From 73462cdedc224b869512fd75f9f7e8c3ae0a2cd9 Mon Sep 17 00:00:00 2001 From: Ian Smith Botsford Date: Thu, 4 Aug 2022 15:01:39 +0000 Subject: [PATCH] chore: sync AWS models --- .../14f5e767-d5da-4f42-ac86-63838fb70350.json | 5 + .../aws-models/cognito-identity-provider.json | 143 +- codegen/sdk/aws-models/config-service.json | 52 +- codegen/sdk/aws-models/ec2.json | 128 +- .../sdk/aws-models/elasticsearch-service.json | 30 +- codegen/sdk/aws-models/fsx.json | 6 +- .../license-manager-user-subscriptions.json | 1303 +++++++++++++++++ codegen/sdk/aws-models/lookoutvision.json | 102 +- codegen/sdk/aws-models/opensearch.json | 24 +- codegen/sdk/aws-models/personalize.json | 149 +- codegen/sdk/aws-models/shield.json | 230 ++- codegen/sdk/aws-models/wafv2.json | 95 +- codegen/sdk/aws-models/workspaces.json | 139 ++ 13 files changed, 2132 insertions(+), 274 deletions(-) create mode 100644 .changes/14f5e767-d5da-4f42-ac86-63838fb70350.json create mode 100644 codegen/sdk/aws-models/license-manager-user-subscriptions.json diff --git a/.changes/14f5e767-d5da-4f42-ac86-63838fb70350.json b/.changes/14f5e767-d5da-4f42-ac86-63838fb70350.json new file mode 100644 index 00000000000..257553a275f --- /dev/null +++ b/.changes/14f5e767-d5da-4f42-ac86-63838fb70350.json @@ -0,0 +1,5 @@ +{ + "id": "14f5e767-d5da-4f42-ac86-63838fb70350", + "type": "misc", + "description": "Sync AWS service models" +} \ No newline at end of file diff --git a/codegen/sdk/aws-models/cognito-identity-provider.json b/codegen/sdk/aws-models/cognito-identity-provider.json index eddf9487c9a..d0ea83c79bf 100644 --- a/codegen/sdk/aws-models/cognito-identity-provider.json +++ b/codegen/sdk/aws-models/cognito-identity-provider.json @@ -2758,7 +2758,7 @@ "message": { "target": "com.amazonaws.cognitoidentityprovider#MessageType", "traits": { - "smithy.api#documentation": "

The message sent to the user when an alias exists.

" + "smithy.api#documentation": "

The message that Amazon Cognito sends to the user when the value of an alias attribute is already linked to another user profile.

" } } }, @@ -2842,6 +2842,9 @@ { "target": "com.amazonaws.cognitoidentityprovider#ConcurrentModificationException" }, + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -2859,7 +2862,7 @@ } ], "traits": { - "smithy.api#documentation": "

Begins setup of time-based one-time password multi-factor authentication (TOTP MFA)\n for a user, with a unique private key that Amazon Cognito generates and returns in the API\n response. You can authorize an AssociateSoftwareToken request with either\n the user's access token, or a session string from a challenge response that you received\n from Amazon Cognito.

\n \n

Amazon Cognito disassociates an existing software token when you verify the new token in a\n VerifySoftwareToken API request. If you don't verify the software\n token and your user pool doesn't require MFA, the user can then authenticate with\n user name and password credentials alone. If your user pool requires TOTP MFA, Amazon Cognito\n generates an MFA_SETUP or SOFTWARE_TOKEN_SETUP challenge\n each time your user signs. Complete setup with AssociateSoftwareToken\n and VerifySoftwareToken.

\n

After you set up software token MFA for your user, Amazon Cognito generates a\n SOFTWARE_TOKEN_MFA challenge when they authenticate. Respond to\n this challenge with your user's TOTP.

\n " + "smithy.api#documentation": "

Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA)\n for a user, with a unique private key that Amazon Cognito generates and returns in the API\n response. You can authorize an AssociateSoftwareToken request with either\n the user's access token, or a session string from a challenge response that you received\n from Amazon Cognito.

\n \n

Amazon Cognito disassociates an existing software token when you verify the new token in a\n VerifySoftwareToken API request. If you don't verify the software\n token and your user pool doesn't require MFA, the user can then authenticate with\n user name and password credentials alone. If your user pool requires TOTP MFA, Amazon Cognito\n generates an MFA_SETUP or SOFTWARE_TOKEN_SETUP challenge\n each time your user signs. Complete setup with AssociateSoftwareToken\n and VerifySoftwareToken.

\n

After you set up software token MFA for your user, Amazon Cognito generates a\n SOFTWARE_TOKEN_MFA challenge when they authenticate. Respond to\n this challenge with your user's TOTP.

\n " } }, "com.amazonaws.cognitoidentityprovider#AssociateSoftwareTokenRequest": { @@ -2885,7 +2888,7 @@ "SecretCode": { "target": "com.amazonaws.cognitoidentityprovider#SecretCodeType", "traits": { - "smithy.api#documentation": "

A unique generated shared secret code that is used in the time-based one-time password\n (TOTP) algorithm to generate a one-time code.

" + "smithy.api#documentation": "

A unique generated shared secret code that is used in the\n TOTP algorithm to generate a one-time code.

" } }, "Session": { @@ -3312,6 +3315,9 @@ "target": "com.amazonaws.cognitoidentityprovider#ChangePasswordResponse" }, "errors": [ + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -3591,6 +3597,9 @@ "target": "com.amazonaws.cognitoidentityprovider#ConfirmDeviceResponse" }, "errors": [ + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -3695,6 +3704,9 @@ { "target": "com.amazonaws.cognitoidentityprovider#ExpiredCodeException" }, + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -3767,14 +3779,14 @@ "ConfirmationCode": { "target": "com.amazonaws.cognitoidentityprovider#ConfirmationCodeType", "traits": { - "smithy.api#documentation": "

The confirmation code sent by a user's request to retrieve a forgotten password. For\n more information, see ForgotPassword.

", + "smithy.api#documentation": "

The confirmation code from your user's request to reset their password. For\n more information, see ForgotPassword.

", "smithy.api#required": {} } }, "Password": { "target": "com.amazonaws.cognitoidentityprovider#PasswordType", "traits": { - "smithy.api#documentation": "

The password sent by a user's request to retrieve a forgotten password.

", + "smithy.api#documentation": "

The new password that your user wants to set.

", "smithy.api#required": {} } }, @@ -3826,6 +3838,9 @@ { "target": "com.amazonaws.cognitoidentityprovider#ExpiredCodeException" }, + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -4454,13 +4469,13 @@ "ExplicitAuthFlows": { "target": "com.amazonaws.cognitoidentityprovider#ExplicitAuthFlowsListType", "traits": { - "smithy.api#documentation": "

The authentication flows that are supported by the user pool clients. Flow names\n without the ALLOW_ prefix are no longer supported, in favor of new names\n with the ALLOW_ prefix.

\n \n

Values with ALLOW_ prefix must be used only along with the\n ALLOW_ prefix.

\n \n

Valid values include:

\n \n

If you don't specify a value for ExplicitAuthFlows, your app client\n activates the ALLOW_USER_SRP_AUTH and ALLOW_CUSTOM_AUTH\n authentication flows.

" + "smithy.api#documentation": "

The authentication flows that are supported by the user pool clients. Flow names\n without the ALLOW_ prefix are no longer supported, in favor of new names\n with the ALLOW_ prefix.

\n \n

Values with ALLOW_ prefix must be used only along with the\n ALLOW_ prefix.

\n \n

Valid values include:

\n
\n
ALLOW_ADMIN_USER_PASSWORD_AUTH
\n
\n

Enable admin based user password\n authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces\n the ADMIN_NO_SRP_AUTH setting. With this authentication flow, Amazon Cognito\n receives the password in the request instead of using the Secure Remote Password\n (SRP) protocol to verify passwords.

\n
\n
ALLOW_CUSTOM_AUTH
\n
\n

Enable Lambda trigger based authentication.

\n
\n
ALLOW_USER_PASSWORD_AUTH
\n
\n

Enable user password-based\n authentication. In this flow, Amazon Cognito receives the password in the request instead\n of using the SRP protocol to verify passwords.

\n
\n
ALLOW_USER_SRP_AUTH
\n
\n

Enable SRP-based authentication.

\n
\n
ALLOW_REFRESH_TOKEN_AUTH
\n
\n

Enable the authflow that refreshes tokens.

\n
\n
\n

If you don't specify a value for ExplicitAuthFlows, your user client\n supports ALLOW_USER_SRP_AUTH and ALLOW_CUSTOM_AUTH.

" } }, "SupportedIdentityProviders": { "target": "com.amazonaws.cognitoidentityprovider#SupportedIdentityProvidersListType", "traits": { - "smithy.api#documentation": "

A list of provider names for the IdPs that this client supports. The following are\n supported: COGNITO, Facebook, Google\n LoginWithAmazon, and the names of your own SAML and OIDC providers.

" + "smithy.api#documentation": "

A list of provider names for the identity providers (IdPs) that are supported on this\n client. The following are supported: COGNITO, Facebook,\n Google, SignInWithApple, and LoginWithAmazon. You can also specify the names\n that you configured for the SAML and OIDC IdPs in your user pool, for example\n MySAMLIdP or MyOIDCIdP.

" } }, "CallbackURLs": { @@ -4656,13 +4671,13 @@ "EmailVerificationMessage": { "target": "com.amazonaws.cognitoidentityprovider#EmailVerificationMessageType", "traits": { - "smithy.api#documentation": "

A string representing the email verification message. EmailVerificationMessage is\n allowed only if EmailSendingAccount is DEVELOPER.

" + "smithy.api#documentation": "

A string representing the email verification message.\n EmailVerificationMessage is allowed only if EmailSendingAccount is DEVELOPER.

" } }, "EmailVerificationSubject": { "target": "com.amazonaws.cognitoidentityprovider#EmailVerificationSubjectType", "traits": { - "smithy.api#documentation": "

A string representing the email verification subject. EmailVerificationSubject is\n allowed only if EmailSendingAccount is DEVELOPER.

" + "smithy.api#documentation": "

A string representing the email verification subject.\n EmailVerificationSubject is allowed only if EmailSendingAccount is DEVELOPER.

" } }, "VerificationMessageTemplate": { @@ -4686,13 +4701,13 @@ "UserAttributeUpdateSettings": { "target": "com.amazonaws.cognitoidentityprovider#UserAttributeUpdateSettingsType", "traits": { - "smithy.api#documentation": "

The settings for updates to user attributes. These settings include the property AttributesRequireVerificationBeforeUpdate,\na user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For\nmore information, see \nVerifying updates to to email addresses and phone numbers.

" + "smithy.api#documentation": "

The settings for updates to user attributes. These settings include the property AttributesRequireVerificationBeforeUpdate,\na user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For\nmore information, see \nVerifying updates to email addresses and phone numbers.

" } }, "DeviceConfiguration": { "target": "com.amazonaws.cognitoidentityprovider#DeviceConfigurationType", "traits": { - "smithy.api#documentation": "

The device configuration.

" + "smithy.api#documentation": "

The device-remembering configuration for a user pool. A null value indicates that you have deactivated device remembering in your user pool.

\n \n

When you provide a value for any DeviceConfiguration field, you activate the Amazon Cognito device-remembering feature.

\n " } }, "EmailConfiguration": { @@ -5039,6 +5054,9 @@ "target": "smithy.api#Unit" }, "errors": [ + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -5079,6 +5097,9 @@ "target": "com.amazonaws.cognitoidentityprovider#DeleteUserAttributesResponse" }, "errors": [ + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -5759,18 +5780,18 @@ "ChallengeRequiredOnNewDevice": { "target": "com.amazonaws.cognitoidentityprovider#BooleanType", "traits": { - "smithy.api#documentation": "

When true, device authentication can replace SMS and time-based one-time password\n (TOTP) factors for multi-factor authentication (MFA).

\n \n

Users that sign in with devices that have not been confirmed or remembered will\n still have to provide a second factor, whether or not ChallengeRequiredOnNewDevice\n is true, when your user pool requires MFA.

\n " + "smithy.api#documentation": "

When true, device authentication can replace SMS and time-based one-time password (TOTP) factors for multi-factor authentication (MFA).

\n \n

Regardless of the value of this field, users that sign in with new devices that have not been confirmed or remembered must provide a second factor if your user pool requires MFA.

\n " } }, "DeviceOnlyRememberedOnUserPrompt": { "target": "com.amazonaws.cognitoidentityprovider#BooleanType", "traits": { - "smithy.api#documentation": "

When true, users can opt in to remembering their device. Your app code must use\n callback functions to return the user's choice.

" + "smithy.api#documentation": "

When true, Amazon Cognito doesn't remember newly-confirmed devices. Users who want to authenticate with their device \n can instead opt in to remembering their device. To collect a choice from your user, create an input prompt \n in your app and return the value that the user chooses in an UpdateDeviceStatus API request.

" } } }, "traits": { - "smithy.api#documentation": "

The device tracking configuration for a user pool. A user pool with device tracking\n deactivated returns a null value.

\n \n

When you provide values for any DeviceConfiguration field, you activate device\n tracking.

\n " + "smithy.api#documentation": "

The device-remembering configuration for a user pool. A null value indicates that you have deactivated device remembering in your user pool.

\n \n

When you provide a value for any DeviceConfiguration field, you activate the Amazon Cognito device-remembering feature.

\n " } }, "com.amazonaws.cognitoidentityprovider#DeviceKeyType": { @@ -6355,6 +6376,22 @@ ] } }, + "com.amazonaws.cognitoidentityprovider#ForbiddenException": { + "type": "structure", + "members": { + "message": { + "target": "com.amazonaws.cognitoidentityprovider#MessageType", + "traits": { + "smithy.api#documentation": "

The message returned when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

This exception is thrown when WAF doesn't allow your request based on a web ACL that's associated with your user pool.

