArn", + "traits": { + "smithy.api#documentation": "The ARN of the edge deployment plan.
", + "smithy.api#required": {} + } + }, + "EdgeDeploymentPlanName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the edge deployment plan.
", + "smithy.api#required": {} + } + }, + "DeviceFleetName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the device fleet used for the deployment.
", + "smithy.api#required": {} + } + }, + "EdgeDeploymentSuccess": { + "target": "com.amazonaws.sagemaker#Integer", + "traits": { + "smithy.api#documentation": "The number of edge devices with the successful deployment.
", + "smithy.api#required": {} + } + }, + "EdgeDeploymentPending": { + "target": "com.amazonaws.sagemaker#Integer", + "traits": { + "smithy.api#documentation": "The number of edge devices yet to pick up the deployment, or in progress.
", + "smithy.api#required": {} + } + }, + "EdgeDeploymentFailed": { + "target": "com.amazonaws.sagemaker#Integer", + "traits": { + "smithy.api#documentation": "The number of edge devices that failed the deployment.
", + "smithy.api#required": {} + } + }, + "CreationTime": { + "target": "com.amazonaws.sagemaker#Timestamp", + "traits": { + "smithy.api#documentation": "The time when the edge deployment plan was created.
" + } + }, + "LastModifiedTime": { + "target": "com.amazonaws.sagemaker#Timestamp", + "traits": { + "smithy.api#documentation": "The time when the edge deployment plan was last updated.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information summarizing an edge deployment plan.
" + } + }, + "com.amazonaws.sagemaker#EdgeDeploymentStatus": { + "type": "structure", + "members": { + "StageStatus": { + "target": "com.amazonaws.sagemaker#StageStatus", + "traits": { + "smithy.api#documentation": "The general status of the current stage.
", + "smithy.api#required": {} + } + }, + "EdgeDeploymentSuccessInStage": { + "target": "com.amazonaws.sagemaker#Integer", + "traits": { + "smithy.api#documentation": "The number of edge devices with the successful deployment in the current stage.
", + "smithy.api#required": {} + } + }, + "EdgeDeploymentPendingInStage": { + "target": "com.amazonaws.sagemaker#Integer", + "traits": { + "smithy.api#documentation": "The number of edge devices yet to pick up the deployment in current stage, or in progress.
", + "smithy.api#required": {} + } + }, + "EdgeDeploymentFailedInStage": { + "target": "com.amazonaws.sagemaker#Integer", + "traits": { + "smithy.api#documentation": "The number of edge devices that failed the deployment in current stage.
", + "smithy.api#required": {} + } + }, + "EdgeDeploymentStatusMessage": { + "target": "com.amazonaws.sagemaker#String", + "traits": { + "smithy.api#documentation": "A detailed message about deployment status in current stage.
" + } + }, + "EdgeDeploymentStageStartTime": { + "target": "com.amazonaws.sagemaker#Timestamp", + "traits": { + "smithy.api#documentation": "The time when the deployment API started.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information summarizing the deployment stage results.
" + } + }, "com.amazonaws.sagemaker#EdgeModel": { "type": "structure", "members": { @@ -17851,6 +18557,21 @@ "smithy.api#documentation": "The container for the metadata for Fail step.
" } }, + "com.amazonaws.sagemaker#FailureHandlingPolicy": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "ROLLBACK_ON_FAILURE", + "name": "RollbackOnFailure" + }, + { + "value": "DO_NOTHING", + "name": "DoNothing" + } + ] + } + }, "com.amazonaws.sagemaker#FailureReason": { "type": "string", "traits": { @@ -23491,6 +24212,131 @@ } } }, + "com.amazonaws.sagemaker#ListEdgeDeploymentPlans": { + "type": "operation", + "input": { + "target": "com.amazonaws.sagemaker#ListEdgeDeploymentPlansRequest" + }, + "output": { + "target": "com.amazonaws.sagemaker#ListEdgeDeploymentPlansResponse" + }, + "traits": { + "smithy.api#documentation": "Lists all edge deployment plans.
", + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "items": "EdgeDeploymentPlanSummaries", + "pageSize": "MaxResults" + } + } + }, + "com.amazonaws.sagemaker#ListEdgeDeploymentPlansRequest": { + "type": "structure", + "members": { + "NextToken": { + "target": "com.amazonaws.sagemaker#NextToken", + "traits": { + "smithy.api#documentation": "The response from the last list when returning a list large enough to need tokening.
" + } + }, + "MaxResults": { + "target": "com.amazonaws.sagemaker#ListMaxResults", + "traits": { + "smithy.api#box": {}, + "smithy.api#documentation": "The maximum number of results to select (50 by default).
" + } + }, + "CreationTimeAfter": { + "target": "com.amazonaws.sagemaker#Timestamp", + "traits": { + "smithy.api#documentation": "Selects edge deployment plans created after this time.
" + } + }, + "CreationTimeBefore": { + "target": "com.amazonaws.sagemaker#Timestamp", + "traits": { + "smithy.api#documentation": "Selects edge deployment plans created before this time.
" + } + }, + "LastModifiedTimeAfter": { + "target": "com.amazonaws.sagemaker#Timestamp", + "traits": { + "smithy.api#documentation": "Selects edge deployment plans that were last updated after this time.
" + } + }, + "LastModifiedTimeBefore": { + "target": "com.amazonaws.sagemaker#Timestamp", + "traits": { + "smithy.api#documentation": "Selects edge deployment plans that were last updated before this time.
" + } + }, + "NameContains": { + "target": "com.amazonaws.sagemaker#NameContains", + "traits": { + "smithy.api#documentation": "Selects edge deployment plans with names containing this name.
" + } + }, + "DeviceFleetNameContains": { + "target": "com.amazonaws.sagemaker#NameContains", + "traits": { + "smithy.api#documentation": "Selects edge deployment plans with a device fleet name containing this name.
" + } + }, + "SortBy": { + "target": "com.amazonaws.sagemaker#ListEdgeDeploymentPlansSortBy", + "traits": { + "smithy.api#documentation": "The column by which to sort the edge deployment plans. Can be one of NAME, DEVICEFLEETNAME, CREATIONTIME, LASTMODIFIEDTIME.
The direction of the sorting (ascending or descending).
" + } + } + } + }, + "com.amazonaws.sagemaker#ListEdgeDeploymentPlansResponse": { + "type": "structure", + "members": { + "EdgeDeploymentPlanSummaries": { + "target": "com.amazonaws.sagemaker#EdgeDeploymentPlanSummaries", + "traits": { + "smithy.api#documentation": "List of summaries of edge deployment plans.
", + "smithy.api#required": {} + } + }, + "NextToken": { + "target": "com.amazonaws.sagemaker#NextToken", + "traits": { + "smithy.api#documentation": "The token to use when calling the next page of results.
" + } + } + } + }, + "com.amazonaws.sagemaker#ListEdgeDeploymentPlansSortBy": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "NAME", + "name": "Name" + }, + { + "value": "DEVICE_FLEET_NAME", + "name": "DeviceFleetName" + }, + { + "value": "CREATION_TIME", + "name": "CreationTime" + }, + { + "value": "LAST_MODIFIED_TIME", + "name": "LastModifiedTime" + } + ] + } + }, "com.amazonaws.sagemaker#ListEdgePackagingJobs": { "type": "operation", "input": { @@ -26374,6 +27220,80 @@ } } }, + "com.amazonaws.sagemaker#ListStageDevices": { + "type": "operation", + "input": { + "target": "com.amazonaws.sagemaker#ListStageDevicesRequest" + }, + "output": { + "target": "com.amazonaws.sagemaker#ListStageDevicesResponse" + }, + "traits": { + "smithy.api#documentation": "Lists devices allocated to the stage, containing detailed device information and deployment status.
", + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "items": "DeviceDeploymentSummaries", + "pageSize": "MaxResults" + } + } + }, + "com.amazonaws.sagemaker#ListStageDevicesRequest": { + "type": "structure", + "members": { + "NextToken": { + "target": "com.amazonaws.sagemaker#NextToken", + "traits": { + "smithy.api#documentation": "The response from the last list when returning a list large enough to neeed tokening.
" + } + }, + "MaxResults": { + "target": "com.amazonaws.sagemaker#ListMaxResults", + "traits": { + "smithy.api#box": {}, + "smithy.api#documentation": "The maximum number of requests to select.
" + } + }, + "EdgeDeploymentPlanName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the edge deployment plan.
", + "smithy.api#required": {} + } + }, + "ExcludeDevicesDeployedInOtherStage": { + "target": "com.amazonaws.sagemaker#Boolean", + "traits": { + "smithy.api#documentation": "Toggle for excluding devices deployed in other stages.
" + } + }, + "StageName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the stage in the deployment.
", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.sagemaker#ListStageDevicesResponse": { + "type": "structure", + "members": { + "DeviceDeploymentSummaries": { + "target": "com.amazonaws.sagemaker#DeviceDeploymentSummaries", + "traits": { + "smithy.api#documentation": "List of summaries of devices allocated to the stage.
", + "smithy.api#required": {} + } + }, + "NextToken": { + "target": "com.amazonaws.sagemaker#NextToken", + "traits": { + "smithy.api#documentation": "The token to use when calling the next page of results.
" + } + } + } + }, "com.amazonaws.sagemaker#ListStudioLifecycleConfigs": { "type": "operation", "input": { @@ -31395,6 +32315,14 @@ } } }, + "com.amazonaws.sagemaker#Percentage": { + "type": "integer", + "traits": { + "smithy.api#range": { + "max": 100 + } + } + }, "com.amazonaws.sagemaker#Phase": { "type": "structure", "members": { @@ -34326,8 +35254,7 @@ "StartArns": { "target": "com.amazonaws.sagemaker#QueryLineageStartArns", "traits": { - "smithy.api#documentation": "A list of resource Amazon Resource Name (ARN) that represent the starting point for your lineage query.
", - "smithy.api#required": {} + "smithy.api#documentation": "A list of resource Amazon Resource Name (ARN) that represent the starting point for your lineage query.
" } }, "Direction": { @@ -34398,7 +35325,7 @@ }, "traits": { "smithy.api#length": { - "min": 1, + "min": 0, "max": 1 } } @@ -35788,6 +36715,12 @@ { "target": "com.amazonaws.sagemaker#CreateDomain" }, + { + "target": "com.amazonaws.sagemaker#CreateEdgeDeploymentPlan" + }, + { + "target": "com.amazonaws.sagemaker#CreateEdgeDeploymentStage" + }, { "target": "com.amazonaws.sagemaker#CreateEdgePackagingJob" }, @@ -35923,6 +36856,12 @@ { "target": "com.amazonaws.sagemaker#DeleteDomain" }, + { + "target": "com.amazonaws.sagemaker#DeleteEdgeDeploymentPlan" + }, + { + "target": "com.amazonaws.sagemaker#DeleteEdgeDeploymentStage" + }, { "target": "com.amazonaws.sagemaker#DeleteEndpoint" }, @@ -36046,6 +36985,9 @@ { "target": "com.amazonaws.sagemaker#DescribeDomain" }, + { + "target": "com.amazonaws.sagemaker#DescribeEdgeDeploymentPlan" + }, { "target": "com.amazonaws.sagemaker#DescribeEdgePackagingJob" }, @@ -36226,6 +37168,9 @@ { "target": "com.amazonaws.sagemaker#ListDomains" }, + { + "target": "com.amazonaws.sagemaker#ListEdgeDeploymentPlans" + }, { "target": "com.amazonaws.sagemaker#ListEdgePackagingJobs" }, @@ -36319,6 +37264,9 @@ { "target": "com.amazonaws.sagemaker#ListProjects" }, + { + "target": "com.amazonaws.sagemaker#ListStageDevices" + }, { "target": "com.amazonaws.sagemaker#ListStudioLifecycleConfigs" }, @@ -36376,6 +37324,9 @@ { "target": "com.amazonaws.sagemaker#SendPipelineExecutionStepSuccess" }, + { + "target": "com.amazonaws.sagemaker#StartEdgeDeploymentStage" + }, { "target": "com.amazonaws.sagemaker#StartMonitoringSchedule" }, @@ -36391,6 +37342,9 @@ { "target": "com.amazonaws.sagemaker#StopCompilationJob" }, + { + "target": "com.amazonaws.sagemaker#StopEdgeDeploymentStage" + }, { "target": "com.amazonaws.sagemaker#StopEdgePackagingJob" }, @@ -37515,6 +38469,76 @@ ] } }, + "com.amazonaws.sagemaker#StageStatus": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "CREATING", + "name": "Creating" + }, + { + "value": "READYTODEPLOY", + "name": "ReadyToDeploy" + }, + { + "value": "STARTING", + "name": "Starting" + }, + { + "value": "INPROGRESS", + "name": "InProgress" + }, + { + "value": "DEPLOYED", + "name": "Deployed" + }, + { + "value": "FAILED", + "name": "Failed" + }, + { + "value": "STOPPING", + "name": "Stopping" + }, + { + "value": "STOPPED", + "name": "Stopped" + } + ] + } + }, + "com.amazonaws.sagemaker#StartEdgeDeploymentStage": { + "type": "operation", + "input": { + "target": "com.amazonaws.sagemaker#StartEdgeDeploymentStageRequest" + }, + "output": { + "target": "smithy.api#Unit" + }, + "traits": { + "smithy.api#documentation": "Starts a stage in an edge deployment plan.
" + } + }, + "com.amazonaws.sagemaker#StartEdgeDeploymentStageRequest": { + "type": "structure", + "members": { + "EdgeDeploymentPlanName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the edge deployment plan to start.