", + "smithy.api#error": "client", + "smithy.api#httpError": 403 + } + }, "com.amazonaws.cognitoidentityprovider#ForceAliasCreation": { "type": "boolean" }, @@ -6367,6 +6404,9 @@ "target": "smithy.api#Unit" }, "errors": [ + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -6432,6 +6472,9 @@ { "target": "com.amazonaws.cognitoidentityprovider#CodeDeliveryFailureException" }, + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -6614,6 +6657,9 @@ "target": "com.amazonaws.cognitoidentityprovider#GetDeviceResponse" }, "errors": [ + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -6921,6 +6967,9 @@ "target": "com.amazonaws.cognitoidentityprovider#GetUserResponse" }, "errors": [ + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -6964,6 +7013,9 @@ { "target": "com.amazonaws.cognitoidentityprovider#CodeDeliveryFailureException" }, + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -7105,19 +7157,19 @@ "SmsMfaConfiguration": { "target": "com.amazonaws.cognitoidentityprovider#SmsMfaConfigType", "traits": { - "smithy.api#documentation": "

The SMS text message multi-factor (MFA) configuration.

" + "smithy.api#documentation": "

The SMS text message multi-factor authentication (MFA) configuration.

" } }, "SoftwareTokenMfaConfiguration": { "target": "com.amazonaws.cognitoidentityprovider#SoftwareTokenMfaConfigType", "traits": { - "smithy.api#documentation": "

The software token multi-factor (MFA) configuration.

" + "smithy.api#documentation": "

The software token multi-factor authentication (MFA) configuration.

" } }, "MfaConfiguration": { "target": "com.amazonaws.cognitoidentityprovider#UserPoolMfaType", "traits": { - "smithy.api#documentation": "

The multi-factor (MFA) configuration. Valid values include:

\n " + "smithy.api#documentation": "

The multi-factor authentication (MFA) configuration. Valid values include:

\n " } } } @@ -7186,6 +7238,9 @@ "target": "com.amazonaws.cognitoidentityprovider#GlobalSignOutResponse" }, "errors": [ + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -7479,6 +7534,9 @@ "target": "com.amazonaws.cognitoidentityprovider#InitiateAuthResponse" }, "errors": [ + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -7728,7 +7786,7 @@ } }, "traits": { - "smithy.api#documentation": "

This exception is thrown when the trust relationship is not valid for the role\n provided for SMS configuration. This can happen if you don't trust\n cognito-idp.amazonaws.com or the external ID provided in the role does\n not match what is provided in the SMS configuration for the user pool.

", + "smithy.api#documentation": "

This exception is thrown when the trust relationship is not valid for the role\n provided for SMS configuration. This can happen if you don't trust\n cognito-idp.amazonaws.com or the external ID provided in the role does\n not match what is provided in the SMS configuration for the user pool.

", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -7860,6 +7918,9 @@ "target": "com.amazonaws.cognitoidentityprovider#ListDevicesResponse" }, "errors": [ + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -9291,6 +9352,9 @@ { "target": "com.amazonaws.cognitoidentityprovider#CodeDeliveryFailureException" }, + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -9542,6 +9606,9 @@ { "target": "com.amazonaws.cognitoidentityprovider#ExpiredCodeException" }, + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -9693,6 +9760,9 @@ "target": "com.amazonaws.cognitoidentityprovider#RevokeTokenResponse" }, "errors": [ + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -10198,6 +10268,9 @@ "target": "com.amazonaws.cognitoidentityprovider#SetUserMFAPreferenceResponse" }, "errors": [ + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -10236,7 +10309,7 @@ "SoftwareTokenMfaSettings": { "target": "com.amazonaws.cognitoidentityprovider#SoftwareTokenMfaSettingsType", "traits": { - "smithy.api#documentation": "

The time-based one-time password software token MFA settings.

" + "smithy.api#documentation": "

The time-based one-time password (TOTP) software token MFA settings.

" } }, "AccessToken": { @@ -10349,6 +10422,9 @@ "target": "com.amazonaws.cognitoidentityprovider#SetUserSettingsResponse" }, "errors": [ + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -10418,6 +10494,9 @@ { "target": "com.amazonaws.cognitoidentityprovider#CodeDeliveryFailureException" }, + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -11304,6 +11383,9 @@ "target": "com.amazonaws.cognitoidentityprovider#UpdateDeviceStatusResponse" }, "errors": [ + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -11623,6 +11705,9 @@ { "target": "com.amazonaws.cognitoidentityprovider#ExpiredCodeException" }, + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -11867,7 +11952,7 @@ "SupportedIdentityProviders": { "target": "com.amazonaws.cognitoidentityprovider#SupportedIdentityProvidersListType", "traits": { - "smithy.api#documentation": "

A list of provider names for the IdPs that this client supports. The following are\n supported: COGNITO, Facebook, Google\n LoginWithAmazon, and the names of your own SAML and OIDC providers.

" + "smithy.api#documentation": "

A list of provider names for the IdPs that this client supports. The following are\n supported: COGNITO, Facebook, Google, SignInWithApple,\n LoginWithAmazon, and the names of your own SAML and OIDC providers.

" } }, "CallbackURLs": { @@ -12082,7 +12167,7 @@ "UserAttributeUpdateSettings": { "target": "com.amazonaws.cognitoidentityprovider#UserAttributeUpdateSettingsType", "traits": { - "smithy.api#documentation": "

The settings for updates to user attributes. These settings include the property AttributesRequireVerificationBeforeUpdate,\na user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For\nmore information, see \nVerifying updates to to email addresses and phone numbers.

" + "smithy.api#documentation": "

The settings for updates to user attributes. These settings include the property AttributesRequireVerificationBeforeUpdate,\na user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For\nmore information, see \nVerifying updates to email addresses and phone numbers.

" } }, "MfaConfiguration": { @@ -12094,7 +12179,7 @@ "DeviceConfiguration": { "target": "com.amazonaws.cognitoidentityprovider#DeviceConfigurationType", "traits": { - "smithy.api#documentation": "

Device configuration.

" + "smithy.api#documentation": "

The device-remembering configuration for a user pool. A null value indicates that you have deactivated device remembering in your user pool.

\n \n

When you provide a value for any DeviceConfiguration field, you activate the Amazon Cognito device-remembering feature.

\n " } }, "EmailConfiguration": { @@ -12156,7 +12241,7 @@ } }, "traits": { - "smithy.api#documentation": "

The settings for updates to user attributes. These settings include the property AttributesRequireVerificationBeforeUpdate,\na user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For\nmore information, see \nVerifying updates to to email addresses and phone numbers.

" + "smithy.api#documentation": "

The settings for updates to user attributes. These settings include the property AttributesRequireVerificationBeforeUpdate,\na user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For\nmore information, see \nVerifying updates to email addresses and phone numbers.

" } }, "com.amazonaws.cognitoidentityprovider#UserContextDataType": { @@ -12559,7 +12644,7 @@ "SupportedIdentityProviders": { "target": "com.amazonaws.cognitoidentityprovider#SupportedIdentityProvidersListType", "traits": { - "smithy.api#documentation": "

A list of provider names for the IdPs that this client supports. The following are\n supported: COGNITO, Facebook, Google\n LoginWithAmazon, and the names of your own SAML and OIDC providers.

" + "smithy.api#documentation": "

A list of provider names for the IdPs that this client supports. The following are\n supported: COGNITO, Facebook, Google, SignInWithApple,\n LoginWithAmazon, and the names of your own SAML and OIDC providers.

" } }, "CallbackURLs": { @@ -12861,7 +12946,7 @@ "UserAttributeUpdateSettings": { "target": "com.amazonaws.cognitoidentityprovider#UserAttributeUpdateSettingsType", "traits": { - "smithy.api#documentation": "

The settings for updates to user attributes. These settings include the property AttributesRequireVerificationBeforeUpdate,\na user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For\nmore information, see \nVerifying updates to to email addresses and phone numbers.

" + "smithy.api#documentation": "

The settings for updates to user attributes. These settings include the property AttributesRequireVerificationBeforeUpdate,\na user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For\nmore information, see \nVerifying updates to email addresses and phone numbers.

" } }, "MfaConfiguration": { @@ -12873,7 +12958,7 @@ "DeviceConfiguration": { "target": "com.amazonaws.cognitoidentityprovider#DeviceConfigurationType", "traits": { - "smithy.api#documentation": "

The device configuration.

" + "smithy.api#documentation": "

The device-remembering configuration for a user pool. A null value indicates that you have deactivated device remembering in your user pool.

\n \n

When you provide a value for any DeviceConfiguration field, you activate the Amazon Cognito device-remembering feature.

\n " } }, "EstimatedNumberOfUsers": { @@ -13193,6 +13278,9 @@ { "target": "com.amazonaws.cognitoidentityprovider#EnableSoftwareTokenMFAException" }, + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, @@ -13308,6 +13396,9 @@ { "target": "com.amazonaws.cognitoidentityprovider#ExpiredCodeException" }, + { + "target": "com.amazonaws.cognitoidentityprovider#ForbiddenException" + }, { "target": "com.amazonaws.cognitoidentityprovider#InternalErrorException" }, diff --git a/codegen/sdk/aws-models/config-service.json b/codegen/sdk/aws-models/config-service.json index 3500b713e6e..a2907d214d1 100644 --- a/codegen/sdk/aws-models/config-service.json +++ b/codegen/sdk/aws-models/config-service.json @@ -1155,7 +1155,7 @@ "Source": { "target": "com.amazonaws.configservice#Source", "traits": { - "smithy.api#documentation": "

Provides the rule owner (Amazon Web Services or customer), the rule identifier,\n\t\t\tand the notifications that cause the function to evaluate your Amazon Web Services\n\t\t\tresources.

", + "smithy.api#documentation": "

Provides the rule owner (Amazon Web Services for managed rules, CUSTOM_POLICY for Custom Policy rules, and CUSTOM_LAMBDA for Custom Lambda rules), the rule identifier,\n\t\t\tand the notifications that cause the function to evaluate your Amazon Web Services\n\t\t\tresources.

", "smithy.api#required": {} } }, @@ -1180,12 +1180,12 @@ "CreatedBy": { "target": "com.amazonaws.configservice#StringWithCharLimit256", "traits": { - "smithy.api#documentation": "

Service principal name of the service that created the\n\t\t\trule.

\n\t\t \n\t\t\t

The field is populated only if the service linked rule is\n\t\t\t\tcreated by a service. The field is empty if you create your own\n\t\t\t\trule.

\n\t\t " + "smithy.api#documentation": "

Service principal name of the service that created the\n\t\t\trule.

\n\t\t \n\t\t\t

The field is populated only if the service-linked rule is\n\t\t\t\tcreated by a service. The field is empty if you create your own\n\t\t\t\trule.

\n\t\t " } } }, "traits": { - "smithy.api#documentation": "

An Config rule represents an Lambda function that you\n\t\t\tcreate for a custom rule or a predefined function for an Config managed\n\t\t\trule. The function evaluates configuration items to assess whether\n\t\t\tyour Amazon Web Services resources comply with your desired configurations. This\n\t\t\tfunction can run when Config detects a configuration change to\n\t\t\tan Amazon Web Services resource and at a periodic frequency that you choose (for\n\t\t\texample, every 24 hours).

\n\n\t\t \n\t\t\t

You can use the Amazon Web Services CLI and Amazon Web Services SDKs if you want to create\n\t\t\t\ta rule that triggers evaluations for your resources when Config delivers the configuration snapshot. For more\n\t\t\t\tinformation, see ConfigSnapshotDeliveryProperties.

\n\t\t \n\t\t

For more information about developing and using Config\n\t\t\trules, see Evaluating Amazon Web Services resource Configurations with Config\n\t\t\tin the Config Developer Guide.

" + "smithy.api#documentation": "

Config rules evaluate the configuration settings of your Amazon Web Services resources. A rule can run when Config detects a configuration change to\n\t\t\tan Amazon Web Services resource or at a periodic frequency that you choose (for\n\t\t\texample, every 24 hours). There are two types of rules: Config Managed Rules and Config Custom Rules.\n\t\t\tManaged rules are predefined, customizable rules created by Config. For a list of managed rules, see\n\t\t\t\tList of Config\n\t\t\t\t\tManaged Rules.

\n\t\t\n\t\t

Custom rules are rules that you can create using either Guard or Lambda functions.\n\t\t\tGuard (Guard GitHub\n\t\t\t\tRepository) is a policy-as-code language that allows you to write policies that\n\t\t\tare enforced by Config Custom Policy rules. Lambda uses custom code that you upload to\n\t\t\tevaluate a custom rule. It is invoked by events that are published to it by an event source, which Config invokes when the custom rule is initiated.

\n\t\t\n\t\t

For more information about developing and using Config\n\t\t\trules, see Evaluating Amazon Web Services resource Configurations with Config\n\t\t\tin the Config Developer Guide.

\n\n\t\t \n\t\t\t

You can use the Amazon Web Services CLI and Amazon Web Services SDKs if you want to create\n\t\t\t\ta rule that triggers evaluations for your resources when Config delivers the configuration snapshot. For more\n\t\t\t\tinformation, see ConfigSnapshotDeliveryProperties.

\n\t\t " } }, "com.amazonaws.configservice#ConfigRuleComplianceFilters": { @@ -1848,7 +1848,7 @@ "Score": { "target": "com.amazonaws.configservice#ComplianceScore", "traits": { - "smithy.api#documentation": "

Compliance score for the conformance pack.

" + "smithy.api#documentation": "

Compliance score for the conformance pack. Conformance packs with no evaluation results will have a compliance score of INSUFFICIENT_DATA.

" } }, "ConformancePackName": { @@ -1865,7 +1865,7 @@ } }, "traits": { - "smithy.api#documentation": "

A compliance score is the percentage of the number of compliant rule-resource combinations in a conformance pack compared to the number of total possible rule-resource combinations in the conformance pack.\n\t\t\tThis metric provides you with a high-level view of the compliance state of your conformance packs, and can be used to identify, investigate, and understand\n\t\t\tcompliance deviations in your conformance packs.

" + "smithy.api#documentation": "

A compliance score is the percentage of the number of compliant rule-resource combinations in a conformance pack compared to the number of total possible rule-resource combinations in the conformance pack.\n\t\t\tThis metric provides you with a high-level view of the compliance state of your conformance packs, and can be used to identify, investigate, and understand\n\t\t\tthe level of compliance in your conformance packs.