", + "smithy.api#required": {} + } + }, + "StageName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the stage to start.
", + "smithy.api#required": {} + } + } + } + }, "com.amazonaws.sagemaker#StartMonitoringSchedule": { "type": "operation", "input": { @@ -37780,6 +38804,37 @@ } } }, + "com.amazonaws.sagemaker#StopEdgeDeploymentStage": { + "type": "operation", + "input": { + "target": "com.amazonaws.sagemaker#StopEdgeDeploymentStageRequest" + }, + "output": { + "target": "smithy.api#Unit" + }, + "traits": { + "smithy.api#documentation": "Stops a stage in an edge deployment plan.
" + } + }, + "com.amazonaws.sagemaker#StopEdgeDeploymentStageRequest": { + "type": "structure", + "members": { + "EdgeDeploymentPlanName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the edge deployment plan to stop.
", + "smithy.api#required": {} + } + }, + "StageName": { + "target": "com.amazonaws.sagemaker#EntityName", + "traits": { + "smithy.api#documentation": "The name of the stage to stop.
", + "smithy.api#required": {} + } + } + } + }, "com.amazonaws.sagemaker#StopEdgePackagingJob": { "type": "operation", "input": { diff --git a/codegen/sdk/aws-models/sso-admin.json b/codegen/sdk/aws-models/sso-admin.json index 01cd4f3158a..46f653e96fe 100644 --- a/codegen/sdk/aws-models/sso-admin.json +++ b/codegen/sdk/aws-models/sso-admin.json @@ -85,7 +85,7 @@ } }, "traits": { - "smithy.api#documentation": "The value used for mapping a specified attribute to an identity source.
" + "smithy.api#documentation": "The value used for mapping a specified attribute to an identity source. For more information, see Attribute mappings in the Amazon Web Services Single Sign-On User Guide.
" } }, "com.amazonaws.ssoadmin#AccessControlAttributeValueSource": { @@ -261,6 +261,10 @@ "com.amazonaws.ssoadmin#AccountId": { "type": "string", "traits": { + "smithy.api#length": { + "min": 12, + "max": 12 + }, "smithy.api#pattern": "^\\d{12}$" } }, @@ -270,6 +274,71 @@ "target": "com.amazonaws.ssoadmin#AccountId" } }, + "com.amazonaws.ssoadmin#AttachCustomerManagedPolicyReferenceToPermissionSet": { + "type": "operation", + "input": { + "target": "com.amazonaws.ssoadmin#AttachCustomerManagedPolicyReferenceToPermissionSetRequest" + }, + "output": { + "target": "com.amazonaws.ssoadmin#AttachCustomerManagedPolicyReferenceToPermissionSetResponse" + }, + "errors": [ + { + "target": "com.amazonaws.ssoadmin#AccessDeniedException" + }, + { + "target": "com.amazonaws.ssoadmin#ConflictException" + }, + { + "target": "com.amazonaws.ssoadmin#InternalServerException" + }, + { + "target": "com.amazonaws.ssoadmin#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.ssoadmin#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.ssoadmin#ThrottlingException" + }, + { + "target": "com.amazonaws.ssoadmin#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Attaches the specified IAM customer managed policy to the specified PermissionSet.
" + } + }, + "com.amazonaws.ssoadmin#AttachCustomerManagedPolicyReferenceToPermissionSetRequest": { + "type": "structure", + "members": { + "InstanceArn": { + "target": "com.amazonaws.ssoadmin#InstanceArn", + "traits": { + "smithy.api#documentation": "The ARN of the SSO instance under which the operation will be executed.
", + "smithy.api#required": {} + } + }, + "PermissionSetArn": { + "target": "com.amazonaws.ssoadmin#PermissionSetArn", + "traits": { + "smithy.api#documentation": "The ARN of the PermissionSet.
Specifies the name and path of the IAM customer managed policy. You must have an IAM policy that matches the name and path in each Amazon Web Services account where you want to deploy your permission set.
", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.ssoadmin#AttachCustomerManagedPolicyReferenceToPermissionSetResponse": { + "type": "structure", + "members": {} + }, "com.amazonaws.ssoadmin#AttachManagedPolicyToPermissionSet": { "type": "operation", "input": { @@ -302,7 +371,7 @@ } ], "traits": { - "smithy.api#documentation": "Attaches an IAM managed policy ARN to a permission set.
\nIf the permission set is already referenced by one or more account assignments, you will\n need to call \n ProvisionPermissionSet\n after this operation.\n Calling ProvisionPermissionSet applies the corresponding IAM policy updates to\n all assigned accounts.
Attaches an Amazon Web Services managed IAM policy ARN to a permission set.
\nIf the permission set is already referenced by one or more account assignments, you will\n need to call \n ProvisionPermissionSet\n after this operation.\n Calling ProvisionPermissionSet applies the corresponding IAM policy updates to\n all assigned accounts.
The IAM managed policy ARN to be attached to a permission set.
", + "smithy.api#documentation": "The Amazon Web Services managed policy ARN to be attached to a permission set.
", "smithy.api#required": {} } } @@ -341,18 +410,18 @@ "Name": { "target": "com.amazonaws.ssoadmin#Name", "traits": { - "smithy.api#documentation": "The name of the IAM managed policy.
" + "smithy.api#documentation": "The name of the Amazon Web Services managed IAM policy.
" } }, "Arn": { "target": "com.amazonaws.ssoadmin#ManagedPolicyArn", "traits": { - "smithy.api#documentation": "The ARN of the IAM managed policy. For more information about ARNs, see Amazon Resource\nNames (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
" + "smithy.api#documentation": "The ARN of the Amazon Web Services managed IAM policy. For more information about ARNs, see Amazon Resource\nNames (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
" } } }, "traits": { - "smithy.api#documentation": "A structure that stores the details of the IAM managed policy.
" + "smithy.api#documentation": "A structure that stores the details of the Amazon Web Services managed IAM policy.
" } }, "com.amazonaws.ssoadmin#AttachedManagedPolicyList": { @@ -614,6 +683,33 @@ } } }, + "com.amazonaws.ssoadmin#CustomerManagedPolicyReference": { + "type": "structure", + "members": { + "Name": { + "target": "com.amazonaws.ssoadmin#ManagedPolicyName", + "traits": { + "smithy.api#documentation": "The name of the policy document.
", + "smithy.api#required": {} + } + }, + "Path": { + "target": "com.amazonaws.ssoadmin#ManagedPolicyPath", + "traits": { + "smithy.api#documentation": "The path for the policy. The default is /. For more information, see Friendly names and paths in the Identity and Access Management user guide.
Specifies the name and path of the IAM customer managed policy. You must have an IAM policy that matches the name and path in each Amazon Web Services account where you want to deploy your permission set.
" + } + }, + "com.amazonaws.ssoadmin#CustomerManagedPolicyReferenceList": { + "type": "list", + "member": { + "target": "com.amazonaws.ssoadmin#CustomerManagedPolicyReference" + } + }, "com.amazonaws.ssoadmin#Date": { "type": "timestamp" }, @@ -865,6 +961,58 @@ "type": "structure", "members": {} }, + "com.amazonaws.ssoadmin#DeletePermissionsBoundaryFromPermissionSet": { + "type": "operation", + "input": { + "target": "com.amazonaws.ssoadmin#DeletePermissionsBoundaryFromPermissionSetRequest" + }, + "output": { + "target": "com.amazonaws.ssoadmin#DeletePermissionsBoundaryFromPermissionSetResponse" + }, + "errors": [ + { + "target": "com.amazonaws.ssoadmin#AccessDeniedException" + }, + { + "target": "com.amazonaws.ssoadmin#InternalServerException" + }, + { + "target": "com.amazonaws.ssoadmin#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.ssoadmin#ThrottlingException" + }, + { + "target": "com.amazonaws.ssoadmin#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Deletes the permissions boundary from a specified PermissionSet.
" + } + }, + "com.amazonaws.ssoadmin#DeletePermissionsBoundaryFromPermissionSetRequest": { + "type": "structure", + "members": { + "InstanceArn": { + "target": "com.amazonaws.ssoadmin#InstanceArn", + "traits": { + "smithy.api#documentation": "The ARN of the SSO instance under which the operation will be executed.
", + "smithy.api#required": {} + } + }, + "PermissionSetArn": { + "target": "com.amazonaws.ssoadmin#PermissionSetArn", + "traits": { + "smithy.api#documentation": "The ARN of the PermissionSet.
Detaches the specified IAM customer managed policy from the specified PermissionSet.
" + } + }, + "com.amazonaws.ssoadmin#DetachCustomerManagedPolicyReferenceFromPermissionSetRequest": { + "type": "structure", + "members": { + "InstanceArn": { + "target": "com.amazonaws.ssoadmin#InstanceArn", + "traits": { + "smithy.api#documentation": "The ARN of the SSO instance under which the operation will be executed.
", + "smithy.api#required": {} + } + }, + "PermissionSetArn": { + "target": "com.amazonaws.ssoadmin#PermissionSetArn", + "traits": { + "smithy.api#documentation": "The ARN of the PermissionSet.
Specifies the name and path of the IAM customer managed policy. You must have an IAM policy that matches the name and path in each Amazon Web Services account where you want to deploy your permission set.
", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.ssoadmin#DetachCustomerManagedPolicyReferenceFromPermissionSetResponse": { + "type": "structure", + "members": {} + }, "com.amazonaws.ssoadmin#DetachManagedPolicyFromPermissionSet": { "type": "operation", "input": { @@ -1194,7 +1404,7 @@ } ], "traits": { - "smithy.api#documentation": "Detaches the attached IAM managed policy ARN from the specified permission set.
" + "smithy.api#documentation": "Detaches the attached Amazon Web Services managed IAM policy ARN from the specified permission set.
" } }, "com.amazonaws.ssoadmin#DetachManagedPolicyFromPermissionSetRequest": { @@ -1217,7 +1427,7 @@ "ManagedPolicyArn": { "target": "com.amazonaws.ssoadmin#ManagedPolicyArn", "traits": { - "smithy.api#documentation": "The IAM managed policy ARN to be attached to a permission set.
", + "smithy.api#documentation": "The Amazon Web Services managed policy ARN to be detached from a permission set.
", "smithy.api#required": {} } } @@ -1237,16 +1447,6 @@ "smithy.api#pattern": "^(-?)P(?=\\d|T\\d)(?:(\\d+)Y)?(?:(\\d+)M)?(?:(\\d+)([DW]))?(?:T(?:(\\d+)H)?(?:(\\d+)M)?(?:(\\d+(?:\\.\\d+)?)S)?)?$" } }, - "com.amazonaws.ssoadmin#GeneralArn": { - "type": "string", - "traits": { - "smithy.api#length": { - "min": 10, - "max": 2048 - }, - "smithy.api#pattern": "^arn:aws:sso:([a-zA-Z0-9-]+)?:(\\d{12})?:[a-zA-Z0-9-]+/[a-zA-Z0-9-/.]+$" - } - }, "com.amazonaws.ssoadmin#GetInlinePolicyForPermissionSet": { "type": "operation", "input": { @@ -1306,6 +1506,65 @@ } } }, + "com.amazonaws.ssoadmin#GetPermissionsBoundaryForPermissionSet": { + "type": "operation", + "input": { + "target": "com.amazonaws.ssoadmin#GetPermissionsBoundaryForPermissionSetRequest" + }, + "output": { + "target": "com.amazonaws.ssoadmin#GetPermissionsBoundaryForPermissionSetResponse" + }, + "errors": [ + { + "target": "com.amazonaws.ssoadmin#AccessDeniedException" + }, + { + "target": "com.amazonaws.ssoadmin#InternalServerException" + }, + { + "target": "com.amazonaws.ssoadmin#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.ssoadmin#ThrottlingException" + }, + { + "target": "com.amazonaws.ssoadmin#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Obtains the permissions boundary for a specified PermissionSet.
" + } + }, + "com.amazonaws.ssoadmin#GetPermissionsBoundaryForPermissionSetRequest": { + "type": "structure", + "members": { + "InstanceArn": { + "target": "com.amazonaws.ssoadmin#InstanceArn", + "traits": { + "smithy.api#documentation": "The ARN of the SSO instance under which the operation will be executed.
", + "smithy.api#required": {} + } + }, + "PermissionSetArn": { + "target": "com.amazonaws.ssoadmin#PermissionSetArn", + "traits": { + "smithy.api#documentation": "The ARN of the PermissionSet.
The permissions boundary attached to the specified permission set.
" + } + } + } + }, "com.amazonaws.ssoadmin#Id": { "type": "string", "traits": { @@ -1360,7 +1619,7 @@ "min": 10, "max": 1224 }, - "smithy.api#pattern": "^arn:aws:sso:::instance/(sso)?ins-[a-zA-Z0-9-.]{16}$" + "smithy.api#pattern": "^arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso:::instance/(sso)?ins-[a-zA-Z0-9-.]{16}$" } }, "com.amazonaws.ssoadmin#InstanceList": { @@ -1748,6 +2007,89 @@ } } }, + "com.amazonaws.ssoadmin#ListCustomerManagedPolicyReferencesInPermissionSet": { + "type": "operation", + "input": { + "target": "com.amazonaws.ssoadmin#ListCustomerManagedPolicyReferencesInPermissionSetRequest" + }, + "output": { + "target": "com.amazonaws.ssoadmin#ListCustomerManagedPolicyReferencesInPermissionSetResponse" + }, + "errors": [ + { + "target": "com.amazonaws.ssoadmin#AccessDeniedException" + }, + { + "target": "com.amazonaws.ssoadmin#InternalServerException" + }, + { + "target": "com.amazonaws.ssoadmin#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.ssoadmin#ThrottlingException" + }, + { + "target": "com.amazonaws.ssoadmin#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Lists all IAM customer managed policies attached to a specified PermissionSet.
", + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "items": "CustomerManagedPolicyReferences", + "pageSize": "MaxResults" + } + } + }, + "com.amazonaws.ssoadmin#ListCustomerManagedPolicyReferencesInPermissionSetRequest": { + "type": "structure", + "members": { + "InstanceArn": { + "target": "com.amazonaws.ssoadmin#InstanceArn", + "traits": { + "smithy.api#documentation": "The ARN of the SSO instance under which the operation will be executed.
", + "smithy.api#required": {} + } + }, + "PermissionSetArn": { + "target": "com.amazonaws.ssoadmin#PermissionSetArn", + "traits": { + "smithy.api#documentation": "The ARN of the PermissionSet.
The maximum number of results to display for the list call.
" + } + }, + "NextToken": { + "target": "com.amazonaws.ssoadmin#Token", + "traits": { + "smithy.api#documentation": "The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.
" + } + } + } + }, + "com.amazonaws.ssoadmin#ListCustomerManagedPolicyReferencesInPermissionSetResponse": { + "type": "structure", + "members": { + "CustomerManagedPolicyReferences": { + "target": "com.amazonaws.ssoadmin#CustomerManagedPolicyReferenceList", + "traits": { + "smithy.api#documentation": "Specifies the names and paths of the IAM customer managed policies that you have attached to your permission set.
" + } + }, + "NextToken": { + "target": "com.amazonaws.ssoadmin#Token", + "traits": { + "smithy.api#documentation": "The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.
" + } + } + } + }, "com.amazonaws.ssoadmin#ListInstances": { "type": "operation", "input": { @@ -1840,7 +2182,7 @@ } ], "traits": { - "smithy.api#documentation": "Lists the IAM managed policy that is attached to a specified permission set.
", + "smithy.api#documentation": "Lists the Amazon Web Services managed IAM policy that is attached to a specified permission set.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -2189,7 +2531,7 @@ } }, "ResourceArn": { - "target": "com.amazonaws.ssoadmin#GeneralArn", + "target": "com.amazonaws.ssoadmin#TaggableResourceArn", "traits": { "smithy.api#documentation": "The ARN of the resource with the tags to be listed.
", "smithy.api#required": {} @@ -2226,7 +2568,28 @@ "smithy.api#length": { "min": 20, "max": 2048 - } + }, + "smithy.api#pattern": "^arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):iam::aws:policy/[\\p{L}\\p{M}\\p{Z}\\p{S}\\p{N}\\p{P}]+$" + } + }, + "com.amazonaws.ssoadmin#ManagedPolicyName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 128 + }, + "smithy.api#pattern": "^[\\w+=,.@-]+$" + } + }, + "com.amazonaws.ssoadmin#ManagedPolicyPath": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 512 + }, + "smithy.api#pattern": "^((/[A-Za-z0-9\\.,\\+@=_-]+)*)/$" } }, "com.amazonaws.ssoadmin#MaxResults": { @@ -2313,7 +2676,7 @@ "min": 10, "max": 1224 }, - "smithy.api#pattern": "^arn:aws:sso:::permissionSet/(sso)?ins-[a-zA-Z0-9-.]{16}/ps-[a-zA-Z0-9-./]{16}$" + "smithy.api#pattern": "^arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso:::permissionSet/(sso)?ins-[a-zA-Z0-9-.]{16}/ps-[a-zA-Z0-9-./]{16}$" } }, "com.amazonaws.ssoadmin#PermissionSetDescription": { @@ -2323,7 +2686,7 @@ "min": 1, "max": 700 }, - "smithy.api#pattern": "^[\\p{L}\\p{M}\\p{Z}\\p{S}\\p{N}\\p{P}]*$" + "smithy.api#pattern": "^[\\u0009\\u000A\\u000D\\u0020-\\u007E\\u00A0-\\u00FF]*$" } }, "com.amazonaws.ssoadmin#PermissionSetList": { @@ -2349,8 +2712,7 @@ "min": 1, "max": 10240 }, - "smithy.api#pattern": "^[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+$", - "smithy.api#sensitive": {} + "smithy.api#pattern": "^[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+$" } }, "com.amazonaws.ssoadmin#PermissionSetProvisioningStatus": { @@ -2429,6 +2791,26 @@ "smithy.api#documentation": "Provides information about the permission set provisioning status.
" } }, + "com.amazonaws.ssoadmin#PermissionsBoundary": { + "type": "structure", + "members": { + "CustomerManagedPolicyReference": { + "target": "com.amazonaws.ssoadmin#CustomerManagedPolicyReference", + "traits": { + "smithy.api#documentation": "Specifies the name and path of the IAM customer managed policy. You must have an IAM policy that matches the name and path in each Amazon Web Services account where you want to deploy your permission set.
" + } + }, + "ManagedPolicyArn": { + "target": "com.amazonaws.ssoadmin#ManagedPolicyArn", + "traits": { + "smithy.api#documentation": "The Amazon Web Services managed policy ARN that you want to attach to a permission set as a permissions boundary.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Specifies the configuration of the Amazon Web Services managed or customer managed policy that you want to set as a permissions boundary. Specify either CustomerManagedPolicyReference \n to use the name and path of a customer managed policy, or ManagedPolicyArn to use the ARN of an Amazon Web Services managed IAM policy. A permissions boundary represents the maximum permissions that any policy\n can grant your role. For more information, see Permissions boundaries for IAM entities in the Identity and Access Management User Guide.
Policies used as permissions boundaries do not provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see IAM JSON policy evaluation logic in the Identity and Access Management User Guide.
\nAttaches an Amazon Web Services managed or customer managed IAM policy to the specified PermissionSet as a permissions boundary.
" + } + }, + "com.amazonaws.ssoadmin#PutPermissionsBoundaryToPermissionSetRequest": { + "type": "structure", + "members": { + "InstanceArn": { + "target": "com.amazonaws.ssoadmin#InstanceArn", + "traits": { + "smithy.api#documentation": "The ARN of the SSO instance under which the operation will be executed.
", + "smithy.api#required": {} + } + }, + "PermissionSetArn": { + "target": "com.amazonaws.ssoadmin#PermissionSetArn", + "traits": { + "smithy.api#documentation": "The ARN of the PermissionSet.
The permissions boundary that you want to attach to a PermissionSet.
Amazon Web Services Single Sign On (SSO) is a cloud SSO service that makes it easy to centrally manage SSO\n access to multiple Amazon Web Services accounts and business applications. This guide provides information on\n SSO operations which could be used for access management of Amazon Web Services accounts. For information about\n Amazon Web Services SSO features, see the Amazon Web Services Single Sign-On User Guide.
\nMany operations in the SSO APIs rely on identifiers for users and groups, known as\n principals. For more information about how to work with principals and principal IDs in Amazon Web Services SSO,\n see the Amazon Web Services SSO Identity Store API\n Reference.
", - "smithy.api#title": "AWS Single Sign-On Admin" - } + ] }, "com.amazonaws.ssoadmin#ServiceQuotaExceededException": { "type": "structure", @@ -2811,13 +3273,15 @@ "Key": { "target": "com.amazonaws.ssoadmin#TagKey", "traits": { - "smithy.api#documentation": "The key for the tag.
" + "smithy.api#documentation": "The key for the tag.
", + "smithy.api#required": {} } }, "Value": { "target": "com.amazonaws.ssoadmin#TagValue", "traits": { - "smithy.api#documentation": "The value of the tag.
" + "smithy.api#documentation": "The value of the tag.
", + "smithy.api#required": {} } } }, @@ -2905,7 +3369,7 @@ } }, "ResourceArn": { - "target": "com.amazonaws.ssoadmin#GeneralArn", + "target": "com.amazonaws.ssoadmin#TaggableResourceArn", "traits": { "smithy.api#documentation": "The ARN of the resource with the tags to be listed.
", "smithy.api#required": {} @@ -2934,9 +3398,23 @@ "smithy.api#pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$" } }, + "com.amazonaws.ssoadmin#TaggableResourceArn": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 10, + "max": 2048 + }, + "smithy.api#pattern": "^arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso:::permissionSet/(sso)?ins-[a-zA-Z0-9-.]{16}/ps-[a-zA-Z0-9-./]{16}$" + } + }, "com.amazonaws.ssoadmin#TargetId": { "type": "string", "traits": { + "smithy.api#length": { + "min": 12, + "max": 12 + }, "smithy.api#pattern": "^\\d{12}$" } }, @@ -2980,6 +3458,10 @@ "com.amazonaws.ssoadmin#UUId": { "type": "string", "traits": { + "smithy.api#length": { + "min": 36, + "max": 36 + }, "smithy.api#pattern": "^\\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b$" } }, @@ -3026,7 +3508,7 @@ } }, "ResourceArn": { - "target": "com.amazonaws.ssoadmin#GeneralArn", + "target": "com.amazonaws.ssoadmin#TaggableResourceArn", "traits": { "smithy.api#documentation": "The ARN of the resource with the tags to be listed.
", "smithy.api#required": {} diff --git a/codegen/sdk/aws-models/wafv2.json b/codegen/sdk/aws-models/wafv2.json index dcfefb3f7de..714c7dc728c 100644 --- a/codegen/sdk/aws-models/wafv2.json +++ b/codegen/sdk/aws-models/wafv2.json @@ -43,7 +43,7 @@ "name": "wafv2" }, "aws.protocols#awsJson1_1": {}, - "smithy.api#documentation": "This is the latest version of the WAF API,\n released in November, 2019. The names of the entities that you use to access this API,\n like endpoints and namespaces, all have the versioning information added, like \"V2\" or\n \"v2\", to distinguish from the prior version. We recommend migrating your resources to\n this version, because it has a number of significant improvements.
\nIf you used WAF prior to this release, you can't use this WAFV2 API to access any\n WAF resources that you created before. You can access your old rules, web ACLs, and\n other WAF resources only through the WAF Classic APIs. The WAF Classic APIs\n have retained the prior names, endpoints, and namespaces.
\nFor information, including how to migrate your WAF resources to this version,\n see the WAF Developer Guide.
\nWAF is a web application firewall that lets you monitor the HTTP and HTTPS\n requests that are forwarded to Amazon CloudFront, an Amazon API Gateway REST API, an Application Load Balancer, or an AppSync\n GraphQL API. WAF also lets you control access to your content. Based on conditions that\n you specify, such as the IP addresses that requests originate from or the values of query\n strings, the Amazon API Gateway REST API, CloudFront distribution, the Application Load Balancer, or the AppSync GraphQL\n API responds to requests either with the requested content or with an HTTP 403 status code\n (Forbidden). You also can configure CloudFront to return a custom error page when a request is\n blocked.
\nThis API guide is for developers who need detailed information about WAF API actions,\n data types, and errors. For detailed information about WAF features and an overview of\n how to use WAF, see the WAF Developer\n Guide.
\nYou can make calls using the endpoints listed in WAF endpoints and quotas.
\nFor regional applications, you can use any of the endpoints in the list.\n A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.
\nFor Amazon CloudFront applications, you must use the API endpoint listed for\n US East (N. Virginia): us-east-1.
\nAlternatively, you can use one of the Amazon Web Services SDKs to access an API that's tailored to the\n programming language or platform that you're using. For more information, see Amazon Web Services SDKs.
\nWe currently provide two versions of the WAF API: this API and the prior versions,\n the classic WAF APIs. This new API provides the same functionality as the older versions,\n with the following major improvements:
\nYou use one API for both global and regional applications. Where you need to\n distinguish the scope, you specify a Scope parameter and set it to\n CLOUDFRONT or REGIONAL.
You can define a web ACL or rule group with a single call, and update it with a\n single call. You define all rule specifications in JSON format, and pass them to your\n rule group or web ACL calls.
\nThe limits WAF places on the use of rules more closely reflects the cost of\n running each type of rule. Rule groups include capacity settings, so you know the\n maximum cost of a rule group when you use it.
\nThis is the latest version of the WAF API,\n released in November, 2019. The names of the entities that you use to access this API,\n like endpoints and namespaces, all have the versioning information added, like \"V2\" or\n \"v2\", to distinguish from the prior version. We recommend migrating your resources to\n this version, because it has a number of significant improvements.
\nIf you used WAF prior to this release, you can't use this WAFV2 API to access any\n WAF resources that you created before. You can access your old rules, web ACLs, and\n other WAF resources only through the WAF Classic APIs. The WAF Classic APIs\n have retained the prior names, endpoints, and namespaces.
\nFor information, including how to migrate your WAF resources to this version,\n see the WAF Developer Guide.
\nWAF is a web application firewall that lets you monitor the HTTP and HTTPS\n requests that are forwarded to Amazon CloudFront, an Amazon API Gateway REST API, an Application Load Balancer, or an AppSync\n GraphQL API. WAF also lets you control access to your content. Based on criteria that\n you specify, such as the IP addresses that requests originate from or the values of query\n strings, the Amazon API Gateway REST API, CloudFront distribution, the Application Load Balancer, or the AppSync GraphQL\n API responds to requests either with the requested content or with an HTTP 403 status code\n (Forbidden). You also can configure CloudFront to return a custom error page when a request is\n blocked.
\nThis API guide is for developers who need detailed information about WAF API actions,\n data types, and errors. For detailed information about WAF features and an overview of\n how to use WAF, see the WAF Developer\n Guide.
\nYou can make calls using the endpoints listed in WAF endpoints and quotas.