" } }, "com.amazonaws.configservice#ConformancePackComplianceScores": { @@ -1880,13 +1880,13 @@ "ConformancePackNames": { "target": "com.amazonaws.configservice#ConformancePackNameFilter", "traits": { - "smithy.api#documentation": "

The name of a conformance pack whose score should be included in the compliance score result.

", + "smithy.api#documentation": "

The names of the conformance packs whose compliance scores you want to include in the conformance pack compliance score result set.\n\t\t\tYou can include up to 25 conformance packs in the ConformancePackNames array of strings, each with a character limit of 256 characters for the conformance pack name.

", "smithy.api#required": {} } } }, "traits": { - "smithy.api#documentation": "

A list of filters to apply to the conformance pack compliance score result set.

" + "smithy.api#documentation": "

A list of filters to apply to the conformance pack compliance score result set.

" } }, "com.amazonaws.configservice#ConformancePackComplianceSummary": { @@ -3039,7 +3039,7 @@ "s3BucketName": { "target": "com.amazonaws.configservice#String", "traits": { - "smithy.api#documentation": "

The name of the Amazon S3 bucket to which Config delivers\n\t\t\tconfiguration snapshots and configuration history files.

\n\t\t

If you specify a bucket that belongs to another Amazon Web Services account,\n\t\t\tthat bucket must have policies that grant access permissions to Config. For more information, see Permissions for the Amazon S3 Bucket in the Config\n\t\t\tDeveloper Guide.

" + "smithy.api#documentation": "

The name of the Amazon S3 bucket to which Config delivers\n\t\t\tconfiguration snapshots and configuration history files.

\n\t\t

If you specify a bucket that belongs to another Amazon Web Services account,\n\t\t\tthat bucket must have policies that grant access permissions to Config. For more information, see Permissions for the Amazon S3 Bucket in the Config\n\t\t\tDeveloper Guide.

" } }, "s3KeyPrefix": { @@ -3057,7 +3057,7 @@ "snsTopicARN": { "target": "com.amazonaws.configservice#String", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the Amazon SNS topic to which\n\t\t\tConfig sends notifications about configuration\n\t\t\tchanges.

\n\t\t

If you choose a topic from another account, the topic must have\n\t\t\tpolicies that grant access permissions to Config. For more\n\t\t\tinformation, see Permissions for the Amazon SNS Topic in the Config\n\t\t\tDeveloper Guide.

" + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the Amazon SNS topic to which\n\t\t\tConfig sends notifications about configuration\n\t\t\tchanges.

\n\t\t

If you choose a topic from another account, the topic must have\n\t\t\tpolicies that grant access permissions to Config. For more\n\t\t\tinformation, see Permissions for the Amazon SNS Topic in the Config\n\t\t\tDeveloper Guide.

" } }, "configSnapshotDeliveryProperties": { @@ -6573,7 +6573,7 @@ } }, "traits": { - "smithy.api#documentation": "

Indicates one of the following errors:

\n\t\t ", + "smithy.api#documentation": "

Indicates one of the following errors:

\n\t\t ", "smithy.api#error": "client" } }, @@ -6926,7 +6926,7 @@ } ], "traits": { - "smithy.api#documentation": "

Returns a list of conformance pack compliance scores. \n\t\t\tA compliance score is the percentage of the number of compliant rule-resource combinations in a conformance pack compared to the number of total possible rule-resource combinations in the conformance pack.\n\t\t\tThis metric provides you with a high-level view of the compliance state of your conformance packs, and can be used to identify, investigate, and understand\n\t\t\tcompliance deviations in your conformance packs.

", + "smithy.api#documentation": "

Returns a list of conformance pack compliance scores. \n\t\t\tA compliance score is the percentage of the number of compliant rule-resource combinations in a conformance pack compared to the number of total possible rule-resource combinations in the conformance pack.\n\t\t\tThis metric provides you with a high-level view of the compliance state of your conformance packs, and can be used to identify, investigate, and understand\n\t\t\tthe level of compliance in your conformance packs.

\n\t\t \n

Conformance packs with no evaluation results will have a compliance score of INSUFFICIENT_DATA.

\n ", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -6946,13 +6946,13 @@ "SortOrder": { "target": "com.amazonaws.configservice#SortOrder", "traits": { - "smithy.api#documentation": "

Determines the order in which conformance pack compliance scores are sorted. Either in ascending or descending order.

" + "smithy.api#documentation": "

Determines the order in which conformance pack compliance scores are sorted. Either in ascending or descending order.

\n\t\t

Conformance packs with a compliance score of INSUFFICIENT_DATA will be first when sorting by ascending order and last when sorting by descending order.

" } }, "SortBy": { "target": "com.amazonaws.configservice#SortBy", "traits": { - "smithy.api#documentation": "

Sorts your conformance pack compliance scores in either ascending or descending order, depending on SortOrder.

" + "smithy.api#documentation": "

Sorts your conformance pack compliance scores in either ascending or descending order, depending on SortOrder.

\n\t\t

By default, conformance pack compliance scores are sorted in ascending order by compliance score and alphabetically by name of the conformance pack if there is more than one conformance pack with the same compliance score.

" } }, "Limit": { @@ -6981,7 +6981,7 @@ "ConformancePackComplianceScores": { "target": "com.amazonaws.configservice#ConformancePackComplianceScores", "traits": { - "smithy.api#documentation": "

A list of ConformancePackComplianceScore objects

", + "smithy.api#documentation": "

A list of ConformancePackComplianceScore objects.

", "smithy.api#required": {} } } @@ -8768,7 +8768,7 @@ } ], "traits": { - "smithy.api#documentation": "

Adds or updates an Config rule for evaluating whether your\n\t\t\tAmazon Web Services resources comply with your desired configurations.

\n\t\t

You can use this action for Config custom rules and Config\n\t\t\tmanaged rules. A Config custom rule is a rule that you\n\t\t\tdevelop and maintain. An Config managed rule is a customizable,\n\t\t\tpredefined rule that Config provides.

\n\t\t

If you are adding a new Config custom rule, you must first\n\t\t\tcreate the Lambda function that the rule invokes to evaluate\n\t\t\tyour resources. When you use the PutConfigRule action\n\t\t\tto add the rule to Config, you must specify the Amazon Resource\n\t\t\tName (ARN) that Lambda assigns to the function. Specify the ARN\n\t\t\tfor the SourceIdentifier key. This key is part of the\n\t\t\t\tSource object, which is part of the\n\t\t\t\tConfigRule object.

\n\t\t

If you are adding an Config managed rule, specify the\n\t\t\trule's identifier for the SourceIdentifier key. To\n\t\t\treference Config managed rule identifiers, see About Config managed rules.

\n\t\t

For any new rule that you add, specify the\n\t\t\t\tConfigRuleName in the ConfigRule\n\t\t\tobject. Do not specify the ConfigRuleArn or the\n\t\t\tConfigRuleId. These values are generated by Config for new rules.

\n\t\t

If you are updating a rule that you added previously, you can\n\t\t\tspecify the rule by ConfigRuleName,\n\t\t\t\tConfigRuleId, or ConfigRuleArn in the\n\t\t\t\tConfigRule data type that you use in this\n\t\t\trequest.

\n\t\t

For information on how many Config rules you can have per account, \n\t\t\tsee \n Service Limits\n in the Config Developer Guide.

\n\n\t\t

For more information about developing and using Config\n\t\t\trules, see Evaluating Amazon Web Services resource Configurations with Config\n\t\t\tin the Config Developer Guide.

" + "smithy.api#documentation": "

Adds or updates an Config rule to evaluate if your\n\t\t\tAmazon Web Services resources comply with your desired configurations. For information on how many Config rules you can have per account, \n\t\t\tsee \n Service Limits\n in the Config Developer Guide.

\n\t\t\n\t\t

There are two types of rules: Config Custom Rules and Config Managed Rules.\n\t\t\tYou can use PutConfigRule to create both Config custom rules and Config managed rules.

\n\t\t\n\t\t

Custom rules are rules that you can create using either Guard or Lambda functions.\n\t\t\tGuard (Guard GitHub\n\t\t\t\tRepository) is a policy-as-code language that allows you to write policies that\n\t\t\tare enforced by Config Custom Policy rules. Lambda uses custom code that you upload to\n\t\t\tevaluate a custom rule. If you are adding a new Custom Lambda rule,\n\t\t\tyou first need to create an Lambda function that the rule invokes to evaluate\n\t\t\tyour resources. When you use PutConfigRule to add a Custom Lambda rule to Config, you must specify the Amazon Resource\n\t\t\tName (ARN) that Lambda assigns to the function. You specify the ARN\n\t\t\tin the SourceIdentifier key. This key is part of the\n\t\t\tSource object, which is part of the\n\t\t\tConfigRule object.

\n\t\t\n\t\t

Managed rules are predefined,\n\t\t\tcustomizable rules created by Config. For a list of managed rules, see\n\t\t\tList of Config\n\t\t\t\tManaged Rules. If you are adding an Config managed rule, you must specify the\n\t\t\trule's identifier for the SourceIdentifier key.

\n\t\t\n\t\t

For any new rule that you add, specify the\n\t\t\t\tConfigRuleName in the ConfigRule\n\t\t\tobject. Do not specify the ConfigRuleArn or the\n\t\t\tConfigRuleId. These values are generated by Config for new rules.

\n\t\t

If you are updating a rule that you added previously, you can\n\t\t\tspecify the rule by ConfigRuleName,\n\t\t\t\tConfigRuleId, or ConfigRuleArn in the\n\t\t\t\tConfigRule data type that you use in this\n\t\t\trequest.

\n\n\t\t

For more information about developing and using Config\n\t\t\trules, see Evaluating Amazon Web Services resource Configurations with Config\n\t\t\tin the Config Developer Guide.

" } }, "com.amazonaws.configservice#PutConfigRuleRequest": { @@ -8818,7 +8818,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates and updates the configuration aggregator with the\n\t\t\tselected source accounts and regions. The source account can be\n\t\t\tindividual account(s) or an organization.

\n\t\t\n\t\t

\n accountIds that are passed will be replaced with existing accounts.\n\t\t\tIf you want to add additional accounts into the aggregator, call DescribeConfigurationAggregators to get the previous accounts and then append new ones.

\n\t\t \n\t\t\t

Config should be enabled in source accounts and regions\n\t\t\t\tyou want to aggregate.

\n\t\t\t\n\t\t\t

If your source type is an organization, you must be signed in to the management account or a registered delegated administrator and all the features must be enabled in your organization. \n\t\t\t\tIf the caller is a management account, Config calls EnableAwsServiceAccess API to enable integration between Config and Organizations.\n\t\t\t\tIf the caller is a registered delegated administrator, Config calls ListDelegatedAdministrators API to verify whether the caller is a valid delegated administrator.

\n\t\t\t

To register a delegated administrator, see Register a Delegated Administrator in the Config developer guide.

\n\t\t " + "smithy.api#documentation": "

Creates and updates the configuration aggregator with the\n\t\t\tselected source accounts and regions. The source account can be\n\t\t\tindividual account(s) or an organization.

\n\t\t\n\t\t

\n accountIds that are passed will be replaced with existing accounts.\n\t\t\tIf you want to add additional accounts into the aggregator, call DescribeConfigurationAggregators to get the previous accounts and then append new ones.

\n\t\t \n\t\t\t

Config should be enabled in source accounts and regions\n\t\t\t\tyou want to aggregate.

\n\t\t\t\n\t\t\t

If your source type is an organization, you must be signed in to the management account or a registered delegated administrator and all the features must be enabled in your organization. \n\t\t\t\tIf the caller is a management account, Config calls EnableAwsServiceAccess API to enable integration between Config and Organizations.\n\t\t\t\tIf the caller is a registered delegated administrator, Config calls ListDelegatedAdministrators API to verify whether the caller is a valid delegated administrator.

\n\t\t\t

To register a delegated administrator, see Register a Delegated Administrator in the Config developer guide.

\n\t\t " } }, "com.amazonaws.configservice#PutConfigurationAggregatorRequest": { @@ -8929,7 +8929,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates or updates a conformance pack. A conformance pack is a collection of Config rules that can be easily deployed in an account and a region and across Amazon Web Services Organization.\n\t\t\tFor information on how many conformance packs you can have per account, \n\t\t\tsee \n Service Limits\n in the Config Developer Guide.

\n\t\t

This API creates a service linked role AWSServiceRoleForConfigConforms in your account. \n\t\tThe service linked role is created only when the role does not exist in your account.

\n\t\t \n

You must specify either the TemplateS3Uri or the TemplateBody parameter, but not both. \n\t\t\tIf you provide both Config uses the TemplateS3Uri parameter and ignores the TemplateBody parameter.

\n " + "smithy.api#documentation": "

Creates or updates a conformance pack. A conformance pack is a collection of Config rules that can be easily deployed in an account and a region and across Amazon Web Services Organization.\n\t\t\tFor information on how many conformance packs you can have per account, \n\t\t\tsee \n Service Limits\n in the Config Developer Guide.

\n\t\t

This API creates a service-linked role AWSServiceRoleForConfigConforms in your account. \n\t\tThe service-linked role is created only when the role does not exist in your account.

\n\t\t \n

You must specify either the TemplateS3Uri or the TemplateBody parameter, but not both. \n\t\t\tIf you provide both Config uses the TemplateS3Uri parameter and ignores the TemplateBody parameter.

\n " } }, "com.amazonaws.configservice#PutConformancePackRequest": { @@ -9180,7 +9180,7 @@ } ], "traits": { - "smithy.api#documentation": "

Adds or updates organization Config rule for your entire organization evaluating whether your Amazon Web Services resources comply with your \n\t\t\tdesired configurations. For information on how many organization Config rules you can have per account, \n\t\t\tsee \n Service Limits\n in the Config Developer Guide.

\n\t

Only a master account and a delegated administrator can create or update an organization Config rule.\n\t\tWhen calling this API with a delegated administrator, you must ensure Organizations \n\t\tListDelegatedAdministrator permissions are added. An organization can have up to 3 delegated administrators.

\n\t\t

This API enables organization service access through the EnableAWSServiceAccess action and creates a service linked \n\t\t\trole AWSServiceRoleForConfigMultiAccountSetup in the master or delegated administrator account of your organization. \n\t\t\tThe service linked role is created only when the role does not exist in the caller account. \n\t\t\tConfig verifies the existence of role with GetRole action.

\n\t\t

To use this API with delegated administrator, register a delegated administrator by calling Amazon Web Services Organization\n\t\t\tregister-delegated-administrator for config-multiaccountsetup.amazonaws.com.

\n\t\t

You can use this action to create both Config custom rules and Config managed rules. \n\t\t\tIf you are adding a new Config custom rule, you must first create Lambda function in the master account or a delegated \n\t\t\tadministrator that the rule invokes to evaluate your resources. You also need to create an IAM role in the managed-account that can be assumed by the Lambda function.\n\t\t\tWhen you use the PutOrganizationConfigRule action to add the rule to Config, you must \n\t\t\tspecify the Amazon Resource Name (ARN) that Lambda assigns to the function. \n\t\t\tIf you are adding an Config managed rule, specify the rule's identifier for the RuleIdentifier key.

\n\t\t \n

Prerequisite: Ensure you call EnableAllFeatures API to enable all features in an organization.

\n\t\t\t

Specify either OrganizationCustomRuleMetadata or OrganizationManagedRuleMetadata.

\n\t\t\t " + "smithy.api#documentation": "

Adds or updates an Config rule for your entire organization to evaluate if your Amazon Web Services resources comply with your \n\t\t\tdesired configurations. For information on how many organization Config rules you can have per account, \n\t\t\tsee \n Service Limits\n in the Config Developer Guide.

\n\t

Only a master account and a delegated administrator can create or update an organization Config rule.\n\t\tWhen calling this API with a delegated administrator, you must ensure Organizations \n\t\tListDelegatedAdministrator permissions are added. An organization can have up to 3 delegated administrators.

\n\t\t

This API enables organization service access through the EnableAWSServiceAccess action and creates a service-linked \n\t\t\trole AWSServiceRoleForConfigMultiAccountSetup in the master or delegated administrator account of your organization. \n\t\t\tThe service-linked role is created only when the role does not exist in the caller account. \n\t\t\tConfig verifies the existence of role with GetRole action.

\n\t\t

To use this API with delegated administrator, register a delegated administrator by calling Amazon Web Services Organization\n\t\t\tregister-delegated-administrator for config-multiaccountsetup.amazonaws.com.

\n\t\n\t\t

There are two types of rules: Config Custom Rules and Config Managed Rules.\n\t\t\tYou can use PutOrganizationConfigRule to create both Config custom rules and Config managed rules.

\n\t\t\t\n\t\t

Custom rules are rules that you can create using either Guard or Lambda functions.\n\t\t\tGuard (Guard GitHub\n\t\t\t\tRepository) is a policy-as-code language that allows you to write policies that\n\t\t\tare enforced by Config Custom Policy rules. Lambda uses custom code that you upload to\n\t\t\tevaluate a custom rule. If you are adding a new Custom Lambda rule, you first need to create an Lambda function in the master account or a delegated \n\t\tadministrator that the rule invokes to evaluate your resources. You also need to create an IAM role in the managed account that can be assumed by the Lambda function.\n\t\tWhen you use PutOrganizationConfigRule to add a Custom Lambda rule to Config, you must \n\t\t\tspecify the Amazon Resource Name (ARN) that Lambda assigns to the function.

\n\t\t\n\t\t

Managed rules are predefined,\n\t\t\tcustomizable rules created by Config. For a list of managed rules, see\n\t\t\tList of Config\n\t\t\t\tManaged Rules. If you are adding an Config managed rule, you must specify the rule's identifier for the RuleIdentifier key.

\n\t\t\n\t\t\n\t\t \n

Prerequisite: Ensure you call EnableAllFeatures API to enable all features in an organization.

\n\t\t\t

Make sure to specify one of either OrganizationCustomPolicyRuleMetadata for Custom Policy rules, OrganizationCustomRuleMetadata for Custom Lambda rules, or OrganizationManagedRuleMetadata for managed rules.

\n\t\t\t " } }, "com.amazonaws.configservice#PutOrganizationConfigRuleRequest": { @@ -9196,13 +9196,13 @@ "OrganizationManagedRuleMetadata": { "target": "com.amazonaws.configservice#OrganizationManagedRuleMetadata", "traits": { - "smithy.api#documentation": "

An OrganizationManagedRuleMetadata object.

" + "smithy.api#documentation": "

An OrganizationManagedRuleMetadata object. This object specifies organization\n\t\t\tmanaged rule metadata such as resource type and ID of Amazon Web Services resource along with the rule identifier.\n\t\t\tIt also provides the frequency with which you want Config to run evaluations for the rule if the trigger type is periodic.

" } }, "OrganizationCustomRuleMetadata": { "target": "com.amazonaws.configservice#OrganizationCustomRuleMetadata", "traits": { - "smithy.api#documentation": "

An OrganizationCustomRuleMetadata object.

" + "smithy.api#documentation": "

An OrganizationCustomRuleMetadata object. This object specifies organization custom rule metadata such as resource type,\n\t\t\tresource ID of Amazon Web Services resource, Lambda function ARN, and organization trigger types that trigger Config to evaluate your Amazon Web Services resources against a rule.\n\t\t\tIt also provides the frequency with which you want Config to run evaluations for the rule if the trigger type is periodic.

" } }, "ExcludedAccounts": { @@ -9214,7 +9214,7 @@ "OrganizationCustomPolicyRuleMetadata": { "target": "com.amazonaws.configservice#OrganizationCustomPolicyRuleMetadata", "traits": { - "smithy.api#documentation": "

An object that specifies metadata for your organization's Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have debug\n\t\t\tlogging enabled, and other custom rule metadata, such as resource type, resource ID of\n\t\t\t\tAmazon Web Services resource, and organization trigger types that initiate Config to evaluate Amazon Web Services resources against a rule.

" + "smithy.api#documentation": "

An OrganizationCustomPolicyRuleMetadata object. This object specifies metadata for your organization's Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have debug\n\t\t\tlogging enabled, and other custom rule metadata, such as resource type, resource ID of\n\t\t\tAmazon Web Services resource, and organization trigger types that initiate Config to evaluate Amazon Web Services resources against a rule.

" } } } @@ -9265,7 +9265,7 @@ } ], "traits": { - "smithy.api#documentation": "

Deploys conformance packs across member accounts in an Amazon Web Services Organization. For information on how many organization conformance packs and how many Config rules you can have per account, \n\t\t\tsee \n Service Limits\n in the Config Developer Guide.

\n\t\t

Only a master account and a delegated administrator can call this API. \n\t\t\tWhen calling this API with a delegated administrator, you must ensure Organizations \n\t\t\tListDelegatedAdministrator permissions are added. An organization can have up to 3 delegated administrators.

\n\t\t

This API enables organization service access for config-multiaccountsetup.amazonaws.com\n\t\t\tthrough the EnableAWSServiceAccess action and creates a \n\t\t\tservice linked role AWSServiceRoleForConfigMultiAccountSetup in the master or delegated administrator account of your organization. \n\t\t\tThe service linked role is created only when the role does not exist in the caller account. \n\t\t\tTo use this API with delegated administrator, register a delegated administrator by calling Amazon Web Services Organization \n\t\t\tregister-delegate-admin for config-multiaccountsetup.amazonaws.com.

\n\n\t\t\t\n\t\t\t \n\t\t \n\t\t\t

Prerequisite: Ensure you call EnableAllFeatures API to enable all features in an organization.

\n\t\t\t

You must specify either the TemplateS3Uri or the TemplateBody parameter, but not both. \n\t\t\tIf you provide both Config uses the TemplateS3Uri parameter and ignores the TemplateBody parameter.

\n\t\t\t

Config sets the state of a conformance pack to CREATE_IN_PROGRESS and UPDATE_IN_PROGRESS until the conformance pack is created or updated. \n\t\t\t\tYou cannot update a conformance pack while it is in this state.

\n " + "smithy.api#documentation": "

Deploys conformance packs across member accounts in an Amazon Web Services Organization. For information on how many organization conformance packs and how many Config rules you can have per account, \n\t\t\tsee \n Service Limits\n in the Config Developer Guide.

\n\t\t

Only a master account and a delegated administrator can call this API. \n\t\t\tWhen calling this API with a delegated administrator, you must ensure Organizations \n\t\t\tListDelegatedAdministrator permissions are added. An organization can have up to 3 delegated administrators.

\n\t\t

This API enables organization service access for config-multiaccountsetup.amazonaws.com\n\t\t\tthrough the EnableAWSServiceAccess action and creates a \n\t\t\tservice-linked role AWSServiceRoleForConfigMultiAccountSetup in the master or delegated administrator account of your organization. \n\t\t\tThe service-linked role is created only when the role does not exist in the caller account. \n\t\t\tTo use this API with delegated administrator, register a delegated administrator by calling Amazon Web Services Organization \n\t\t\tregister-delegate-admin for config-multiaccountsetup.amazonaws.com.

\n\n\t\t\t\n\t\t\t \n\t\t \n\t\t\t

Prerequisite: Ensure you call EnableAllFeatures API to enable all features in an organization.

\n\t\t\t

You must specify either the TemplateS3Uri or the TemplateBody parameter, but not both. \n\t\t\tIf you provide both Config uses the TemplateS3Uri parameter and ignores the TemplateBody parameter.

\n\t\t\t

Config sets the state of a conformance pack to CREATE_IN_PROGRESS and UPDATE_IN_PROGRESS until the conformance pack is created or updated. \n\t\t\t\tYou cannot update a conformance pack while it is in this state.

\n " } }, "com.amazonaws.configservice#PutOrganizationConformancePackRequest": { @@ -9853,7 +9853,7 @@ "CreatedByService": { "target": "com.amazonaws.configservice#StringWithCharLimit1024", "traits": { - "smithy.api#documentation": "

Name of the service that owns the service linked rule, if applicable.

" + "smithy.api#documentation": "

Name of the service that owns the service-linked rule, if applicable.

" } } }, @@ -11251,7 +11251,7 @@ } ], "traits": { - "smithy.api#documentation": "

Accepts a structured query language (SQL) SELECT command, performs the corresponding search, and returns resource configurations matching the properties.

\n\t\t

For more information about query components, see the \n\t\t\t\n Query Components\n section in the Config Developer Guide.

", + "smithy.api#documentation": "

Accepts a structured query language (SQL) SELECT command, performs the corresponding search, and returns resource configurations matching the properties.

\n\t\t

For more information about query components, see the \n\t\t\t\n Query Components\n section in the Config Developer Guide.

", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -11339,7 +11339,7 @@ "Owner": { "target": "com.amazonaws.configservice#Owner", "traits": { - "smithy.api#documentation": "

Indicates whether Amazon Web Services or the customer owns and manages the Config rule.

\n\t\t\n\t\t

Config Managed Rules are predefined rules owned by Amazon Web Services. For more information, see Config Managed Rules in the Config developer guide.

\n\t\t\n\t\t

Config Custom Rules are rules that you can develop either with Guard (CUSTOM_POLICY) or Lambda (CUSTOM_LAMBDA). For more information, see Config Custom Rules in the Config developer guide.

", + "smithy.api#documentation": "

Indicates whether Amazon Web Services or the customer owns and manages the Config rule.

\n\t\t\n\t\t

Config Managed Rules are predefined rules owned by Amazon Web Services. For more information, see Config Managed Rules in the Config developer guide.

\n\t\t\n\t\t

Config Custom Rules are rules that you can develop either with Guard (CUSTOM_POLICY) or Lambda (CUSTOM_LAMBDA). For more information, see Config Custom Rules in the Config developer guide.

", "smithy.api#required": {} } }, @@ -11363,7 +11363,7 @@ } }, "traits": { - "smithy.api#documentation": "

Provides the CustomPolicyDetails, the rule owner (Amazon Web Services or customer), the rule\n\t\t\tidentifier, and the events that cause the evaluation of your Amazon Web Services\n\t\t\tresources.

" + "smithy.api#documentation": "

Provides the CustomPolicyDetails, the rule owner (Amazon Web Services for managed rules, CUSTOM_POLICY for Custom Policy rules, and CUSTOM_LAMBDA for Custom Lambda rules), the rule\n\t\t\tidentifier, and the events that cause the evaluation of your Amazon Web Services\n\t\t\tresources.

" } }, "com.amazonaws.configservice#SourceDetail": { diff --git a/codegen/sdk/aws-models/ec2.json b/codegen/sdk/aws-models/ec2.json index 09177545928..ec1b6a88772 100644 --- a/codegen/sdk/aws-models/ec2.json +++ b/codegen/sdk/aws-models/ec2.json @@ -1166,7 +1166,7 @@ "target": "com.amazonaws.ec2#AllocateAddressResult" }, "traits": { - "smithy.api#documentation": "

Allocates an Elastic IP address to your Amazon Web Services account. After you allocate the Elastic IP address you can associate \n it with an instance or network interface. After you release an Elastic IP address, it is released to the IP address \n pool and can be allocated to a different Amazon Web Services account.

\n

You can allocate an Elastic IP address from an address pool owned by Amazon Web Services or from an address pool created \n from a public IPv4 address range that you have brought to Amazon Web Services for use with your Amazon Web Services resources using bring your own \n IP addresses (BYOIP). For more information, see Bring Your Own IP Addresses (BYOIP) in the Amazon Elastic Compute Cloud User Guide.

\n

[EC2-VPC] If you release an Elastic IP address, you might be able to recover it. You cannot recover an \n Elastic IP address that you released after it is allocated to another Amazon Web Services account. You cannot recover an Elastic IP\n address for EC2-Classic. To attempt to recover an Elastic IP address that you released, specify it in this operation.

\n

An Elastic IP address is for use either in the EC2-Classic platform or in a VPC. By default, you can allocate\n 5 Elastic IP addresses for EC2-Classic per Region and 5 Elastic IP addresses for EC2-VPC per Region.

\n

For more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.

\n

You can allocate a carrier IP address which is a public IP address from a telecommunication carrier, to a network interface which resides in a subnet in a Wavelength Zone (for example an EC2 instance).

" + "smithy.api#documentation": "

Allocates an Elastic IP address to your Amazon Web Services account. After you allocate the Elastic IP address you can associate \n it with an instance or network interface. After you release an Elastic IP address, it is released to the IP address \n pool and can be allocated to a different Amazon Web Services account.