\nFor regional applications, you can use any of the endpoints in the list.\n A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.
\nFor Amazon CloudFront applications, you must use the API endpoint listed for\n US East (N. Virginia): us-east-1.
\nAlternatively, you can use one of the Amazon Web Services SDKs to access an API that's tailored to the\n programming language or platform that you're using. For more information, see Amazon Web Services SDKs.
\nWe currently provide two versions of the WAF API: this API and the prior versions,\n the classic WAF APIs. This new API provides the same functionality as the older versions,\n with the following major improvements:
\nYou use one API for both global and regional applications. Where you need to\n distinguish the scope, you specify a Scope parameter and set it to\n CLOUDFRONT or REGIONAL.
You can define a web ACL or rule group with a single call, and update it with a\n single call. You define all rule specifications in JSON format, and pass them to your\n rule group or web ACL calls.
\nThe limits WAF places on the use of rules more closely reflects the cost of\n running each type of rule. Rule groups include capacity settings, so you know the\n maximum cost of a rule group when you use it.
\nInspect all of the elements that WAF has parsed and extracted from the web request\n component that you've identified in your FieldToMatch specifications. \n
\nThis is used only in the FieldToMatch specification for some web request component types.
\nJSON specification: \"All\": {}\n
Inspect all of the elements that WAF has parsed and extracted from the web request\n component that you've identified in your FieldToMatch specifications.
\nThis is used only in the FieldToMatch specification for some web request component types.
\nJSON specification: \"All\": {}\n
Inspect all query arguments of the web request.
\nThis is used only in the FieldToMatch specification for some web request component types.
\nJSON specification: \"AllQueryArguments\": {}\n
Inspect all query arguments of the web request.
\nThis is used only in the FieldToMatch specification for some web request component types.
\nJSON specification: \"AllQueryArguments\": {}\n
Associates a web ACL with a regional application resource, to protect the resource.\n A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.
\nFor Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To\n associate a web ACL, in the CloudFront call UpdateDistribution, set the web ACL ID\n to the Amazon Resource Name (ARN) of the web ACL. For information, see UpdateDistribution.
When you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.
" + "smithy.api#documentation": "Associates a web ACL with a regional application resource, to protect the resource.\n A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.
\nFor Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To\n associate a web ACL, in the CloudFront call UpdateDistribution, set the web ACL ID\n to the Amazon Resource Name (ARN) of the web ACL. For information, see UpdateDistribution.
When you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.
" } }, "com.amazonaws.wafv2#AssociateWebACLRequest": { @@ -362,7 +362,7 @@ } }, "traits": { - "smithy.api#documentation": "Inspect the body of the web request. The body immediately follows the request headers.
\nThis is used to indicate the web request component for WAF to inspect, in the FieldToMatch specification.
" + "smithy.api#documentation": "Inspect the body of the web request. The body immediately follows the request\n headers.
\nThis is used to indicate the web request component to inspect, in the FieldToMatch specification.
" } }, "com.amazonaws.wafv2#BodyParsingFallbackBehavior": { @@ -400,7 +400,7 @@ "FieldToMatch": { "target": "com.amazonaws.wafv2#FieldToMatch", "traits": { - "smithy.api#documentation": "The part of the web request that you want WAF to inspect. For more information, see FieldToMatch.
", + "smithy.api#documentation": "The part of the web request that you want WAF to inspect.
", "smithy.api#required": {} } }, @@ -420,7 +420,7 @@ } }, "traits": { - "smithy.api#documentation": "A rule statement that defines a string match search for WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the WAF console and the developer guide, this is refered to as a string match statement.
" + "smithy.api#documentation": "A rule statement that defines a string match search for WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the WAF console and the developer guide, this is called a string match statement.
" } }, "com.amazonaws.wafv2#CapacityUnit": { @@ -442,7 +442,7 @@ } }, "traits": { - "smithy.api#documentation": "Specifies that WAF should run a CAPTCHA check against the request:
If the request includes a valid, unexpired CAPTCHA token,\n WAF allows the web request inspection to \n proceed to the next rule, similar to a CountAction.
If the request doesn't include a valid, unexpired CAPTCHA token, WAF \n discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.
WAF generates a response that it sends back to the client, which includes the following:
\nThe header x-amzn-waf-action with a value of captcha.
The HTTP status code 405 Method Not Allowed.
If the request contains an Accept header with a value of text/html, the response includes a CAPTCHA challenge.
You can configure the expiration time \n in the CaptchaConfig \n ImmunityTimeProperty setting at the rule and web ACL level. The rule setting overrides the web ACL setting.
This action option is available for rules. It isn't available for web ACL default actions.
\nThis is used in the context of other settings, for example to specify values for RuleAction and web ACL DefaultAction.
" + "smithy.api#documentation": "Specifies that WAF should run a CAPTCHA check against the request:
If the request includes a valid, unexpired CAPTCHA token,\n WAF allows the web request inspection to \n proceed to the next rule, similar to a CountAction.
If the request doesn't include a valid, unexpired CAPTCHA token, WAF \n discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.
WAF generates a response that it sends back to the client, which includes the following:
\nThe header x-amzn-waf-action with a value of captcha.
The HTTP status code 405 Method Not Allowed.
If the request contains an Accept header with a value of text/html, the response includes a CAPTCHA challenge.
You can configure the expiration time \n in the CaptchaConfig \n ImmunityTimeProperty setting at the rule and web ACL level. The rule setting overrides the web ACL setting.
This action option is available for rules. It isn't available for web ACL default actions.
" } }, "com.amazonaws.wafv2#CaptchaConfig": { @@ -451,12 +451,12 @@ "ImmunityTimeProperty": { "target": "com.amazonaws.wafv2#ImmunityTimeProperty", "traits": { - "smithy.api#documentation": "Determines how long a CAPTCHA token remains valid after the client successfully solves a CAPTCHA puzzle.
Determines how long a CAPTCHA token remains valid after the client\n successfully solves a CAPTCHA puzzle.
Specifies how WAF should handle CAPTCHA evaluations. This is available at the web ACL level and in each rule.
Specifies how WAF should handle CAPTCHA evaluations. This is\n available at the web ACL level and in each rule.
The HTTP response code indicating the status of the CAPTCHA token in the web request. If the token is missing, invalid, or expired, this code is 405 Method Not Allowed.
The HTTP response code indicating the status of the CAPTCHA token in the\n web request. If the token is missing, invalid, or expired, this code is 405 Method\n Not Allowed.
The result from the inspection of the web request for a valid CAPTCHA token.
The result from the inspection of the web request for a valid CAPTCHA\n token.
A single action condition.
" + "smithy.api#documentation": "A single action condition. This is the action setting that a log record must contain in order to meet the condition.
" } }, "LabelNameCondition": { "target": "com.amazonaws.wafv2#LabelNameCondition", "traits": { - "smithy.api#documentation": "A single label name condition.
" + "smithy.api#documentation": "A single label name condition. This is the fully qualified label name that a log record must contain in order to meet the condition. \n Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.
" } } }, @@ -635,18 +635,18 @@ "IncludedCookies": { "target": "com.amazonaws.wafv2#CookieNames", "traits": { - "smithy.api#documentation": "Inspect only the cookies that have a key that matches one of the strings specified here.
" + "smithy.api#documentation": "Inspect only the cookies that have a key that matches one of the strings specified here.\n
" } }, "ExcludedCookies": { "target": "com.amazonaws.wafv2#CookieNames", "traits": { - "smithy.api#documentation": "Inspect only the cookies whose keys don't match any of the strings specified here.
" + "smithy.api#documentation": "Inspect only the cookies whose keys don't match any of the strings specified here.\n
" } } }, "traits": { - "smithy.api#documentation": "The filter to use to identify the subset of cookies to inspect in a web request.
\nYou must specify exactly one setting: either All, IncludedCookies, or ExcludedCookies.
Example JSON: \"CookieMatchPattern\": { \"IncludedCookies\": {\"KeyToInclude1\", \"KeyToInclude2\", \"KeyToInclude3\"} }\n
The filter to use to identify the subset of cookies to inspect in a web request.
\nYou must specify exactly one setting: either All, IncludedCookies, or ExcludedCookies.
Example JSON: \"MatchPattern\": { \"IncludedCookies\": {\"KeyToInclude1\", \"KeyToInclude2\", \"KeyToInclude3\"} }\n
The filter to use to identify the subset of cookies to inspect in a web request.
\nYou must specify exactly one setting: either All, IncludedCookies, or ExcludedCookies.
Example JSON: \"CookieMatchPattern\": { \"IncludedCookies\": {\"KeyToInclude1\", \"KeyToInclude2\", \"KeyToInclude3\"} }\n
The filter to use to identify the subset of cookies to inspect in a web request.
\nYou must specify exactly one setting: either All, IncludedCookies, or ExcludedCookies.
Example JSON: \"MatchPattern\": { \"IncludedCookies\": {\"KeyToInclude1\", \"KeyToInclude2\", \"KeyToInclude3\"} }\n
The parts of the cookies to inspect with the rule inspection criteria. If you\n specify All, WAF inspects both keys and values.
The parts of the cookies to inspect with the rule inspection criteria. If you specify\n All, WAF inspects both keys and values.
Inspect the cookies in the web request. You can specify the parts of the cookies to inspect and you can narrow \n the set of cookies to inspect by including or excluding specific keys.
\nThis is used to indicate the web request component for WAF to inspect, in the FieldToMatch specification.
\nExample JSON: \"Cookies\": { \"MatchPattern\": { \"All\": {} }, \"MatchScope\": \"KEY\", \"OversizeHandling\": \"MATCH\" }\n
Inspect the cookies in the web request. You can specify the parts of the cookies to\n inspect and you can narrow the set of cookies to inspect by including or excluding specific\n keys.
\nThis is used to indicate the web request component to inspect, in the FieldToMatch specification.
\nExample JSON: \"Cookies\": { \"MatchPattern\": { \"All\": {} }, \"MatchScope\": \"KEY\",\n \"OversizeHandling\": \"MATCH\" }\n
The HTTP status code to return to the client.
\nFor a list of status codes that you can use in your custom reqponses, see Supported status codes for custom response in the \n WAF Developer Guide.
", + "smithy.api#documentation": "The HTTP status code to return to the client.
\nFor a list of status codes that you can use in your custom responses, see Supported status codes for custom response in the \n WAF Developer Guide.
", "smithy.api#required": {} } }, @@ -2468,7 +2468,7 @@ "ResourceArn": { "target": "com.amazonaws.wafv2#ResourceArn", "traits": { - "smithy.api#documentation": "The Amazon Resource Name (ARN) of the web ACL from which you want to delete the \n LoggingConfiguration.
", + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the web ACL from which you want to delete the LoggingConfiguration.
", "smithy.api#required": {} } } @@ -2702,7 +2702,7 @@ } ], "traits": { - "smithy.api#documentation": "Deletes the specified WebACL.
\nYou can only use this if ManagedByFirewallManager is false in the specified\n WebACL.
Before deleting any web ACL, first disassociate it from all resources.
\nTo retrieve a list of the resources that are associated with a web ACL, use the following calls:
\nFor regional resources, call ListResourcesForWebACL.
\nFor Amazon CloudFront distributions, use the CloudFront call ListDistributionsByWebACLId. \n For information, see ListDistributionsByWebACLId.
To disassociate a resource from a web ACL, use the following calls:
\nFor regional resources, call DisassociateWebACL.
\nFor Amazon CloudFront distributions, provide an empty web ACL ID in the CloudFront call\n UpdateDistribution. For information, see UpdateDistribution.
Deletes the specified WebACL.
\nYou can only use this if ManagedByFirewallManager is false in the specified\n WebACL.
Before deleting any web ACL, first disassociate it from all resources.
\nTo retrieve a list of the resources that are associated with a web ACL, use the\n following calls:
\nFor regional resources, call ListResourcesForWebACL.
\nFor Amazon CloudFront distributions, use the CloudFront call\n ListDistributionsByWebACLId. For information, see ListDistributionsByWebACLId.
To disassociate a resource from a web ACL, use the following calls:
\nFor regional resources, call DisassociateWebACL.
\nFor Amazon CloudFront distributions, provide an empty web ACL ID in the CloudFront call\n UpdateDistribution. For information, see UpdateDistribution.
The version of the rule group. You can only use a version that is not \n scheduled for expiration. If you don't provide this, WAF uses the vendor's default version.\n
" + "smithy.api#documentation": "The version of the rule group. You can only use a version that is not scheduled for\n expiration. If you don't provide this, WAF uses the vendor's default version.
" } } } @@ -2876,7 +2876,7 @@ } ], "traits": { - "smithy.api#documentation": "Disassociates the specified regional application resource from any existing web ACL association. A resource can have at most one\n web ACL association. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.
\nFor Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To\n disassociate a web ACL, provide an empty web ACL ID in the CloudFront call\n UpdateDistribution. For information, see UpdateDistribution.
Disassociates the specified regional application resource from any existing web ACL\n association. A resource can have at most one web ACL association. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.
\nFor Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To\n disassociate a web ACL, provide an empty web ACL ID in the CloudFront call\n UpdateDistribution. For information, see UpdateDistribution.
Specifies a single rule in a rule group whose action you want to override to Count. When you exclude a rule, \n WAF evaluates it exactly as it would if the rule action setting were Count. This is a useful option for \n testing the rules in a rule group without modifying how they handle your web traffic.
Specifies a single rule in a rule group whose action you want to override to\n Count. When you exclude a rule, WAF evaluates it exactly as it would if\n the rule action setting were Count. This is a useful option for testing the\n rules in a rule group without modifying how they handle your web traffic.