\n

You can allocate an Elastic IP address from an address pool owned by Amazon Web Services or from an address pool created \n from a public IPv4 address range that you have brought to Amazon Web Services for use with your Amazon Web Services resources using bring your own \n IP addresses (BYOIP). For more information, see Bring Your Own IP Addresses (BYOIP) in the Amazon Elastic Compute Cloud User Guide.

\n

[EC2-VPC] If you release an Elastic IP address, you might be able to recover it. You cannot recover an \n Elastic IP address that you released after it is allocated to another Amazon Web Services account. You cannot recover an Elastic IP\n address for EC2-Classic. To attempt to recover an Elastic IP address that you released, specify it in this operation.

\n

An Elastic IP address is for use either in the EC2-Classic platform or in a VPC. By default, you can allocate\n 5 Elastic IP addresses for EC2-Classic per Region and 5 Elastic IP addresses for EC2-VPC per Region.

\n

For more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.

\n

You can allocate a carrier IP address which is a public IP address from a telecommunication carrier, to a network interface which resides in a subnet in a Wavelength Zone (for example an EC2 instance).

\n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n " } }, "com.amazonaws.ec2#AllocateAddressRequest": { @@ -3985,7 +3985,7 @@ "target": "com.amazonaws.ec2#AssociateAddressResult" }, "traits": { - "smithy.api#documentation": "

Associates an Elastic IP address, or carrier IP address (for instances that are in\n subnets in Wavelength Zones) with an instance or a network interface. Before you can use an\n Elastic IP address, you must allocate it to your account.

\n

An Elastic IP address is for use in either the EC2-Classic platform or in a VPC.\n\t\t\tFor more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.

\n

[EC2-Classic, VPC in an EC2-VPC-only account] If the Elastic IP address is already\n associated with a different instance, it is disassociated from that instance and associated\n with the specified instance. If you associate an Elastic IP address with an instance that has\n an existing Elastic IP address, the existing address is disassociated from the instance, but\n remains allocated to your account.

\n

[VPC in an EC2-Classic account] If you don't specify a private IP address, the Elastic\n IP address is associated with the primary IP address. If the Elastic IP address is already\n associated with a different instance or a network interface, you get an error unless you allow\n reassociation. You cannot associate an Elastic IP address with an instance or network\n interface that has an existing Elastic IP address.

\n

[Subnets in Wavelength Zones] You can associate an IP address from the telecommunication\n carrier to the instance or network interface.

\n

You cannot associate an Elastic IP address with an interface in a different network border group.

\n \n

This is an idempotent operation. If you perform the operation more than once, Amazon EC2\n doesn't return an error, and you may be charged for each time the Elastic IP address is\n remapped to the same instance. For more information, see the Elastic IP\n Addresses section of Amazon EC2\n Pricing.

\n " + "smithy.api#documentation": "

Associates an Elastic IP address, or carrier IP address (for instances that are in\n subnets in Wavelength Zones) with an instance or a network interface. Before you can use an\n Elastic IP address, you must allocate it to your account.

\n

An Elastic IP address is for use in either the EC2-Classic platform or in a VPC.\n\t\t\tFor more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.

\n

[EC2-Classic, VPC in an EC2-VPC-only account] If the Elastic IP address is already\n associated with a different instance, it is disassociated from that instance and associated\n with the specified instance. If you associate an Elastic IP address with an instance that has\n an existing Elastic IP address, the existing address is disassociated from the instance, but\n remains allocated to your account.

\n

[VPC in an EC2-Classic account] If you don't specify a private IP address, the Elastic\n IP address is associated with the primary IP address. If the Elastic IP address is already\n associated with a different instance or a network interface, you get an error unless you allow\n reassociation. You cannot associate an Elastic IP address with an instance or network\n interface that has an existing Elastic IP address.

\n

[Subnets in Wavelength Zones] You can associate an IP address from the telecommunication\n carrier to the instance or network interface.

\n

You cannot associate an Elastic IP address with an interface in a different network border group.

\n \n

This is an idempotent operation. If you perform the operation more than once, Amazon EC2\n doesn't return an error, and you may be charged for each time the Elastic IP address is\n remapped to the same instance. For more information, see the Elastic IP\n Addresses section of Amazon EC2\n Pricing.

\n \n \n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n " } }, "com.amazonaws.ec2#AssociateAddressRequest": { @@ -4996,7 +4996,7 @@ "target": "com.amazonaws.ec2#AttachClassicLinkVpcResult" }, "traits": { - "smithy.api#documentation": "

Links an EC2-Classic instance to a ClassicLink-enabled VPC through one or more of the VPC's\n\t\t\tsecurity groups. You cannot link an EC2-Classic instance to more than one VPC at a time. You\n\t\t\tcan only link an instance that's in the running state. An instance is\n\t\t\tautomatically unlinked from a VPC when it's stopped - you can link it to the VPC again when\n\t\t\tyou restart it.

\n\t\t

After you've linked an instance, you cannot change the VPC security groups that are associated with it. To change the security groups, you must first unlink the instance, and then link it again.

\n\t\t

Linking your instance to a VPC is sometimes referred to as attaching your instance.

" + "smithy.api#documentation": "\n\t

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n\t \n\t

Links an EC2-Classic instance to a ClassicLink-enabled VPC through one or more of the VPC's\n\t\t\tsecurity groups. You cannot link an EC2-Classic instance to more than one VPC at a time. You\n\t\t\tcan only link an instance that's in the running state. An instance is\n\t\t\tautomatically unlinked from a VPC when it's stopped - you can link it to the VPC again when\n\t\t\tyou restart it.

\n\t\t

After you've linked an instance, you cannot change the VPC security groups that are associated with it. To change the security groups, you must first unlink the instance, and then link it again.

\n\t\t

Linking your instance to a VPC is sometimes referred to as attaching your instance.

" } }, "com.amazonaws.ec2#AttachClassicLinkVpcRequest": { @@ -5487,7 +5487,7 @@ "target": "com.amazonaws.ec2#AuthorizeSecurityGroupEgressResult" }, "traits": { - "smithy.api#documentation": "

[VPC only] Adds the specified outbound (egress) rules to a security group for use with a VPC.

\n

An outbound rule permits instances to send traffic to the specified IPv4 or IPv6 CIDR address \n ranges, or to the instances that are associated with the specified source security groups.

\n

You specify a protocol for each rule (for example, TCP). \n For the TCP and UDP protocols, you must also specify the destination port or port range. \n For the ICMP protocol, you must also specify the ICMP type and code. \n You can use -1 for the type or code to mean all types or all codes.

\n

Rule changes are propagated to affected instances as quickly as possible. However, a small delay might occur.

\n

For information about VPC security group quotas, see Amazon VPC quotas.

" + "smithy.api#documentation": "

[VPC only] Adds the specified outbound (egress) rules to a security group for use with a VPC.

\n

An outbound rule permits instances to send traffic to the specified IPv4 or IPv6 CIDR\n address ranges, or to the instances that are associated with the specified source\n security groups. When specifying an outbound rule for your security group in a VPC, the\n IpPermissions must include a destination for the traffic.

\n

You specify a protocol for each rule (for example, TCP). \n For the TCP and UDP protocols, you must also specify the destination port or port range. \n For the ICMP protocol, you must also specify the ICMP type and code. \n You can use -1 for the type or code to mean all types or all codes.

\n

Rule changes are propagated to affected instances as quickly as possible. However, a small delay might occur.

\n

For information about VPC security group quotas, see Amazon VPC quotas.

" } }, "com.amazonaws.ec2#AuthorizeSecurityGroupEgressRequest": { @@ -5605,7 +5605,7 @@ "target": "com.amazonaws.ec2#AuthorizeSecurityGroupIngressResult" }, "traits": { - "smithy.api#documentation": "

Adds the specified inbound (ingress) rules to a security group.

\n

An inbound rule permits instances to receive traffic from the specified IPv4 or IPv6 CIDR\n address range, or from the instances that are associated with the specified destination security \n groups.

\n

You specify a protocol for each rule (for example, TCP). \n For TCP and UDP, you must also specify the destination port or port range. \n For ICMP/ICMPv6, you must also specify the ICMP/ICMPv6 type and code. \n You can use -1 to mean all types or all codes.

\n

Rule changes are propagated to instances within the security group as quickly as possible. \n However, a small delay might occur.

\n

For more information about VPC security group quotas, see Amazon VPC quotas.

" + "smithy.api#documentation": "

Adds the specified inbound (ingress) rules to a security group.

\n

An inbound rule permits instances to receive traffic from the specified IPv4 or IPv6 CIDR\n address range, or from the instances that are associated with the specified destination security \n groups. When specifying an inbound rule for your security group in a VPC, the\n IpPermissions must include a source for the traffic.

\n

You specify a protocol for each rule (for example, TCP). \n For TCP and UDP, you must also specify the destination port or port range. \n For ICMP/ICMPv6, you must also specify the ICMP/ICMPv6 type and code. \n You can use -1 to mean all types or all codes.

\n

Rule changes are propagated to instances within the security group as quickly as possible. \n However, a small delay might occur.

\n

For more information about VPC security group quotas, see Amazon VPC quotas.

\n \n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n " } }, "com.amazonaws.ec2#AuthorizeSecurityGroupIngressRequest": { @@ -8156,7 +8156,7 @@ } }, "traits": { - "smithy.api#documentation": "

Describes a linked EC2-Classic instance.

" + "smithy.api#documentation": "\n\t

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n\t \n\t\t

Describes a linked EC2-Classic instance.

" } }, "com.amazonaws.ec2#ClassicLinkInstanceList": { @@ -10724,7 +10724,7 @@ "target": "com.amazonaws.ec2#CreateDefaultVpcResult" }, "traits": { - "smithy.api#documentation": "

Creates a default VPC with a size /16 IPv4 CIDR block and a default subnet\n\t\t\tin each Availability Zone. For more information about the components of a default VPC,\n\t\t\tsee Default VPC and\n\t\t\tdefault subnets in the Amazon Virtual Private Cloud User Guide. You cannot\n\t\t\tspecify the components of the default VPC yourself.

\n\t\t

If you deleted your previous default VPC, you can create a default VPC. You cannot have\n\t\t\tmore than one default VPC per Region.

\n\t\t

If your account supports EC2-Classic, you cannot use this action to create a default VPC\n\t\t\tin a Region that supports EC2-Classic. If you want a default VPC in a Region that\n\t\t\tsupports EC2-Classic, see \"I really want a default VPC for my existing EC2 account. Is\n\t\t\tthat possible?\" in the Default VPCs\n\t\t\tFAQ.

" + "smithy.api#documentation": "

Creates a default VPC with a size /16 IPv4 CIDR block and a default subnet\n\t\t\tin each Availability Zone. For more information about the components of a default VPC,\n\t\t\tsee Default VPC and\n\t\t\tdefault subnets in the Amazon Virtual Private Cloud User Guide. You cannot\n\t\t\tspecify the components of the default VPC yourself.

\n\t\t

If you deleted your previous default VPC, you can create a default VPC. You cannot have\n\t\t\tmore than one default VPC per Region.

\n\t\t

If your account supports EC2-Classic, you cannot use this action to create a default VPC\n\t\t\tin a Region that supports EC2-Classic. If you want a default VPC in a Region that\n\t\t\tsupports EC2-Classic, see \"I really want a default VPC for my existing EC2 account. Is\n\t\t\tthat possible?\" in the Default VPCs\n\t\t\tFAQ.

\n\t \n\t

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n\t " } }, "com.amazonaws.ec2#CreateDefaultVpcRequest": { @@ -13384,7 +13384,7 @@ "target": "com.amazonaws.ec2#CreateSecurityGroupResult" }, "traits": { - "smithy.api#documentation": "

Creates a security group.

\n

A security group acts as a virtual firewall for your instance to control inbound and outbound traffic.\n For more information, see\n\t\t\t\tAmazon EC2 security groups in \n\t\t\t\tthe Amazon Elastic Compute Cloud User Guide and \n\t\t\t\tSecurity groups for your VPC in the\n\t\t\t\tAmazon Virtual Private Cloud User Guide.

\n

When you create a security group, you specify a friendly name of your choice. You can have a security group for use in EC2-Classic with the same name as a security group for use in a VPC. However, you can't have two security groups for use in EC2-Classic with the same name or two security groups for use in a VPC with the same name.

\n

You have a default security group for use in EC2-Classic and a default security group for use in your VPC. If you don't specify a security group when you launch an instance, the instance is launched into the appropriate default security group. A default security group includes a default rule that grants instances unrestricted network access to each other.

\n

You can add or remove rules from your security groups using \n\t\t\t\t\tAuthorizeSecurityGroupIngress,\n\t\t\t\t\tAuthorizeSecurityGroupEgress,\n\t\t\t\t\tRevokeSecurityGroupIngress, and\n\t\t\t\t\tRevokeSecurityGroupEgress.

\n

For more information about VPC security group limits, see Amazon VPC Limits.

" + "smithy.api#documentation": "

Creates a security group.

\n

A security group acts as a virtual firewall for your instance to control inbound and outbound traffic.\n For more information, see\n\t\t\t\tAmazon EC2 security groups in \n\t\t\t\tthe Amazon Elastic Compute Cloud User Guide and \n\t\t\t\tSecurity groups for your VPC in the\n\t\t\t\tAmazon Virtual Private Cloud User Guide.

\n

When you create a security group, you specify a friendly name of your choice. You can have a security group for use in EC2-Classic with the same name as a security group for use in a VPC. However, you can't have two security groups for use in EC2-Classic with the same name or two security groups for use in a VPC with the same name.

\n

You have a default security group for use in EC2-Classic and a default security group for use in your VPC. If you don't specify a security group when you launch an instance, the instance is launched into the appropriate default security group. A default security group includes a default rule that grants instances unrestricted network access to each other.

\n

You can add or remove rules from your security groups using \n\t\t\t\t\tAuthorizeSecurityGroupIngress,\n\t\t\t\t\tAuthorizeSecurityGroupEgress,\n\t\t\t\t\tRevokeSecurityGroupIngress, and\n\t\t\t\t\tRevokeSecurityGroupEgress.