Inspect a single header. Provide the name of the header to inspect, for example,\n User-Agent or Referer. This setting isn't case\n sensitive.
Example JSON: \"SingleHeader\": { \"Name\": \"haystack\" }\n
Alternately, you can filter and inspect all headers with the Headers \n FieldToMatch setting.
Inspect a single header. Provide the name of the header to inspect, for example,\n User-Agent or Referer. This setting isn't case\n sensitive.
Example JSON: \"SingleHeader\": { \"Name\": \"haystack\" }\n
Alternately, you can filter and inspect all headers with the Headers\n FieldToMatch setting.
Inspect the request body as plain text. The request body immediately follows the request\n headers. This is the part of a request that contains any additional data that you want to\n send to your web server as the HTTP request body, such as data from a form.
\nOnly the first 8 KB (8192 bytes) of the request body are forwarded to\n WAF for inspection by the underlying host service. For information about how to \n handle oversized request bodies, see the Body object configuration.
Inspect the request body as plain text. The request body immediately follows the request\n headers. This is the part of a request that contains any additional data that you want to\n send to your web server as the HTTP request body, such as data from a form.
\nOnly the first 8 KB (8192 bytes) of the request body are forwarded to WAF for\n inspection by the underlying host service. For information about how to handle oversized\n request bodies, see the Body object configuration.
Inspect the request body as JSON. The request body immediately follows the request\n headers. This is the part of a request that contains any additional data that you want to\n send to your web server as the HTTP request body, such as data from a form.
\nOnly the first 8 KB (8192 bytes) of the request body are forwarded to\n WAF for inspection by the underlying host service. For information about how to \n handle oversized request bodies, see the JsonBody object configuration.
Inspect the request body as JSON. The request body immediately follows the request\n headers. This is the part of a request that contains any additional data that you want to\n send to your web server as the HTTP request body, such as data from a form.
\nOnly the first 8 KB (8192 bytes) of the request body are forwarded to WAF for\n inspection by the underlying host service. For information about how to handle oversized\n request bodies, see the JsonBody object configuration.
Inspect the request headers. You must configure scope and pattern matching filters \n in the Headers object, to define the set of headers to and the parts of the headers that WAF inspects.
Only the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to\n WAF for inspection by the underlying host service. You must configure \n how to handle any oversize header content in the Headers object. WAF applies the pattern matching filters \n to the headers that it receives from the underlying host service.
Inspect the request headers. You must configure scope and pattern matching filters in\n the Headers object, to define the set of headers to and the parts of the\n headers that WAF inspects.
Only the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers\n are forwarded to WAF for inspection by the underlying host service. You must\n configure how to handle any oversize header content in the Headers object.\n WAF applies the pattern matching filters to the headers that it receives from the\n underlying host service.
Inspect the request cookies. You must configure scope and pattern matching filters \n in the Cookies object, to define the set of cookies and the parts of the cookies that WAF inspects.
Only the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to\n WAF for inspection by the underlying host service. You must configure \n how to handle any oversize cookie content in the Cookies object. WAF applies the pattern matching filters \n to the cookies that it receives from the underlying host service.
Inspect the request cookies. You must configure scope and pattern matching filters in\n the Cookies object, to define the set of cookies and the parts of the cookies\n that WAF inspects.
Only the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies\n are forwarded to WAF for inspection by the underlying host service. You must\n configure how to handle any oversize cookie content in the Cookies object.\n WAF applies the pattern matching filters to the cookies that it receives from the\n underlying host service.
The part of the web request that you want WAF to inspect. Include the single FieldToMatch type that you want to inspect, with additional specifications as needed, according to the type. You specify a single request component in FieldToMatch for each rule statement that requires it. To inspect more than one component of the web request, create a separate rule statement for each component.
Example JSON for a QueryString field to match:
\n \"FieldToMatch\": { \"QueryString\": {} }\n
Example JSON for a Method field to match specification:
\n \"FieldToMatch\": { \"Method\": { \"Name\": \"DELETE\" } }\n
The part of the web request that you want WAF to inspect. Include the single\n FieldToMatch type that you want to inspect, with additional specifications\n as needed, according to the type. You specify a single request component in\n FieldToMatch for each rule statement that requires it. To inspect more than\n one component of the web request, create a separate rule statement for each\n component.
Example JSON for a QueryString field to match:
\n \"FieldToMatch\": { \"QueryString\": {} }\n
Example JSON for a Method field to match specification:
\n \"FieldToMatch\": { \"Method\": { \"Name\": \"DELETE\" } }\n
The release version. For the latest available version, specify LATEST.
The release version. For the latest available version, specify\n LATEST.
The Amazon Resource Name (ARN) of the web ACL for which you want to get the \n LoggingConfiguration.
", + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the web ACL for which you want to get the LoggingConfiguration.
", "smithy.api#required": {} } } @@ -3555,7 +3555,7 @@ } ], "traits": { - "smithy.api#documentation": "Retrieves information for the specified mobile SDK release, including release notes and tags.
\nThe mobile SDK is not generally available. Customers who have access to the mobile SDK can use it to establish and manage Security Token Service (STS) security tokens for use in HTTP(S) requests from a mobile device to WAF. For more information, see \nWAF client application integration in the WAF Developer Guide.
" + "smithy.api#documentation": "Retrieves information for the specified mobile SDK release, including release notes and\n tags.
\nThe mobile SDK is not generally available. Customers who have access to the mobile SDK can use it to establish and manage Security Token Service (STS) security tokens for use in HTTP(S) requests from a mobile device to WAF. For more information, see \nWAF client application integration in the WAF Developer Guide.
" } }, "com.amazonaws.wafv2#GetMobileSdkReleaseRequest": { @@ -3571,7 +3571,7 @@ "ReleaseVersion": { "target": "com.amazonaws.wafv2#VersionKeyString", "traits": { - "smithy.api#documentation": "The release version. For the latest available version, specify LATEST.
The release version. For the latest available version, specify\n LATEST.
Retrieves the keys that are currently blocked by a rate-based rule instance. The maximum number of managed keys that can be blocked for a single rate-based rule instance is 10,000. If more than 10,000 addresses exceed the rate limit, those with the highest rates are blocked.
\nFor a rate-based rule that you've defined inside a rule group, provide the name of the rule group reference statement in your request, in addition to the rate-based rule name and the web ACL name.
\nWAF monitors web requests and manages keys independently for each unique combination of web ACL, optional rule group, and rate-based rule. For example, if you define a rate-based rule inside a rule group, and then use the rule group in a web ACL, WAF monitors web requests and manages keys for that web ACL, rule group reference statement, and rate-based rule instance. If you use the same rule group in a second web ACL, WAF monitors web requests and manages keys for this second usage completely independent of your first.
" + "smithy.api#documentation": "Retrieves the keys that are currently blocked by a rate-based rule instance. The maximum\n number of managed keys that can be blocked for a single rate-based rule instance is 10,000.\n If more than 10,000 addresses exceed the rate limit, those with the highest rates are\n blocked.
\nFor a rate-based rule that you've defined inside a rule group, provide the name of the\n rule group reference statement in your request, in addition to the rate-based rule name and\n the web ACL name.
\nWAF monitors web requests and manages keys independently for each unique combination\n of web ACL, optional rule group, and rate-based rule. For example, if you define a\n rate-based rule inside a rule group, and then use the rule group in a web ACL, WAF\n monitors web requests and manages keys for that web ACL, rule group reference statement,\n and rate-based rule instance. If you use the same rule group in a second web ACL, WAF\n monitors web requests and manages keys for this second usage completely independent of your\n first.
" } }, "com.amazonaws.wafv2#GetRateBasedStatementManagedKeysRequest": { @@ -3687,13 +3687,13 @@ "RuleGroupRuleName": { "target": "com.amazonaws.wafv2#EntityName", "traits": { - "smithy.api#documentation": "The name of the rule group reference statement in your web ACL. This is required only when you have the rate-based rule nested \ninside a rule group.
" + "smithy.api#documentation": "The name of the rule group reference statement in your web ACL. This is required only\n when you have the rate-based rule nested inside a rule group.
" } }, "RuleName": { "target": "com.amazonaws.wafv2#EntityName", "traits": { - "smithy.api#documentation": "The name of the rate-based rule to get the keys for. If you have the rule defined inside a rule group that you're using in your web ACL, also provide the name of the rule group reference statement in the request parameter RuleGroupRuleName.
The name of the rate-based rule to get the keys for. If you have the rule defined inside\n a rule group that you're using in your web ACL, also provide the name of the rule group\n reference statement in the request parameter RuleGroupRuleName.
Inspect only the headers that have a key that matches one of the strings specified here.
" + "smithy.api#documentation": "Inspect only the headers that have a key that matches one of the strings specified here.\n
" } }, "ExcludedHeaders": { "target": "com.amazonaws.wafv2#HeaderNames", "traits": { - "smithy.api#documentation": "Inspect only the headers whose keys don't match any of the strings specified here.
" + "smithy.api#documentation": "Inspect only the headers whose keys don't match any of the strings specified here.\n
" } } }, "traits": { - "smithy.api#documentation": "The filter to use to identify the subset of headers to inspect in a web request.
\nYou must specify exactly one setting: either All, IncludedHeaders, or ExcludedHeaders.
Example JSON: \"HeaderMatchPattern\": { \"ExcludedHeaders\": {\"KeyToExclude1\", \"KeyToExclude2\"} }\n
The filter to use to identify the subset of headers to inspect in a web request.
\nYou must specify exactly one setting: either All, IncludedHeaders, or ExcludedHeaders.
Example JSON: \"MatchPattern\": { \"ExcludedHeaders\": {\"KeyToExclude1\", \"KeyToExclude2\"} }\n
The filter to use to identify the subset of headers to inspect in a web request.
\nYou must specify exactly one setting: either All, IncludedHeaders, or ExcludedHeaders.
Example JSON: \"HeaderMatchPattern\": { \"ExcludedHeaders\": {\"KeyToExclude1\", \"KeyToExclude2\"} }\n
The filter to use to identify the subset of headers to inspect in a web request.
\nYou must specify exactly one setting: either All, IncludedHeaders, or ExcludedHeaders.
Example JSON: \"MatchPattern\": { \"ExcludedHeaders\": {\"KeyToExclude1\", \"KeyToExclude2\"} }\n
The parts of the headers to match with the rule inspection criteria. If you\n specify All, WAF inspects both keys and values.
The parts of the headers to match with the rule inspection criteria. If you specify\n All, WAF inspects both keys and values.
Inspect the headers in the web request. You can specify the parts of the headers to inspect and you can narrow \n the set of headers to inspect by including or excluding specific keys.
\nThis is used to indicate the web request component for WAF to inspect, in the FieldToMatch specification.
\nAlternately, you can use the SingleHeader \n FieldToMatch setting to inspect the value of a single header, identified by its key.
Example JSON: \"Headers\": { \"MatchPattern\": { \"All\": {} }, \"MatchScope\": \"KEY\", \"OversizeHandling\": \"MATCH\" }\n
Inspect all headers in the web request. You can specify the parts of the headers to\n inspect and you can narrow the set of headers to inspect by including or excluding specific\n keys.
\nThis is used to indicate the web request component to inspect, in the FieldToMatch specification.
\nIf you want to inspect just the value of a single header, use the\n SingleHeader\n FieldToMatch setting instead.
Example JSON: \"Headers\": { \"MatchPattern\": { \"All\": {} }, \"MatchScope\": \"KEY\",\n \"OversizeHandling\": \"MATCH\" }\n
The amount of time, in seconds, that a CAPTCHA token is valid. The default setting is 300.
The amount of time, in seconds, that a CAPTCHA token is valid. The default\n setting is 300.
Determines how long a CAPTCHA token remains valid after the client successfully solves a CAPTCHA puzzle.
Determines how long a CAPTCHA token remains valid after the client\n successfully solves a CAPTCHA puzzle.
What WAF should do if it fails to completely parse the JSON body. The options are\n the following:
\n\n EVALUATE_AS_STRING - Inspect the body as plain text. WAF applies\n the text transformations and inspection criteria that you defined for the JSON\n inspection to the body text string.
\n MATCH - Treat the web request as matching the rule statement. WAF\n applies the rule action to the request.
\n NO_MATCH - Treat the web request as not matching the rule\n statement.
If you don't provide this setting, WAF parses and evaluates the content only up to the\n first parsing failure that it encounters.
\nWAF does its best to parse the entire JSON body, but might be forced to stop for\n reasons such as invalid characters, duplicate keys, truncation, and any content whose root\n node isn't an object or an array.
\nWAF parses the JSON in the following examples as two valid key, value pairs:
\nMissing comma: {\"key1\":\"value1\"\"key2\":\"value2\"}\n
Missing colon: {\"key1\":\"value1\",\"key2\"\"value2\"}\n
Extra colons: {\"key1\"::\"value1\",\"key2\"\"value2\"}\n
What WAF should do if it fails to completely parse the JSON body. The options are\n the following:
\n\n EVALUATE_AS_STRING - Inspect the body as plain text. WAF\n applies the text transformations and inspection criteria that you defined for the\n JSON inspection to the body text string.
\n MATCH - Treat the web request as matching the rule statement.\n WAF applies the rule action to the request.
\n NO_MATCH - Treat the web request as not matching the rule\n statement.
If you don't provide this setting, WAF parses and evaluates the content only up to the\n first parsing failure that it encounters.
\nWAF does its best to parse the entire JSON body, but might be forced to stop for\n reasons such as invalid characters, duplicate keys, truncation, and any content whose root\n node isn't an object or an array.
\nWAF parses the JSON in the following examples as two valid key, value pairs:
\nMissing comma: {\"key1\":\"value1\"\"key2\":\"value2\"}\n
Missing colon: {\"key1\":\"value1\",\"key2\"\"value2\"}\n
Extra colons: {\"key1\"::\"value1\",\"key2\"\"value2\"}\n
Inspect the body of the web request as JSON. The body immediately follows the request\n headers.
\nThis is used to indicate the web request component for WAF to inspect, in the FieldToMatch specification.
\nUse the specifications in this object to indicate which parts of the JSON body to\n inspect using the rule's inspection criteria. WAF inspects only the parts of the JSON\n that result from the matches that you\n indicate.\n
\nExample JSON: \"JsonBody\": { \"MatchPattern\": { \"All\": {} }, \"MatchScope\": \"ALL\" }\n
Inspect the body of the web request as JSON. The body immediately follows the request\n headers.
\nThis is used to indicate the web request component to inspect, in the FieldToMatch specification.
\nUse the specifications in this object to indicate which parts of the JSON body to\n inspect using the rule's inspection criteria. WAF inspects only the parts of the JSON\n that result from the matches that you indicate.\n
\nExample JSON: \"JsonBody\": { \"MatchPattern\": { \"All\": {} }, \"MatchScope\": \"ALL\"\n }\n
Retrieves a list of the available releases for the mobile SDK and the specified device platform.
\nThe mobile SDK is not generally available. Customers who have access to the mobile SDK can use it to establish and manage Security Token Service (STS) security tokens for use in HTTP(S) requests from a mobile device to WAF. For more information, see \nWAF client application integration in the WAF Developer Guide.
" + "smithy.api#documentation": "Retrieves a list of the available releases for the mobile SDK and the specified device\n platform.
\nThe mobile SDK is not generally available. Customers who have access to the mobile SDK can use it to establish and manage Security Token Service (STS) security tokens for use in HTTP(S) requests from a mobile device to WAF. For more information, see \nWAF client application integration in the WAF Developer Guide.
" } }, "com.amazonaws.wafv2#ListMobileSdkReleasesRequest": { @@ -5389,14 +5389,14 @@ "LogDestinationConfigs": { "target": "com.amazonaws.wafv2#LogDestinationConfigs", "traits": { - "smithy.api#documentation": "The logging destination configuration that you want to associate\n with the web ACL.
\nYou can associate one logging destination to a web ACL.
\nThe logging destination configuration that you want to associate with the web\n ACL.
\nYou can associate one logging destination to a web ACL.
\nThe parts of the request that you want to keep out of the logs. For\n example, if you redact the SingleHeader field, the HEADER field in the logs will be xxx.
You can specify only the following fields for redaction: UriPath, QueryString, SingleHeader, Method, and JsonBody.
The parts of the request that you want to keep out of the logs. For example, if you\n redact the SingleHeader field, the HEADER field in the logs will\n be xxx.
You can specify only the following fields for redaction: UriPath,\n QueryString, SingleHeader, Method, and\n JsonBody.
Defines an association between logging destinations and a web ACL\n resource, for logging from WAF. As part of the association, you can specify parts of\n the standard logging fields to keep out of the logs and you can specify filters so that you\n log only a subset of the logging records.
\nYou can define one logging destination per web ACL.
\nYou can access information about the traffic that WAF inspects using the following\n steps:
\nCreate your logging destination. You can use an Amazon CloudWatch Logs log group, an Amazon Simple Storage Service (Amazon S3) bucket, or an Amazon Kinesis Data Firehose. \n For information about configuring logging destinations and the permissions that are required for each, see \n Logging web ACL traffic information \n in the WAF Developer Guide.
\nAssociate your logging destination to your web ACL using a\n PutLoggingConfiguration request.
When you successfully enable logging using a PutLoggingConfiguration\n request, WAF creates an additional role or policy that is required to write\n logs to the logging destination. For an Amazon CloudWatch Logs log group, WAF creates a resource policy on the log group.\n For an Amazon S3 bucket, WAF creates a bucket policy. For an Amazon Kinesis Data Firehose, WAF creates a service-linked role.
For additional information about web ACL logging, see \n Logging web ACL traffic information \n in the WAF Developer Guide.
" + "smithy.api#documentation": "Defines an association between logging destinations and a web ACL resource, for logging\n from WAF. As part of the association, you can specify parts of the standard logging\n fields to keep out of the logs and you can specify filters so that you log only a subset of\n the logging records.
\nYou can define one logging destination per web ACL.
\nYou can access information about the traffic that WAF inspects using the following\n steps:
\nCreate your logging destination. You can use an Amazon CloudWatch Logs log group, an Amazon Simple Storage Service (Amazon S3) bucket, or an Amazon Kinesis Data Firehose. \n For information about configuring logging destinations and the permissions that are required for each, see \n Logging web ACL traffic information \n in the WAF Developer Guide.
\nAssociate your logging destination to your web ACL using a\n PutLoggingConfiguration request.
When you successfully enable logging using a PutLoggingConfiguration\n request, WAF creates an additional role or policy that is required to write\n logs to the logging destination. For an Amazon CloudWatch Logs log group, WAF creates a resource policy on the log group.\n For an Amazon S3 bucket, WAF creates a bucket policy. For an Amazon Kinesis Data Firehose, WAF creates a service-linked role.
For additional information about web ACL logging, see \n Logging web ACL traffic information \n in the WAF Developer Guide.
" } }, "com.amazonaws.wafv2#LoggingConfigurations": { @@ -5460,7 +5460,7 @@ "LoginPath": { "target": "com.amazonaws.wafv2#LoginPathString", "traits": { - "smithy.api#documentation": "The path of the login endpoint for your application. For example, for the URL https://example.com/web/login, you would provide the path /web/login.
The path of the login endpoint for your application. For example, for the URL\n https://example.com/web/login, you would provide the path\n /web/login.
The version of the managed rule group to use. If you specify this, the version setting \n is fixed until you change it. \n If you don't specify this, WAF uses the vendor's default version, and then keeps the version \n at the vendor's default when the vendor updates the managed rule group settings.
" + "smithy.api#documentation": "The version of the managed rule group to use. If you specify this, the version setting\n is fixed until you change it. If you don't specify this, WAF uses the vendor's\n default version, and then keeps the version at the vendor's default when the vendor updates\n the managed rule group settings.
" } }, "ExcludedRules": { "target": "com.amazonaws.wafv2#ExcludedRules", "traits": { - "smithy.api#documentation": "The rules in the referenced rule group whose actions are set to Count. \n When you exclude a rule, WAF evaluates it exactly as it would if the rule action setting were Count. \n This is a useful option for testing the rules in a rule group without modifying how they handle your web traffic.
The rules in the referenced rule group whose actions are set to Count. When\n you exclude a rule, WAF evaluates it exactly as it would if the rule action setting were\n Count. This is a useful option for testing the rules in a rule group\n without modifying how they handle your web traffic.
Indicates whether the managed rule group is versioned. If it is, you can retrieve the versions list by calling ListAvailableManagedRuleGroupVersions.
" + "smithy.api#documentation": "Indicates whether the managed rule group is versioned. If it is, you can retrieve the\n versions list by calling ListAvailableManagedRuleGroupVersions.
" } }, "Description": { @@ -5777,7 +5777,7 @@ "type": "structure", "members": {}, "traits": { - "smithy.api#documentation": "Inspect the HTTP method of the web request. The method indicates the type of operation that the request is asking the origin to perform.
\nThis is used only in the FieldToMatch specification for some web request component types.
\nJSON specification: \"Method\": {}\n
Inspect the HTTP method of the web request. The method indicates the type of operation\n that the request is asking the origin to perform.
\nThis is used only in the FieldToMatch specification for some web request component types.
\nJSON specification: \"Method\": {}\n
Specifies that WAF should do nothing. This is used for the OverrideAction setting \n on a Rule when the rule uses a rule group reference statement.
This is used in the context of other settings, for example to specify values for RuleAction and web ACL DefaultAction.
\nJSON specification: \"None\": {}\n
Specifies that WAF should do nothing. This is used for the\n OverrideAction setting on a Rule when the rule uses a\n rule group reference statement.
This is used in the context of other settings, for example to specify values for RuleAction and web ACL DefaultAction.
\nJSON specification: \"None\": {}\n
Details about your login page password field, used in a ManagedRuleGroupConfig.
Details about your login page password field, used in a\n ManagedRuleGroupConfig.
Inspect the query string of the web request. This is the part of a URL that appears after a ? character, if any.
This is used only in the FieldToMatch specification for some web request component types.
\nJSON specification: \"QueryString\": {}\n
Inspect the query string of the web request. This is the part of a URL that appears\n after a ? character, if any.
This is used only in the FieldToMatch specification for some web request component types.
\nJSON specification: \"QueryString\": {}\n
A rate-based rule tracks the rate of requests for each originating IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any 5-minute time span. You can use this to put a temporary block on requests from an IP address that is sending excessive requests.
\nWAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by WAF. If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by WAF.
\nWhen the rule action triggers, WAF blocks additional requests from the IP address until the request rate falls below the limit.
\nYou can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts requests that match the nested statement. For example, based on recent requests that you have seen from an attacker, you might create a rate-based rule with a nested AND rule statement that contains the following nested statements:
\nAn IP match statement with an IP set that specified the address 192.0.2.44.
\nA string match statement that searches in the User-Agent header for the string BadBot.
\nIn this rate-based rule, you also define a rate limit. For this example, the rate limit is 1,000. Requests that meet both of the conditions in the statements are counted. If the count exceeds 1,000 requests per five minutes, the rule action triggers. Requests that do not meet both conditions are not counted towards the rate limit and are not affected by this rule.
\nYou cannot nest a RateBasedStatement inside another statement, for example inside a NotStatement or OrStatement. You can define a RateBasedStatement inside a web ACL and inside a rule group.
A rate-based rule tracks the rate of requests for each originating IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any 5-minute time span. You can use this to put a temporary block on requests from an IP address that is sending excessive requests.
\nWAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by WAF. If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by WAF.
\nWhen the rule action triggers, WAF blocks additional requests from the IP address until the request rate falls below the limit.
\nYou can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts requests that match the nested statement. For example, based on recent requests that you have seen from an attacker, you might create a rate-based rule with a nested AND rule statement that contains the following nested statements:
\nAn IP match statement with an IP set that specified the address 192.0.2.44.
\nA string match statement that searches in the User-Agent header for the string BadBot.
\nIn this rate-based rule, you also define a rate limit. For this example, the rate limit is 1,000. Requests that meet the criteria of both of the nested statements are counted. If the count exceeds 1,000 requests per five minutes, the rule action triggers. Requests that do not meet the criteria of both of the nested statements are not counted towards the rate limit and are not affected by this rule.
\nYou cannot nest a RateBasedStatement inside another statement, for example inside a NotStatement or OrStatement. You can define a RateBasedStatement inside a web ACL and inside a rule group.
The part of the web request that you want WAF to inspect. For more information, see FieldToMatch.
", + "smithy.api#documentation": "The part of the web request that you want WAF to inspect.
", "smithy.api#required": {} } }, @@ -6668,7 +6668,7 @@ "FieldToMatch": { "target": "com.amazonaws.wafv2#FieldToMatch", "traits": { - "smithy.api#documentation": "The part of the web request that you want WAF to inspect. For more information, see FieldToMatch.
", + "smithy.api#documentation": "The part of the web request that you want WAF to inspect.
", "smithy.api#required": {} } }, @@ -7037,7 +7037,7 @@ "ExcludedRules": { "target": "com.amazonaws.wafv2#ExcludedRules", "traits": { - "smithy.api#documentation": "The rules in the referenced rule group whose actions are set to Count. \n When you exclude a rule, WAF evaluates it exactly as it would if the rule action setting were Count. \n This is a useful option for testing the rules in a rule group without modifying how they handle your web traffic.
The rules in the referenced rule group whose actions are set to Count. When\n you exclude a rule, WAF evaluates it exactly as it would if the rule action setting were\n Count. This is a useful option for testing the rules in a rule group\n without modifying how they handle your web traffic.
Inspect one of the headers in the web request, identified by name, for example,\n User-Agent or Referer. The name isn't case sensitive.
You can filter and inspect all headers with the FieldToMatch setting Headers.
This is used to indicate the web request component for WAF to inspect, in the FieldToMatch specification.
\nExample JSON: \"SingleHeader\": { \"Name\": \"haystack\" }\n
Inspect one of the headers in the web request, identified by name, for example,\n User-Agent or Referer. The name isn't case sensitive.
You can filter and inspect all headers with the FieldToMatch setting\n Headers.
This is used to indicate the web request component to inspect, in the FieldToMatch specification.
\nExample JSON: \"SingleHeader\": { \"Name\": \"haystack\" }\n
Inspect one query argument in the web request, identified by name, for example\n UserName or SalesRegion. The name isn't case sensitive.
\nThis is used to indicate the web request component for WAF to inspect, in the FieldToMatch specification.
\nExample JSON: \"SingleQueryArgument\": { \"Name\": \"myArgument\" }\n
Inspect one query argument in the web request, identified by name, for example\n UserName or SalesRegion. The name isn't case\n sensitive.
\nThis is used to indicate the web request component to inspect, in the FieldToMatch specification.
\nExample JSON: \"SingleQueryArgument\": { \"Name\": \"myArgument\" }\n
The part of the web request that you want WAF to inspect. For more information, see FieldToMatch.
", + "smithy.api#documentation": "The part of the web request that you want WAF to inspect.