\n

For more information about VPC security group limits, see Amazon VPC Limits.

\n \n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n " } }, "com.amazonaws.ec2#CreateSecurityGroupRequest": { @@ -17868,7 +17868,7 @@ "target": "smithy.api#Unit" }, "traits": { - "smithy.api#documentation": "

Deletes a security group.

\n

If you attempt to delete a security group that is associated with an instance, or is\n\t\t\t referenced by another security group, the operation fails with\n\t\t\t\tInvalidGroup.InUse in EC2-Classic or\n\t\t\t\tDependencyViolation in EC2-VPC.

" + "smithy.api#documentation": "

Deletes a security group.

\n

If you attempt to delete a security group that is associated with an instance, or is\n\t\t\t referenced by another security group, the operation fails with\n\t\t\t\tInvalidGroup.InUse in EC2-Classic or\n\t\t\t\tDependencyViolation in EC2-VPC.

\n \n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n " } }, "com.amazonaws.ec2#DeleteSecurityGroupRequest": { @@ -19459,7 +19459,7 @@ "target": "com.amazonaws.ec2#DescribeAccountAttributesResult" }, "traits": { - "smithy.api#documentation": "

Describes attributes of your Amazon Web Services account. The following are the supported account attributes:

\n " + "smithy.api#documentation": "

Describes attributes of your Amazon Web Services account. The following are the supported account attributes:

\n \n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon EC2 User Guide.

\n " } }, "com.amazonaws.ec2#DescribeAccountAttributesRequest": { @@ -19505,7 +19505,7 @@ "target": "com.amazonaws.ec2#DescribeAddressesResult" }, "traits": { - "smithy.api#documentation": "

Describes the specified Elastic IP addresses or all of your Elastic IP addresses.

\n

An Elastic IP address is for use in either the EC2-Classic platform or in a VPC.\n\t\t\t\tFor more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.

" + "smithy.api#documentation": "

Describes the specified Elastic IP addresses or all of your Elastic IP addresses.

\n

An Elastic IP address is for use in either the EC2-Classic platform or in a VPC.\n\t\t\t\tFor more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.

\n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n " } }, "com.amazonaws.ec2#DescribeAddressesAttribute": { @@ -20145,7 +20145,7 @@ "target": "com.amazonaws.ec2#DescribeClassicLinkInstancesResult" }, "traits": { - "smithy.api#documentation": "

Describes one or more of your linked EC2-Classic instances. This request only returns\n\t\t\tinformation about EC2-Classic instances linked to a VPC through ClassicLink. You cannot\n\t\t\tuse this request to return information about other instances.

", + "smithy.api#documentation": "

Describes one or more of your linked EC2-Classic instances. This request only returns\n\t\t\tinformation about EC2-Classic instances linked to a VPC through ClassicLink. You cannot\n\t\t\tuse this request to return information about other instances.

\n\t \n\t

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n\t ", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -23550,7 +23550,7 @@ "target": "com.amazonaws.ec2#DescribeInstancesResult" }, "traits": { - "smithy.api#documentation": "

Describes the specified instances or all instances.

\n

If you specify instance IDs, the output includes information for only the specified\n instances. If you specify filters, the output includes information for only those\n instances that meet the filter criteria. If you do not specify instance IDs or filters,\n the output includes information for all instances, which can affect performance. We\n recommend that you use pagination to ensure that the operation returns quickly and\n successfully.

\n

If you specify an instance ID that is not valid, an error is returned. If you specify\n an instance that you do not own, it is not included in the output.

\n

Recently terminated instances might appear in the returned results. This interval is\n usually less than one hour.

\n

If you describe instances in the rare case where an Availability Zone is experiencing\n a service disruption and you specify instance IDs that are in the affected zone, or do\n not specify any instance IDs at all, the call fails. If you describe instances and\n specify only instance IDs that are in an unaffected zone, the call works\n normally.

", + "smithy.api#documentation": "

Describes the specified instances or all instances.

\n

If you specify instance IDs, the output includes information for only the specified\n instances. If you specify filters, the output includes information for only those\n instances that meet the filter criteria. If you do not specify instance IDs or filters,\n the output includes information for all instances, which can affect performance. We\n recommend that you use pagination to ensure that the operation returns quickly and\n successfully.

\n

If you specify an instance ID that is not valid, an error is returned. If you specify\n an instance that you do not own, it is not included in the output.

\n

Recently terminated instances might appear in the returned results. This interval is\n usually less than one hour.

\n

If you describe instances in the rare case where an Availability Zone is experiencing\n a service disruption and you specify instance IDs that are in the affected zone, or do\n not specify any instance IDs at all, the call fails. If you describe instances and\n specify only instance IDs that are in an unaffected zone, the call works\n normally.

\n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon EC2 User Guide.

\n ", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -26418,7 +26418,7 @@ "target": "com.amazonaws.ec2#DescribeReservedInstancesResult" }, "traits": { - "smithy.api#documentation": "

Describes one or more of the Reserved Instances that you purchased.

\n

For more information about Reserved Instances, see Reserved\n\t\t\t\tInstances in the Amazon EC2 User Guide.

" + "smithy.api#documentation": "

Describes one or more of the Reserved Instances that you purchased.

\n

For more information about Reserved Instances, see Reserved\n\t\t\t\tInstances in the Amazon EC2 User Guide.

\n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n " } }, "com.amazonaws.ec2#DescribeReservedInstancesListings": { @@ -26489,7 +26489,7 @@ "target": "com.amazonaws.ec2#DescribeReservedInstancesModificationsResult" }, "traits": { - "smithy.api#documentation": "

Describes the modifications made to your Reserved Instances. If no parameter is specified, information about all your Reserved Instances modification requests is returned. If a modification ID is specified, only information about the specific modification is returned.

\n \t

For more information, see Modifying Reserved Instances in the Amazon EC2 User Guide.

", + "smithy.api#documentation": "

Describes the modifications made to your Reserved Instances. If no parameter is specified, information about all your Reserved Instances modification requests is returned. If a modification ID is specified, only information about the specific modification is returned.

\n \t

For more information, see Modifying Reserved Instances in the Amazon EC2 User Guide.

\n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n ", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -26560,7 +26560,7 @@ "target": "com.amazonaws.ec2#DescribeReservedInstancesOfferingsResult" }, "traits": { - "smithy.api#documentation": "

Describes Reserved Instance offerings that are available for purchase. With Reserved Instances, you purchase the right to launch instances for a period of time. During that time period, you do not receive insufficient capacity errors, and you pay a lower usage rate than the rate charged for On-Demand instances for the actual time used.

\n

If you have listed your own Reserved Instances for sale in the Reserved Instance Marketplace, they will be excluded from these results. This is to ensure that you do not purchase your own Reserved Instances.

\n

For more information, see Reserved Instance Marketplace\n\t\t\t\tin the Amazon EC2 User Guide.

", + "smithy.api#documentation": "

Describes Reserved Instance offerings that are available for purchase. With Reserved Instances, you purchase the right to launch instances for a period of time. During that time period, you do not receive insufficient capacity errors, and you pay a lower usage rate than the rate charged for On-Demand instances for the actual time used.

\n

If you have listed your own Reserved Instances for sale in the Reserved Instance Marketplace, they will be excluded from these results. This is to ensure that you do not purchase your own Reserved Instances.

\n

For more information, see Reserved Instance Marketplace\n\t\t\t\tin the Amazon EC2 User Guide.

\n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n ", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -26862,7 +26862,7 @@ "target": "com.amazonaws.ec2#DescribeScheduledInstanceAvailabilityResult" }, "traits": { - "smithy.api#documentation": "

Finds available schedules that meet the specified criteria.

\n

You can search for an available schedule no more than 3 months in advance. You must meet the minimum required duration of 1,200 hours per year. For example, the minimum daily schedule is 4 hours, the minimum weekly schedule is 24 hours, and the minimum monthly schedule is 100 hours.

\n

After you find a schedule that meets your needs, call PurchaseScheduledInstances\n to purchase Scheduled Instances with that schedule.

", + "smithy.api#documentation": "

Finds available schedules that meet the specified criteria.

\n

You can search for an available schedule no more than 3 months in advance. You must meet the minimum required duration of 1,200 hours per year. For example, the minimum daily schedule is 4 hours, the minimum weekly schedule is 24 hours, and the minimum monthly schedule is 100 hours.

\n

After you find a schedule that meets your needs, call PurchaseScheduledInstances\n to purchase Scheduled Instances with that schedule.

\n \n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n ", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -26972,7 +26972,7 @@ "target": "com.amazonaws.ec2#DescribeScheduledInstancesResult" }, "traits": { - "smithy.api#documentation": "

Describes the specified Scheduled Instances or all your Scheduled Instances.

", + "smithy.api#documentation": "

Describes the specified Scheduled Instances or all your Scheduled Instances.

\n \n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n ", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -27188,7 +27188,7 @@ "target": "com.amazonaws.ec2#DescribeSecurityGroupsResult" }, "traits": { - "smithy.api#documentation": "

Describes the specified security groups or all of your security groups.

\n

A security group is for use with instances either in the EC2-Classic platform \n\t\t\t\tor in a specific VPC. For more information, see\n\t\t\t\tAmazon EC2 security groups in \n\t\t\t\tthe Amazon Elastic Compute Cloud User Guide and \n\t\t\t\tSecurity groups for your VPC in the\n\t\t\t\tAmazon Virtual Private Cloud User Guide.

", + "smithy.api#documentation": "

Describes the specified security groups or all of your security groups.

\n

A security group is for use with instances either in the EC2-Classic platform \n\t\t\t\tor in a specific VPC. For more information, see\n\t\t\t\tAmazon EC2 security groups in \n\t\t\t\tthe Amazon Elastic Compute Cloud User Guide and \n\t\t\t\tSecurity groups for your VPC in the\n\t\t\t\tAmazon Virtual Private Cloud User Guide.

\n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n ", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -30058,7 +30058,7 @@ "target": "com.amazonaws.ec2#DescribeVpcClassicLinkResult" }, "traits": { - "smithy.api#documentation": "

Describes the ClassicLink status of one or more VPCs.

" + "smithy.api#documentation": "

Describes the ClassicLink status of one or more VPCs.

\n\t \n\t

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n\t " } }, "com.amazonaws.ec2#DescribeVpcClassicLinkDnsSupport": { @@ -30070,7 +30070,7 @@ "target": "com.amazonaws.ec2#DescribeVpcClassicLinkDnsSupportResult" }, "traits": { - "smithy.api#documentation": "

Describes the ClassicLink DNS support status of one or more VPCs. If enabled, the DNS\n hostname of a linked EC2-Classic instance resolves to its private IP address when\n addressed from an instance in the VPC to which it's linked. Similarly, the DNS hostname\n of an instance in a VPC resolves to its private IP address when addressed from a linked\n EC2-Classic instance. For more information, see ClassicLink in the Amazon Elastic Compute Cloud User Guide.

", + "smithy.api#documentation": "\n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n \n

Describes the ClassicLink DNS support status of one or more VPCs. If enabled, the DNS\n hostname of a linked EC2-Classic instance resolves to its private IP address when\n addressed from an instance in the VPC to which it's linked. Similarly, the DNS hostname\n of an instance in a VPC resolves to its private IP address when addressed from a linked\n EC2-Classic instance. For more information, see ClassicLink in the Amazon Elastic Compute Cloud User Guide.

", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -31162,7 +31162,7 @@ "target": "com.amazonaws.ec2#DetachClassicLinkVpcResult" }, "traits": { - "smithy.api#documentation": "

Unlinks (detaches) a linked EC2-Classic instance from a VPC. After the instance has been unlinked, the VPC security groups are no longer associated with it. An instance is automatically unlinked from a VPC when it's stopped.

" + "smithy.api#documentation": "\n\t

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n\t \n\t\t

Unlinks (detaches) a linked EC2-Classic instance from a VPC. After the instance has been unlinked, the VPC security groups are no longer associated with it. An instance is automatically unlinked from a VPC when it's stopped.

" } }, "com.amazonaws.ec2#DetachClassicLinkVpcRequest": { @@ -32167,7 +32167,7 @@ "target": "com.amazonaws.ec2#DisableVpcClassicLinkResult" }, "traits": { - "smithy.api#documentation": "

Disables ClassicLink for a VPC. You cannot disable ClassicLink for a VPC that has EC2-Classic instances linked to it.

" + "smithy.api#documentation": "

Disables ClassicLink for a VPC. You cannot disable ClassicLink for a VPC that has EC2-Classic instances linked to it.

\n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n " } }, "com.amazonaws.ec2#DisableVpcClassicLinkDnsSupport": { @@ -32179,7 +32179,7 @@ "target": "com.amazonaws.ec2#DisableVpcClassicLinkDnsSupportResult" }, "traits": { - "smithy.api#documentation": "

Disables ClassicLink DNS support for a VPC. If disabled, DNS hostnames resolve to\n\t\t\tpublic IP addresses when addressed between a linked EC2-Classic instance and instances\n\t\t\tin the VPC to which it's linked. For more information, see ClassicLink in the\n\t\t\t\tAmazon Elastic Compute Cloud User Guide.

\n

You must specify a VPC ID in the request.

" + "smithy.api#documentation": "

Disables ClassicLink DNS support for a VPC. If disabled, DNS hostnames resolve to\n\t\t\tpublic IP addresses when addressed between a linked EC2-Classic instance and instances\n\t\t\tin the VPC to which it's linked. For more information, see ClassicLink in the\n\t\t\t\tAmazon Elastic Compute Cloud User Guide.

\n

You must specify a VPC ID in the request.

\n \n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n " } }, "com.amazonaws.ec2#DisableVpcClassicLinkDnsSupportRequest": { @@ -32251,7 +32251,7 @@ "target": "smithy.api#Unit" }, "traits": { - "smithy.api#documentation": "

Disassociates an Elastic IP address from the instance or network interface it's associated with.

\n\t\t\t

An Elastic IP address is for use in either the EC2-Classic platform or in a VPC. For more\n\t\t\tinformation, see Elastic IP\n\t\t\t\tAddresses in the Amazon Elastic Compute Cloud User Guide.

\n

This is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error.