", "smithy.api#required": {} } }, @@ -7307,7 +7322,7 @@ } }, "traits": { - "smithy.api#documentation": "A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.
\nIf you configure WAF to inspect the request body, WAF inspects only the first 8192 bytes (8 KB). If the request body for your web requests never exceeds 8192 bytes, you can create a size constraint condition and block requests that have a request body greater than 8192 bytes.
\nIf you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI /logo.jpg is nine characters long.
A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.
\nIf you configure WAF to inspect the request body, WAF inspects only the first 8192 bytes (8 KB). If the request body for your web requests never exceeds 8192 bytes, you could use a size constraint statement to block requests that have a request body greater than 8192 bytes.
\nIf you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI /logo.jpg is nine characters long.
The part of the web request that you want WAF to inspect. For more information, see FieldToMatch.
", + "smithy.api#documentation": "The part of the web request that you want WAF to inspect.
", "smithy.api#required": {} } }, @@ -7332,10 +7347,16 @@ "smithy.api#documentation": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. \n If you specify one or more transformations in a rule statement, WAF performs all transformations on the \n content of the request component identified by FieldToMatch, starting from the lowest priority setting, before inspecting the content for a match.
The sensitivity that you want WAF to use to inspect for SQL injection attacks.
\n\n HIGH detects more attacks, but might generate more false positives, \n especially if your web requests frequently contain unusual strings. \n For information about identifying and mitigating false positives, see \n Testing and tuning in the \n WAF Developer Guide.
\n LOW is generally a better choice for resources that already have other \n protections against SQL injection attacks or that have a low tolerance for false positives.
Default: LOW\n
Attackers sometimes insert malicious SQL code into web requests in an effort to extract data from your database. To allow or block web requests that appear to contain malicious SQL code, create one or more SQL injection match conditions. An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want WAF to inspect. Later in the process, when you create a web ACL, you specify whether to allow or block requests that appear to contain malicious SQL code.
" + "smithy.api#documentation": "A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it.
" } }, "com.amazonaws.wafv2#Statement": { @@ -7344,25 +7365,25 @@ "ByteMatchStatement": { "target": "com.amazonaws.wafv2#ByteMatchStatement", "traits": { - "smithy.api#documentation": "A rule statement that defines a string match search for WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the WAF console and the developer guide, this is refered to as a string match statement.
" + "smithy.api#documentation": "A rule statement that defines a string match search for WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the WAF console and the developer guide, this is called a string match statement.
" } }, "SqliMatchStatement": { "target": "com.amazonaws.wafv2#SqliMatchStatement", "traits": { - "smithy.api#documentation": "Attackers sometimes insert malicious SQL code into web requests in an effort to extract data from your database. To allow or block web requests that appear to contain malicious SQL code, create one or more SQL injection match conditions. An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want WAF to inspect. Later in the process, when you create a web ACL, you specify whether to allow or block requests that appear to contain malicious SQL code.
" + "smithy.api#documentation": "A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it.
" } }, "XssMatchStatement": { "target": "com.amazonaws.wafv2#XssMatchStatement", "traits": { - "smithy.api#documentation": "A rule statement that defines a cross-site scripting (XSS) match search for WAF to apply to web requests. \n XSS attacks are those where the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious \n client-site scripts into other legitimate web browsers. \n The XSS match statement provides the location in requests that you want WAF to search and text transformations \n to use on the search area before WAF searches for character sequences that are likely to be malicious strings.
" + "smithy.api#documentation": "A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker \nuses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers.
" } }, "SizeConstraintStatement": { "target": "com.amazonaws.wafv2#SizeConstraintStatement", "traits": { - "smithy.api#documentation": "A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.
\nIf you configure WAF to inspect the request body, WAF inspects only the first 8192 bytes (8 KB). If the request body for your web requests never exceeds 8192 bytes, you can create a size constraint condition and block requests that have a request body greater than 8192 bytes.
\nIf you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI /logo.jpg is nine characters long.
A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.
\nIf you configure WAF to inspect the request body, WAF inspects only the first 8192 bytes (8 KB). If the request body for your web requests never exceeds 8192 bytes, you could use a size constraint statement to block requests that have a request body greater than 8192 bytes.
\nIf you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI /logo.jpg is nine characters long.
A rate-based rule tracks the rate of requests for each originating IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any 5-minute time span. You can use this to put a temporary block on requests from an IP address that is sending excessive requests.
\nWAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by WAF. If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by WAF.
\nWhen the rule action triggers, WAF blocks additional requests from the IP address until the request rate falls below the limit.
\nYou can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts requests that match the nested statement. For example, based on recent requests that you have seen from an attacker, you might create a rate-based rule with a nested AND rule statement that contains the following nested statements:
\nAn IP match statement with an IP set that specified the address 192.0.2.44.
\nA string match statement that searches in the User-Agent header for the string BadBot.
\nIn this rate-based rule, you also define a rate limit. For this example, the rate limit is 1,000. Requests that meet both of the conditions in the statements are counted. If the count exceeds 1,000 requests per five minutes, the rule action triggers. Requests that do not meet both conditions are not counted towards the rate limit and are not affected by this rule.
\nYou cannot nest a RateBasedStatement inside another statement, for example inside a NotStatement or OrStatement. You can define a RateBasedStatement inside a web ACL and inside a rule group.
A rate-based rule tracks the rate of requests for each originating IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any 5-minute time span. You can use this to put a temporary block on requests from an IP address that is sending excessive requests.
\nWAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by WAF. If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by WAF.
\nWhen the rule action triggers, WAF blocks additional requests from the IP address until the request rate falls below the limit.
\nYou can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts requests that match the nested statement. For example, based on recent requests that you have seen from an attacker, you might create a rate-based rule with a nested AND rule statement that contains the following nested statements:
\nAn IP match statement with an IP set that specified the address 192.0.2.44.
\nA string match statement that searches in the User-Agent header for the string BadBot.
\nIn this rate-based rule, you also define a rate limit. For this example, the rate limit is 1,000. Requests that meet the criteria of both of the nested statements are counted. If the count exceeds 1,000 requests per five minutes, the rule action triggers. Requests that do not meet the criteria of both of the nested statements are not counted towards the rate limit and are not affected by this rule.
\nYou cannot nest a RateBasedStatement inside another statement, for example inside a NotStatement or OrStatement. You can define a RateBasedStatement inside a web ACL and inside a rule group.
The processing guidance for a Rule, used by WAF to determine whether a web request matches the rule.
" + "smithy.api#documentation": "The processing guidance for a Rule, used by WAF to determine whether\n a web request matches the rule.
" } }, "com.amazonaws.wafv2#Statements": { @@ -7597,7 +7618,7 @@ "Type": { "target": "com.amazonaws.wafv2#TextTransformationType", "traits": { - "smithy.api#documentation": "You can specify the following transformation types:
\n\n BASE64_DECODE - Decode a Base64-encoded\n string.
\n BASE64_DECODE_EXT - Decode a\n Base64-encoded string, but use a forgiving implementation that ignores\n characters that aren't valid.
\n CMD_LINE - Command-line transformations. These are\n helpful in reducing effectiveness of attackers who inject an operating system command-line\n command and use unusual formatting to disguise some or all of the command.
\nDelete the following characters: \\ \" ' ^\n
Delete spaces before the following characters: / (\n
Replace the following characters with a space: , ;\n
Replace multiple spaces with one space
\nConvert uppercase letters (A-Z) to lowercase (a-z)
\n\n COMPRESS_WHITE_SPACE - Replace these characters\n with a space character (decimal 32):
\n\n \\f, formfeed, decimal 12
\n \\t, tab, decimal 9
\n \\n, newline, decimal 10
\n \\r, carriage return, decimal 13
\n \\v, vertical tab, decimal 11
Non-breaking space, decimal 160
\n\n COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
\n CSS_DECODE - Decode characters that were encoded\n using CSS 2.x escape rules syndata.html#characters. This function uses up to two bytes in\n the decoding process, so it can help to uncover ASCII characters that were encoded using\n CSS encoding that wouldn’t typically be encoded. It's also useful in countering evasion,\n which is a combination of a backslash and non-hexadecimal characters. For example,\n ja\\vascript for javascript.
\n ESCAPE_SEQ_DECODE - Decode the following ANSI C escape sequences:\n \\a, \\b, \\f, \\n, \\r, \\t, \\v, \\\\, \\?, \\', \\\", \\xHH (hexadecimal), \\0OOO (octal). Encodings\n that aren't valid remain in the output.
\n HEX_DECODE - Decode a string of hexadecimal characters into a binary.
\n\n HTML_ENTITY_DECODE - Replace HTML-encoded\n characters with unencoded characters. HTML_ENTITY_DECODE performs these\n operations:
Replaces (ampersand)quot; with \"\n
Replaces (ampersand)nbsp; with a non-breaking space, decimal 160
Replaces (ampersand)lt; with a \"less than\" symbol
Replaces (ampersand)gt; with >\n
Replaces characters that are represented in hexadecimal format, (ampersand)#xhhhh;, with the corresponding characters
Replaces characters that are represented in decimal format, (ampersand)#nnnn;, with the corresponding \n characters
\n JS_DECODE - Decode JavaScript escape sequences. If\n a \\\n u\n HHHH code is in the full-width ASCII code range of FF01-FF5E, then the higher byte is\n used to detect and adjust the lower byte. If not, only the lower byte is used and the\n higher byte is zeroed, causing a possible loss of information.
\n LOWERCASE - Convert uppercase letters (A-Z) to\n lowercase (a-z).
\n\n MD5 - Calculate an MD5 hash from the data in the\n input. The computed hash is in a raw binary form.
\n\n NONE - Specify NONE if you don't want any text transformations.\n
\n NORMALIZE_PATH - Remove multiple slashes, directory\n self-references, and directory back-references that are not at the beginning of the input\n from an input string.
\n\n NORMALIZE_PATH_WIN - This is the same as\n NORMALIZE_PATH, but first converts backslash characters to forward slashes.
\n REMOVE_NULLS - Remove all NULL bytes\n from the input.
\n REPLACE_COMMENTS - Replace each occurrence of a\n C-style comment (/* ... */) with a single space. Multiple consecutive occurrences are not\n compressed. Unterminated comments are also replaced with a space (ASCII 0x20). However, a\n standalone termination of a comment (*/) is not acted upon.
\n REPLACE_NULLS - Replace NULL bytes in the input\n with space characters (ASCII 0x20).
\n SQL_HEX_DECODE - Decode SQL hex data. Example (0x414243) will be decoded to (ABC).
\n URL_DECODE - Decode a URL-encoded value.
\n\n URL_DECODE_UNI - Like URL_DECODE, but with support\n for Microsoft-specific %u encoding. If the code is in the full-width ASCII code range of\n FF01-FF5E, the higher byte is used to detect and adjust the lower byte. Otherwise, only the\n lower byte is used and the higher byte is zeroed.
\n UTF8_TO_UNICODE - Convert all UTF-8 character\n sequences to Unicode. This helps input normalization, and minimizing false-positives and\n false-negatives for non-English languages.
", + "smithy.api#documentation": "You can specify the following transformation types:
\n\n BASE64_DECODE - Decode a\n Base64-encoded string.
\n BASE64_DECODE_EXT - Decode a\n Base64-encoded string, but use a forgiving implementation that ignores\n characters that aren't valid.
\n CMD_LINE - Command-line transformations. These are\n helpful in reducing effectiveness of attackers who inject an operating system command-line \n command and use unusual formatting to disguise some or all of the command.
\nDelete the following characters: \\ \" ' ^\n
Delete spaces before the following characters: / (\n
Replace the following characters with a space: , ;\n
Replace multiple spaces with one space
\nConvert uppercase letters (A-Z) to lowercase (a-z)
\n\n COMPRESS_WHITE_SPACE - Replace these characters\n with a space character (decimal 32):
\n\n \\f, formfeed, decimal 12
\n \\t, tab, decimal 9
\n \\n, newline, decimal 10
\n \\r, carriage return, decimal 13
\n \\v, vertical tab, decimal 11
Non-breaking space, decimal 160
\n\n COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
\n CSS_DECODE - Decode characters that were encoded\n using CSS 2.x escape rules syndata.html#characters. This function uses up to\n two bytes in the decoding process, so it can help to uncover ASCII characters that were\n encoded using CSS encoding that wouldn’t typically be encoded. It's also useful in\n countering evasion, which is a combination of a backslash and non-hexadecimal characters.\n For example, ja\\vascript for javascript.
\n ESCAPE_SEQ_DECODE - Decode the following ANSI C\n escape sequences: \\a, \\b, \\f, \\n,\n \\r, \\t, \\v, \\\\, \\?,\n \\', \\\", \\xHH (hexadecimal), \\0OOO\n (octal). Encodings that aren't valid remain in the output.
\n HEX_DECODE - Decode a string of hexadecimal\n characters into a binary.
\n\n HTML_ENTITY_DECODE - Replace HTML-encoded\n characters with unencoded characters. HTML_ENTITY_DECODE performs these\n operations:
Replaces (ampersand)quot; with \"\n
Replaces (ampersand)nbsp; with a non-breaking space, decimal\n 160
Replaces (ampersand)lt; with a \"less than\" symbol
Replaces (ampersand)gt; with >\n
Replaces characters that are represented in hexadecimal format,\n (ampersand)#xhhhh;, with the corresponding characters
Replaces characters that are represented in decimal format,\n (ampersand)#nnnn;, with the corresponding characters
\n JS_DECODE - Decode JavaScript escape sequences. If\n a\n \\\n u\n HHHH\n code is in the full-width ASCII code range of FF01-FF5E, then the higher byte\n is used to detect and adjust the lower byte. If not, only the lower byte is used and the\n higher byte is zeroed, causing a possible loss of information.