" + "smithy.api#documentation": "

Disassociates an Elastic IP address from the instance or network interface it's associated with.

\n\t\t\t

An Elastic IP address is for use in either the EC2-Classic platform or in a VPC. For more\n\t\t\tinformation, see Elastic IP\n\t\t\t\tAddresses in the Amazon Elastic Compute Cloud User Guide.

\n \n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n \n

This is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error.

" } }, "com.amazonaws.ec2#DisassociateAddressRequest": { @@ -34620,7 +34620,7 @@ "target": "com.amazonaws.ec2#EnableVpcClassicLinkResult" }, "traits": { - "smithy.api#documentation": "

Enables a VPC for ClassicLink. You can then link EC2-Classic instances to your\n\t\t\tClassicLink-enabled VPC to allow communication over private IP addresses. You cannot\n\t\t\tenable your VPC for ClassicLink if any of your VPC route tables have existing routes for\n\t\t\taddress ranges within the 10.0.0.0/8 IP address range, excluding local\n\t\t\troutes for VPCs in the 10.0.0.0/16 and 10.1.0.0/16 IP address\n\t\t\tranges. For more information, see ClassicLink in the\n\t\t\t\tAmazon Elastic Compute Cloud User Guide.

" + "smithy.api#documentation": "\n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n \n

Enables a VPC for ClassicLink. You can then link EC2-Classic instances to your\n\t\t\tClassicLink-enabled VPC to allow communication over private IP addresses. You cannot\n\t\t\tenable your VPC for ClassicLink if any of your VPC route tables have existing routes for\n\t\t\taddress ranges within the 10.0.0.0/8 IP address range, excluding local\n\t\t\troutes for VPCs in the 10.0.0.0/16 and 10.1.0.0/16 IP address\n\t\t\tranges. For more information, see ClassicLink in the\n\t\t\t\tAmazon Elastic Compute Cloud User Guide.

" } }, "com.amazonaws.ec2#EnableVpcClassicLinkDnsSupport": { @@ -34632,7 +34632,7 @@ "target": "com.amazonaws.ec2#EnableVpcClassicLinkDnsSupportResult" }, "traits": { - "smithy.api#documentation": "

Enables a VPC to support DNS hostname resolution for ClassicLink. If enabled, the DNS\n\t\t\thostname of a linked EC2-Classic instance resolves to its private IP address when\n\t\t\taddressed from an instance in the VPC to which it's linked. Similarly, the DNS hostname\n\t\t\tof an instance in a VPC resolves to its private IP address when addressed from a linked\n\t\t\tEC2-Classic instance. For more information, see ClassicLink in the\n\t\t\t\tAmazon Elastic Compute Cloud User Guide.

\n

You must specify a VPC ID in the request.

" + "smithy.api#documentation": "\n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n \n

Enables a VPC to support DNS hostname resolution for ClassicLink. If enabled, the DNS\n\t\t\thostname of a linked EC2-Classic instance resolves to its private IP address when\n\t\t\taddressed from an instance in the VPC to which it's linked. Similarly, the DNS hostname\n\t\t\tof an instance in a VPC resolves to its private IP address when addressed from a linked\n\t\t\tEC2-Classic instance. For more information, see ClassicLink in the\n\t\t\t\tAmazon Elastic Compute Cloud User Guide.

\n

You must specify a VPC ID in the request.

" } }, "com.amazonaws.ec2#EnableVpcClassicLinkDnsSupportRequest": { @@ -35487,7 +35487,7 @@ "S3ExportLocation": { "target": "com.amazonaws.ec2#ExportTaskS3LocationRequest", "traits": { - "smithy.api#documentation": "

Information about the destination Amazon S3 bucket. The bucket must exist and grant WRITE\n and READ_ACP permissions to the Amazon Web Services account vm-import-export@amazon.com.

", + "smithy.api#documentation": "

The Amazon S3 bucket for the destination image. The destination bucket must exist.

", "smithy.api#required": {} } }, @@ -35860,7 +35860,7 @@ "target": "com.amazonaws.ec2#String", "traits": { "aws.protocols#ec2QueryName": "S3Bucket", - "smithy.api#documentation": "

The Amazon S3 bucket for the destination image. The destination bucket must exist and grant\n WRITE and READ_ACP permissions to the Amazon Web Services account vm-import-export@amazon.com.

", + "smithy.api#documentation": "

The Amazon S3 bucket for the destination image. The destination bucket must exist and have\n an access control list (ACL) attached that specifies the Region-specific canonical account ID for\n the Grantee. For more information about the ACL to your S3 bucket, see Prerequisites in the VM Import/Export User Guide.

", "smithy.api#xmlName": "s3Bucket" } }, @@ -35900,7 +35900,7 @@ "target": "com.amazonaws.ec2#String", "traits": { "aws.protocols#ec2QueryName": "S3Bucket", - "smithy.api#documentation": "

The Amazon S3 bucket for the destination image. The destination bucket must exist and grant\n WRITE and READ_ACP permissions to the Amazon Web Services account vm-import-export@amazon.com.

", + "smithy.api#documentation": "

The Amazon S3 bucket for the destination image. The destination bucket must exist and have\n an access control list (ACL) attached that specifies the Region-specific canonical account ID for\n the Grantee. For more information about the ACL to your S3 bucket, see Prerequisites in the VM Import/Export User Guide.

", "smithy.api#xmlName": "s3Bucket" } }, @@ -41791,7 +41791,7 @@ "target": "com.amazonaws.ec2#AttributeValue", "traits": { "aws.protocols#ec2QueryName": "LastLaunchedTime", - "smithy.api#documentation": "

The date and time, in ISO 8601 date-time\n format, when the AMI was last used to launch an EC2 instance. When the AMI is used,\n there is a 24-hour delay before that usage is reported.

\n \n

\n lastLaunchedTime data is available starting April 2017.

\n ", + "smithy.api#documentation": "

The date and time, in ISO 8601 date-time\n format, when the AMI was last used to launch an EC2 instance. When the AMI is used\n to launch an instance, there is a 24-hour delay before that usage is reported.

\n \n

\n lastLaunchedTime data is available starting April 2017.

\n ", "smithy.api#xmlName": "lastLaunchedTime" } } @@ -44138,7 +44138,7 @@ "target": "com.amazonaws.ec2#String", "traits": { "aws.protocols#ec2QueryName": "CpuCredits", - "smithy.api#documentation": "

The credit option for CPU usage of the instance. Valid values are\n standard and unlimited.

", + "smithy.api#documentation": "

The credit option for CPU usage of the instance.

\n

Valid values: standard | unlimited\n

", "smithy.api#xmlName": "cpuCredits" } } @@ -44177,7 +44177,7 @@ "CpuCredits": { "target": "com.amazonaws.ec2#String", "traits": { - "smithy.api#documentation": "

The credit option for CPU usage of the instance. Valid values are\n standard and unlimited.

\n

T3 instances with host tenancy do not support the unlimited\n CPU credit option.

" + "smithy.api#documentation": "

The credit option for CPU usage of the instance.

\n

Valid values: standard | unlimited\n

\n

T3 instances with host tenancy do not support the unlimited\n CPU credit option.

" } } }, @@ -45400,7 +45400,7 @@ "AssociateCarrierIpAddress": { "target": "com.amazonaws.ec2#Boolean", "traits": { - "smithy.api#documentation": "

Indicates whether to assign a carrier IP address to the network interface.

\n

You can only assign a carrier IP address to a network interface that is in a subnet in a Wavelength Zone. \n For more information about carrier IP addresses, see Carrier IP addresses in the Amazon Web Services Wavelength Developer Guide.

" + "smithy.api#documentation": "

Indicates whether to assign a carrier IP address to the network interface.

\n

You can only assign a carrier IP address to a network interface that is in a subnet in\n a Wavelength Zone. For more information about carrier IP addresses, see Carrier IP address in the Amazon Web Services Wavelength Developer\n Guide.

" } }, "InterfaceType": { @@ -51061,7 +51061,7 @@ } }, "traits": { - "smithy.api#documentation": "

Describes the launch specification for an instance.

" + "smithy.api#documentation": "

Describes the launch specification for an instance.

\n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon EC2 User Guide for Linux Instances.

\n " } }, "com.amazonaws.ec2#LaunchSpecsList": { @@ -52632,7 +52632,7 @@ "Version": { "target": "com.amazonaws.ec2#String", "traits": { - "smithy.api#documentation": "

The version number of the launch template.

\n

Default: The default version for the launch template.

" + "smithy.api#documentation": "

The launch template version number, $Latest, or $Default.

\n

If the value is $Latest, Amazon EC2 uses the latest version of the launch\n template.

\n

If the value is $Default, Amazon EC2 uses the default version of the launch\n template.

\n

Default: The default version of the launch template.

" } } }, @@ -56281,7 +56281,7 @@ "target": "com.amazonaws.ec2#ModifyReservedInstancesResult" }, "traits": { - "smithy.api#documentation": "

Modifies the Availability Zone, instance count, instance type, or network platform\n (EC2-Classic or EC2-VPC) of your Reserved Instances. The Reserved Instances to be\n modified must be identical, except for Availability Zone, network platform, and instance\n type.

\n\t\t

For more information, see Modifying Reserved\n\t\t\t\tInstances in the Amazon EC2 User Guide.

" + "smithy.api#documentation": "

Modifies the Availability Zone, instance count, instance type, or network platform\n (EC2-Classic or EC2-VPC) of your Reserved Instances. The Reserved Instances to be\n modified must be identical, except for Availability Zone, network platform, and instance\n type.

\n\t\t

For more information, see Modifying Reserved\n\t\t\t\tInstances in the Amazon EC2 User Guide.

\n \n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n " } }, "com.amazonaws.ec2#ModifyReservedInstancesRequest": { @@ -57727,7 +57727,7 @@ "target": "com.amazonaws.ec2#ModifyVpcPeeringConnectionOptionsResult" }, "traits": { - "smithy.api#documentation": "

Modifies the VPC peering connection options on one side of a VPC peering connection. You can do the following:

\n \n

If the peered VPCs are in the same Amazon Web Services account, you can enable DNS resolution \n for queries from the local VPC. This ensures that queries from the local VPC resolve to private IP\n addresses in the peer VPC. This option is not available if the peered VPCs are in different\n different Amazon Web Services accounts or different Regions. For peered VPCs in different \n Amazon Web Services accounts, each Amazon Web Services account owner must initiate a separate request \n to modify the peering connection options. For inter-region peering connections, you must use the \n Region for the requester VPC to modify the requester VPC peering options and the Region for the \n accepter VPC to modify the accepter VPC peering options. To verify which VPCs are the accepter and \n the requester for a VPC peering connection, use the DescribeVpcPeeringConnections command.

" + "smithy.api#documentation": "\n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n \n

Modifies the VPC peering connection options on one side of a VPC peering connection. You can do the following:

\n \n

If the peered VPCs are in the same Amazon Web Services account, you can enable DNS resolution \n for queries from the local VPC. This ensures that queries from the local VPC resolve to private IP\n addresses in the peer VPC. This option is not available if the peered VPCs are in different\n different Amazon Web Services accounts or different Regions. For peered VPCs in different \n Amazon Web Services accounts, each Amazon Web Services account owner must initiate a separate request \n to modify the peering connection options. For inter-region peering connections, you must use the \n Region for the requester VPC to modify the requester VPC peering options and the Region for the \n accepter VPC to modify the accepter VPC peering options. To verify which VPCs are the accepter and \n the requester for a VPC peering connection, use the DescribeVpcPeeringConnections command.

" } }, "com.amazonaws.ec2#ModifyVpcPeeringConnectionOptionsRequest": { @@ -58279,7 +58279,7 @@ "target": "com.amazonaws.ec2#MoveAddressToVpcResult" }, "traits": { - "smithy.api#documentation": "

Moves an Elastic IP address from the EC2-Classic platform to the EC2-VPC platform. The\n Elastic IP address must be allocated to your account for more than 24 hours, and it must not\n be associated with an instance. After the Elastic IP address is moved, it is no longer\n available for use in the EC2-Classic platform, unless you move it back using the\n RestoreAddressToClassic request. You cannot move an Elastic IP address that was\n originally allocated for use in the EC2-VPC platform to the EC2-Classic platform.

" + "smithy.api#documentation": "

Moves an Elastic IP address from the EC2-Classic platform to the EC2-VPC platform. The\n Elastic IP address must be allocated to your account for more than 24 hours, and it must not\n be associated with an instance. After the Elastic IP address is moved, it is no longer\n available for use in the EC2-Classic platform, unless you move it back using the\n RestoreAddressToClassic request. You cannot move an Elastic IP address that was\n originally allocated for use in the EC2-VPC platform to the EC2-Classic platform.

\n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n " } }, "com.amazonaws.ec2#MoveAddressToVpcRequest": { @@ -58417,7 +58417,7 @@ } }, "traits": { - "smithy.api#documentation": "

Describes the status of a moving Elastic IP address.

" + "smithy.api#documentation": "

Describes the status of a moving Elastic IP address.

\n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n " } }, "com.amazonaws.ec2#MovingAddressStatusSet": { @@ -60983,7 +60983,7 @@ } }, "traits": { - "smithy.api#documentation": "

Describes the VPC peering connection options.

" + "smithy.api#documentation": "\n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n \n

Describes the VPC peering connection options.

" } }, "com.amazonaws.ec2#PeeringConnectionOptionsRequest": { @@ -61009,7 +61009,7 @@ } }, "traits": { - "smithy.api#documentation": "

The VPC peering connection options.

" + "smithy.api#documentation": "\n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n \n

The VPC peering connection options.

" } }, "com.amazonaws.ec2#PeeringTgwInfo": { @@ -61398,7 +61398,7 @@ "target": "com.amazonaws.ec2#Tenancy", "traits": { "aws.protocols#ec2QueryName": "Tenancy", - "smithy.api#documentation": "

The tenancy of the instance (if the instance is running in a VPC). An instance with a\n tenancy of dedicated runs on single-tenant hardware. The host\n tenancy is not supported for the ImportInstance\n command.

\n

This parameter is not supported by CreateFleet.

\n\n

T3 instances that use the unlimited CPU credit option do not support\n host tenancy.