\n LOWERCASE - Convert uppercase letters (A-Z) to\n lowercase (a-z).
\n\n MD5 - Calculate an MD5 hash from the data in the\n input. The computed hash is in a raw binary form.
\n\n NONE - Specify NONE if you don't want\n any text transformations.
\n NORMALIZE_PATH - Remove multiple slashes, directory\n self-references, and directory back-references that are not at the beginning of the input\n from an input string.
\n\n NORMALIZE_PATH_WIN - This is the same as\n NORMALIZE_PATH, but first converts backslash characters to forward slashes.
\n REMOVE_NULLS - Remove all NULL bytes\n from the input.
\n REPLACE_COMMENTS - Replace each occurrence of a\n C-style comment (/* ... */) with a single space. Multiple consecutive\n occurrences are not compressed. Unterminated comments are also replaced with a space (ASCII\n 0x20). However, a standalone termination of a comment (*/) is not acted upon.
\n REPLACE_NULLS - Replace NULL bytes in the input\n with space characters (ASCII 0x20).
\n SQL_HEX_DECODE - Decode SQL hex data. Example\n (0x414243) will be decoded to (ABC).
\n URL_DECODE - Decode a URL-encoded value.
\n\n URL_DECODE_UNI - Like URL_DECODE, but\n with support for Microsoft-specific %u encoding. If the code is in the\n full-width ASCII code range of FF01-FF5E, the higher byte is used to detect\n and adjust the lower byte. Otherwise, only the lower byte is used and the higher byte is\n zeroed.
\n UTF8_TO_UNICODE - Convert all UTF-8 character\n sequences to Unicode. This helps input normalization, and minimizing false-positives and\n false-negatives for non-English languages.
", "smithy.api#required": {} } } @@ -7850,7 +7871,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates the specified IPSet.
\nThis operation completely replaces the mutable specifications that you already have for the IP set with the ones that you provide to this call. To modify the IP set, retrieve it by calling GetIPSet, update the settings as needed, and then provide the complete IP set specification to this call.
\nWhen you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.
" + "smithy.api#documentation": "Updates the specified IPSet.
\nThis operation completely replaces the mutable specifications that you already have for the IP set with the ones that you provide to this call. To modify the IP set, retrieve it by calling GetIPSet, update the settings as needed, and then provide the complete IP set specification to this call.
\nWhen you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.
" } }, "com.amazonaws.wafv2#UpdateIPSetRequest": { @@ -7936,7 +7957,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates the expiration information for your managed rule set. Use this to initiate the\n expiration of a managed rule group version. After you initiate expiration for a version,\n WAF excludes it from the reponse to ListAvailableManagedRuleGroupVersions for the managed rule group.
\nThis is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers.
\nVendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are ListManagedRuleSets, GetManagedRuleSet, PutManagedRuleSetVersions, and UpdateManagedRuleSetVersionExpiryDate.
Updates the expiration information for your managed rule set. Use this to initiate the\n expiration of a managed rule group version. After you initiate expiration for a version,\n WAF excludes it from the response to ListAvailableManagedRuleGroupVersions for the managed rule group.
\nThis is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers.
\nVendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are ListManagedRuleSets, GetManagedRuleSet, PutManagedRuleSetVersions, and UpdateManagedRuleSetVersionExpiryDate.
Updates the specified RegexPatternSet.
\nThis operation completely replaces the mutable specifications that you already have for the regex pattern set with the ones that you provide to this call. To modify the regex pattern set, retrieve it by calling GetRegexPatternSet, update the settings as needed, and then provide the complete regex pattern set specification to this call.
\nWhen you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.
" + "smithy.api#documentation": "Updates the specified RegexPatternSet.
\nThis operation completely replaces the mutable specifications that you already have for the regex pattern set with the ones that you provide to this call. To modify the regex pattern set, retrieve it by calling GetRegexPatternSet, update the settings as needed, and then provide the complete regex pattern set specification to this call.
\nWhen you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.
" } }, "com.amazonaws.wafv2#UpdateRegexPatternSetRequest": { @@ -8142,7 +8163,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates the specified RuleGroup.
\nThis operation completely replaces the mutable specifications that you already have for the rule group with the ones that you provide to this call. To modify the rule group, retrieve it by calling GetRuleGroup, update the settings as needed, and then provide the complete rule group specification to this call.
\nWhen you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.
\nA rule group defines a collection of rules to inspect and control web requests that you can use in a WebACL. When you create a rule group, you define an immutable capacity limit. If you update a rule group, you must stay within the capacity. This allows others to reuse the rule group with confidence in its capacity requirements.
" + "smithy.api#documentation": "Updates the specified RuleGroup.
\nThis operation completely replaces the mutable specifications that you already have for the rule group with the ones that you provide to this call. To modify the rule group, retrieve it by calling GetRuleGroup, update the settings as needed, and then provide the complete rule group specification to this call.
\nWhen you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.
\nA rule group defines a collection of rules to inspect and control web requests that you can use in a WebACL. When you create a rule group, you define an immutable capacity limit. If you update a rule group, you must stay within the capacity. This allows others to reuse the rule group with confidence in its capacity requirements.
" } }, "com.amazonaws.wafv2#UpdateRuleGroupRequest": { @@ -8261,7 +8282,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates the specified WebACL. While updating a web ACL, WAF provides continous coverage to the resources that you have associated with the web ACL.
\n \nWhen you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.
\nThis operation completely replaces the mutable specifications that you already have for the web ACL with the ones that you provide to this call. To modify the web ACL, retrieve it by calling GetWebACL, update the settings as needed, and then provide the complete web ACL specification to this call.
\nA web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, or an AppSync GraphQL API.
" + "smithy.api#documentation": "Updates the specified WebACL. While updating a web ACL, WAF provides\n continuous coverage to the resources that you have associated with the web ACL.
\n \nWhen you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.
\nThis operation completely replaces the mutable specifications that you already have for the web ACL with the ones that you provide to this call. To modify the web ACL, retrieve it by calling GetWebACL, update the settings as needed, and then provide the complete web ACL specification to this call.
\nA web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, or an AppSync GraphQL API.
" } }, "com.amazonaws.wafv2#UpdateWebACLRequest": { @@ -8350,7 +8371,7 @@ "type": "structure", "members": {}, "traits": { - "smithy.api#documentation": "Inspect the path component of the URI of the web request. This is the part of the web request that identifies a resource. For example, /images/daily-ad.jpg.
This is used only in the FieldToMatch specification for some web request component types.
\nJSON specification: \"UriPath\": {}\n
Inspect the path component of the URI of the web request. This is the part of the web\n request that identifies a resource. For example, /images/daily-ad.jpg.
This is used only in the FieldToMatch specification for some web request component types.
\nJSON specification: \"UriPath\": {}\n
Details about your login page username field, used in a ManagedRuleGroupConfig.
Details about your login page username field, used in a\n ManagedRuleGroupConfig.
A name of the Amazon CloudWatch metric. The name can contain only the characters: A-Z, a-z, 0-9,\n - (hyphen), and _ (underscore). The name can be from one to 128 characters long. It can't\n contain whitespace or metric names reserved for WAF, for example \"All\" and\n \"Default_Action.\"
", + "smithy.api#documentation": "A name of the Amazon CloudWatch metric. The name can contain only the characters: A-Z, a-z, 0-9,\n - (hyphen), and _ (underscore). The name can be from one to 128 characters long. It can't\n contain whitespace or metric names reserved for WAF, for example All and\n Default_Action.
WAF couldn’t perform the operation because your resource is being used by another resource or it’s associated with another resource.
\nFor DeleteWebACL, you will only get this exception if the web ACL is still associated with \n a regional resource. Deleting a web ACL that is still associated with an Amazon CloudFront distribution won't get this exception.
WAF couldn’t perform the operation because your resource is being used by another\n resource or it’s associated with another resource.
\nFor DeleteWebACL, you will only get this exception if the web ACL is still\n associated with a regional resource. Deleting a web ACL that is still associated with an\n Amazon CloudFront distribution won't get this exception.
The operation failed because you are inspecting the web request body, headers, or cookies without specifying how to handle oversize components. \n Rules that inspect the body must either provide an OversizeHandling configuration or they must \n be preceded by a SizeConstraintStatement that blocks the body content from being too large. \n Rules that inspect the headers or cookies must provide an OversizeHandling configuration.
Provide the handling configuration and retry your operation.
\nAlternately, you can suppress this warning by adding the following tag to the resource that you provide to this operation: Tag (key:WAF:OversizeFieldsHandlingConstraintOptOut, value:true).
The operation failed because you are inspecting the web request body, headers, or\n cookies without specifying how to handle oversize components. Rules that inspect the body\n must either provide an OversizeHandling configuration or they must be preceded\n by a SizeConstraintStatement that blocks the body content from being too\n large. Rules that inspect the headers or cookies must provide an\n OversizeHandling configuration.
Provide the handling configuration and retry your operation.
\nAlternately, you can suppress this warning by adding the following tag to the resource\n that you provide to this operation: Tag\n (key:WAF:OversizeFieldsHandlingConstraintOptOut,\n value:true).
The operation failed because WAF didn't recognize a parameter in the request. For\n example:
\nYou specified a parameter name or value that isn't valid.
\nYour nested statement isn't valid. You might have tried to nest a statement that\n can’t be nested.
\nYou tried to update a WebACL with a DefaultAction that\n isn't among the types available at DefaultAction.
Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL can't be associated.
\nThe operation failed because WAF didn't recognize a parameter in the request. For\n example:
\nYou specified a parameter name or value that isn't valid.
\nYour nested statement isn't valid. You might have tried to nest a statement that\n can’t be nested.
\nYou tried to update a WebACL with a DefaultAction that\n isn't among the types available at DefaultAction.
Your request references an ARN that is malformed, or corresponds to a resource\n with which a web ACL can't be associated.
\nThe operation failed because you don't have the permissions that your logging configuration requires. For information, see\n Logging web ACL traffic information\n in the WAF Developer Guide.
", + "smithy.api#documentation": "The operation failed because you don't have the permissions that your logging\n configuration requires. For information, see Logging web ACL traffic information\n in the WAF Developer Guide.
", "smithy.api#error": "client" } }, @@ -8664,7 +8685,7 @@ } }, "traits": { - "smithy.api#documentation": "WAF couldn’t perform your tagging operation because of an internal error. Retry\n ybjectNoteWebRequestComponentour request.
", + "smithy.api#documentation": "WAF couldn’t perform your tagging operation because of an internal error. Retry\n your request.
", "smithy.api#error": "server" } }, @@ -8676,7 +8697,7 @@ } }, "traits": { - "smithy.api#documentation": "WAF couldn’t retrieve a resource that you specified for this operation. Verify the resources that you are specifying in your request parameters and then retry the operation.
", + "smithy.api#documentation": "WAF couldn’t retrieve a resource that you specified for this operation. Verify the\n resources that you are specifying in your request parameters and then retry the\n operation.
", "smithy.api#error": "client" } }, @@ -8827,7 +8848,7 @@ "FieldToMatch": { "target": "com.amazonaws.wafv2#FieldToMatch", "traits": { - "smithy.api#documentation": "The part of the web request that you want WAF to inspect. For more information, see FieldToMatch.
", + "smithy.api#documentation": "The part of the web request that you want WAF to inspect.
", "smithy.api#required": {} } }, @@ -8840,7 +8861,7 @@ } }, "traits": { - "smithy.api#documentation": "A rule statement that defines a cross-site scripting (XSS) match search for WAF to apply to web requests. \n XSS attacks are those where the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious \n client-site scripts into other legitimate web browsers. \n The XSS match statement provides the location in requests that you want WAF to search and text transformations \n to use on the search area before WAF searches for character sequences that are likely to be malicious strings.
" + "smithy.api#documentation": "A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker \nuses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers.
" } } } diff --git a/codegen/sdk/aws-models/workspaces.json b/codegen/sdk/aws-models/workspaces.json index 1d4b75881cd..be80260ad1c 100644 --- a/codegen/sdk/aws-models/workspaces.json +++ b/codegen/sdk/aws-models/workspaces.json @@ -475,7 +475,7 @@ "traits": { "smithy.api#length": { "min": 0, - "max": 850 + "max": 2000 }, "smithy.api#pattern": "^.*$" } @@ -3160,6 +3160,9 @@ }, { "target": "com.amazonaws.workspaces#ResourceLimitExceededException" + }, + { + "target": "com.amazonaws.workspaces#ResourceNotFoundException" } ], "traits": { diff --git a/gradle.properties b/gradle.properties index 57f0e2fff74..2d940e97fe9 100644 --- a/gradle.properties +++ b/gradle.properties @@ -12,7 +12,7 @@ sdkVersion=0.17.1-SNAPSHOT smithyVersion=1.22.0 smithyGradleVersion=0.5.3 # smithy-kotlin codegen and runtime are versioned together -smithyKotlinVersion=0.12.1-SNAPSHOT +smithyKotlinVersion=0.12.1 # kotlin kotlinVersion=1.7.0 @@ -39,4 +39,4 @@ slf4jVersion=1.7.36 # dokka config (values specified at build-time as needed) smithyKotlinPackageListUrl= -smithyKotlinDocBaseUrl=https://docs.aws.amazon.com/sdk-for-kotlin/latest/reference/smithy-kotlin \ No newline at end of file +smithyKotlinDocBaseUrl=https://docs.aws.amazon.com/sdk-for-kotlin/latest/reference/smithy-kotlin