", + "smithy.api#documentation": "

The tenancy of the instance (if the instance is running in a VPC). An instance with a\n tenancy of dedicated runs on single-tenant hardware. The host\n tenancy is not supported for the ImportInstance\n command.

\n

This parameter is not supported by CreateFleet.

\n

T3 instances that use the unlimited CPU credit option do not support\n host tenancy.

", "smithy.api#xmlName": "tenancy" } }, @@ -64053,7 +64053,7 @@ "target": "smithy.api#Unit" }, "traits": { - "smithy.api#documentation": "

Releases the specified Elastic IP address.

\n

[EC2-Classic, default VPC] Releasing an Elastic IP address automatically disassociates it\n\t\t\t\tfrom any instance that it's associated with. To disassociate an Elastic IP address without\n\t\t\t\treleasing it, use DisassociateAddress.

\n

[Nondefault VPC] You must use DisassociateAddress to disassociate the Elastic IP address\n\t\t\t before you can release it. Otherwise, Amazon EC2 returns an error (InvalidIPAddress.InUse).

\n

After releasing an Elastic IP address, it is released to the IP address pool. \n Be sure to update your DNS records and any servers or devices that communicate with the address. \n If you attempt to release an Elastic IP address that you already released, you'll get an\n AuthFailure error if the address is already allocated to another Amazon Web Services account.

\n

[EC2-VPC] After you release an Elastic IP address for use in a VPC, you might be able to recover it.\n For more information, see AllocateAddress.

\n

For more\n information, see Elastic IP\n Addresses in the Amazon Elastic Compute Cloud User Guide.

" + "smithy.api#documentation": "

Releases the specified Elastic IP address.

\n

[EC2-Classic, default VPC] Releasing an Elastic IP address automatically disassociates it\n\t\t\t\tfrom any instance that it's associated with. To disassociate an Elastic IP address without\n\t\t\t\treleasing it, use DisassociateAddress.

\n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n \n

[Nondefault VPC] You must use DisassociateAddress to disassociate the Elastic IP address\n\t\t\t before you can release it. Otherwise, Amazon EC2 returns an error (InvalidIPAddress.InUse).

\n

After releasing an Elastic IP address, it is released to the IP address pool. \n Be sure to update your DNS records and any servers or devices that communicate with the address. \n If you attempt to release an Elastic IP address that you already released, you'll get an\n AuthFailure error if the address is already allocated to another Amazon Web Services account.

\n

[EC2-VPC] After you release an Elastic IP address for use in a VPC, you might be able to recover it.\n For more information, see AllocateAddress.

\n

For more\n information, see Elastic IP\n Addresses in the Amazon Elastic Compute Cloud User Guide.

" } }, "com.amazonaws.ec2#ReleaseAddressRequest": { @@ -65147,7 +65147,7 @@ "SecurityGroups": { "target": "com.amazonaws.ec2#SecurityGroupStringList", "traits": { - "smithy.api#documentation": "

[EC2-Classic, default VPC] One or more security group names. For a nondefault VPC, you\n must use security group IDs instead. You cannot specify both a security group ID and\n security name in the same request.

", + "smithy.api#documentation": "

One or more security group names. For a nondefault VPC, you\n must use security group IDs instead. You cannot specify both a security group ID and\n security name in the same request.

", "smithy.api#xmlName": "SecurityGroup" } }, @@ -65291,7 +65291,7 @@ "target": "com.amazonaws.ec2#RequestSpotInstancesResult" }, "traits": { - "smithy.api#documentation": "

Creates a Spot Instance request.

\n

For more information, see Spot Instance requests in\n the Amazon EC2 User Guide for Linux Instances.

\n \n \n

We strongly discourage using the RequestSpotInstances API because it is a legacy\n API with no planned investment. For options for requesting Spot Instances, see\n Which\n is the best Spot request method to use? in the\n Amazon EC2 User Guide for Linux Instances.

\n " + "smithy.api#documentation": "

Creates a Spot Instance request.

\n

For more information, see Spot Instance requests in\n the Amazon EC2 User Guide for Linux Instances.

\n \n \n

We strongly discourage using the RequestSpotInstances API because it is a legacy\n API with no planned investment. For options for requesting Spot Instances, see\n Which\n is the best Spot request method to use? in the\n Amazon EC2 User Guide for Linux Instances.

\n \n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon EC2 User Guide for Linux Instances.

\n " } }, "com.amazonaws.ec2#RequestSpotInstancesRequest": { @@ -65613,7 +65613,7 @@ } }, "traits": { - "smithy.api#documentation": "

Describes a launch request for one or more instances, and includes owner, requester,\n and security group information that applies to all instances in the launch\n request.

" + "smithy.api#documentation": "

Describes a launch request for one or more instances, and includes owner, requester,\n and security group information that applies to all instances in the launch\n request.

\n \n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon EC2 User Guide.

\n " } }, "com.amazonaws.ec2#ReservationFleetInstanceSpecification": { @@ -66033,7 +66033,7 @@ } }, "traits": { - "smithy.api#documentation": "

Describes the configuration settings for the modified Reserved Instances.

" + "smithy.api#documentation": "

Describes the configuration settings for the modified Reserved Instances.

\n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n " } }, "com.amazonaws.ec2#ReservedInstancesConfigurationList": { @@ -67147,6 +67147,18 @@ { "value": "vpc-flow-log", "name": "vpc_flow_log" + }, + { + "value": "capacity-reservation-fleet", + "name": "capacity_reservation_fleet" + }, + { + "value": "traffic-mirror-filter-rule", + "name": "traffic_mirror_filter_rule" + }, + { + "value": "vpc-endpoint-connection-device-type", + "name": "vpc_endpoint_connection_device_type" } ] } @@ -67464,7 +67476,7 @@ "target": "com.amazonaws.ec2#RestoreAddressToClassicResult" }, "traits": { - "smithy.api#documentation": "

Restores an Elastic IP address that was previously moved to the EC2-VPC platform back to the EC2-Classic platform. You cannot move an Elastic IP address that was originally allocated for use in EC2-VPC. The Elastic IP address must not be associated with an instance or network interface.

" + "smithy.api#documentation": "

Restores an Elastic IP address that was previously moved to the EC2-VPC platform back to the EC2-Classic platform. You cannot move an Elastic IP address that was originally allocated for use in EC2-VPC. The Elastic IP address must not be associated with an instance or network interface.

\n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n " } }, "com.amazonaws.ec2#RestoreAddressToClassicRequest": { @@ -68008,7 +68020,7 @@ "target": "com.amazonaws.ec2#RevokeSecurityGroupIngressResult" }, "traits": { - "smithy.api#documentation": "

Removes the specified inbound (ingress) rules from a security group.

\n\n

You can specify rules using either rule IDs or security group rule properties. If you use\n rule properties, the values that you specify (for example, ports) must match the existing rule's \n values exactly. Each rule has a protocol, from and to ports, and source (CIDR range, \n security group, or prefix list). For the TCP and UDP protocols, you must also specify the \n destination port or range of ports. For the ICMP protocol, you must also specify the ICMP type \n and code. If the security group rule has a description, you do not need to specify the description \n to revoke the rule.

\n

[EC2-Classic, default VPC] If the values you specify do not match the existing rule's values, no error is\n returned, and the output describes the security group rules that were not revoked.

\n

Amazon Web Services recommends that you describe the security group to verify that the rules were removed.

\n\n

Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.

" + "smithy.api#documentation": "

Removes the specified inbound (ingress) rules from a security group.

\n\n

You can specify rules using either rule IDs or security group rule properties. If you use\n rule properties, the values that you specify (for example, ports) must match the existing rule's \n values exactly. Each rule has a protocol, from and to ports, and source (CIDR range, \n security group, or prefix list). For the TCP and UDP protocols, you must also specify the \n destination port or range of ports. For the ICMP protocol, you must also specify the ICMP type \n and code. If the security group rule has a description, you do not need to specify the description \n to revoke the rule.

\n

[EC2-Classic, default VPC] If the values you specify do not match the existing rule's values, no error is\n returned, and the output describes the security group rules that were not revoked.

\n

Amazon Web Services recommends that you describe the security group to verify that the rules were removed.

\n\n

Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.

\n \n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n " } }, "com.amazonaws.ec2#RevokeSecurityGroupIngressRequest": { @@ -68540,7 +68552,7 @@ "target": "com.amazonaws.ec2#Reservation" }, "traits": { - "smithy.api#documentation": "

Launches the specified number of instances using an AMI for which you have\n permissions.

\n

You can specify a number of options, or leave the default options. The following rules\n apply:

\n \n

You can create a launch template,\n which is a resource that contains the parameters to launch an instance. When you launch\n an instance using RunInstances, you can specify the launch template\n instead of specifying the launch parameters.

\n

To ensure faster instance launches, break up large requests into smaller batches. For\n example, create five separate launch requests for 100 instances each instead of one\n launch request for 500 instances.

\n

An instance is ready for you to use when it's in the running state. You\n can check the state of your instance using DescribeInstances. You can\n tag instances and EBS volumes during launch, after launch, or both. For more\n information, see CreateTags and Tagging your Amazon EC2\n resources.

\n

Linux instances have access to the public key of the key pair at boot. You can use\n this key to provide secure access to the instance. Amazon EC2 public images use this\n feature to provide secure access without passwords. For more information, see Key\n pairs.

\n

For troubleshooting, see What to do if\n an instance immediately terminates, and Troubleshooting connecting to your instance.

" + "smithy.api#documentation": "

Launches the specified number of instances using an AMI for which you have\n permissions.

\n

You can specify a number of options, or leave the default options. The following rules\n apply:

\n \n

You can create a launch template,\n which is a resource that contains the parameters to launch an instance. When you launch\n an instance using RunInstances, you can specify the launch template\n instead of specifying the launch parameters.

\n

To ensure faster instance launches, break up large requests into smaller batches. For\n example, create five separate launch requests for 100 instances each instead of one\n launch request for 500 instances.

\n

An instance is ready for you to use when it's in the running state. You\n can check the state of your instance using DescribeInstances. You can\n tag instances and EBS volumes during launch, after launch, or both. For more\n information, see CreateTags and Tagging your Amazon EC2\n resources.

\n

Linux instances have access to the public key of the key pair at boot. You can use\n this key to provide secure access to the instance. Amazon EC2 public images use this\n feature to provide secure access without passwords. For more information, see Key\n pairs.

\n

For troubleshooting, see What to do if\n an instance immediately terminates, and Troubleshooting connecting to your instance.

\n \n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon EC2 User Guide.

\n " } }, "com.amazonaws.ec2#RunInstancesMonitoringEnabled": { @@ -68773,7 +68785,7 @@ "CreditSpecification": { "target": "com.amazonaws.ec2#CreditSpecificationRequest", "traits": { - "smithy.api#documentation": "

The credit option for CPU usage of the burstable performance instance. Valid values\n are standard and unlimited. To change this attribute after\n launch, use \n ModifyInstanceCreditSpecification. For more information, see Burstable\n performance instances in the Amazon EC2 User Guide.

\n

Default: standard (T2 instances) or unlimited (T3/T3a\n instances)

\n

For T3 instances with host tenancy, only standard is\n supported.

" + "smithy.api#documentation": "

The credit option for CPU usage of the burstable performance instance. Valid values\n are standard and unlimited. To change this attribute after\n launch, use \n ModifyInstanceCreditSpecification. For more information, see Burstable\n performance instances in the Amazon EC2 User Guide.

\n

Default: standard (T2 instances) or unlimited (T3/T3a/T4g\n instances)

\n

For T3 instances with host tenancy, only standard is\n supported.

" } }, "CpuOptions": { @@ -69108,7 +69120,7 @@ } }, "traits": { - "smithy.api#documentation": "

Describes a Scheduled Instance.

" + "smithy.api#documentation": "

Describes a Scheduled Instance.

\n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n " } }, "com.amazonaws.ec2#ScheduledInstanceAvailability": { @@ -69220,7 +69232,7 @@ } }, "traits": { - "smithy.api#documentation": "

Describes a schedule that is available for your Scheduled Instances.

" + "smithy.api#documentation": "

Describes a schedule that is available for your Scheduled Instances.

\n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n " } }, "com.amazonaws.ec2#ScheduledInstanceAvailabilitySet": { @@ -71770,7 +71782,7 @@ } }, "traits": { - "smithy.api#documentation": "

Describes the launch specification for one or more Spot Instances. If you include\n On-Demand capacity in your fleet request or want to specify an EFA network device, you\n can't use SpotFleetLaunchSpecification; you must use LaunchTemplateConfig.

" + "smithy.api#documentation": "

Describes the launch specification for one or more Spot Instances. If you include\n On-Demand capacity in your fleet request or want to specify an EFA network device, you\n can't use SpotFleetLaunchSpecification; you must use LaunchTemplateConfig.

\n \n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon EC2 User Guide for Linux Instances.

\n " } }, "com.amazonaws.ec2#SpotFleetMonitoring": { @@ -78977,7 +78989,7 @@ } }, "traits": { - "smithy.api#documentation": "

Describes a security group and Amazon Web Services account ID pair.

" + "smithy.api#documentation": "

Describes a security group and Amazon Web Services account ID pair.

\n \n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n " } }, "com.amazonaws.ec2#UserIdGroupPairList": { @@ -80367,7 +80379,7 @@ } }, "traits": { - "smithy.api#documentation": "

Describes whether a VPC is enabled for ClassicLink.

" + "smithy.api#documentation": "\n\t

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n\t \n\t\t

Describes whether a VPC is enabled for ClassicLink.

" } }, "com.amazonaws.ec2#VpcClassicLinkIdList": { @@ -80903,7 +80915,7 @@ } }, "traits": { - "smithy.api#documentation": "

Describes the VPC peering connection options.

" + "smithy.api#documentation": "\n

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

\n \n

Describes the VPC peering connection options.

" } }, "com.amazonaws.ec2#VpcPeeringConnectionStateReason": { diff --git a/codegen/sdk/aws-models/elasticsearch-service.json b/codegen/sdk/aws-models/elasticsearch-service.json index e3044dd28d4..af414666b9a 100644 --- a/codegen/sdk/aws-models/elasticsearch-service.json +++ b/codegen/sdk/aws-models/elasticsearch-service.json @@ -136,6 +136,9 @@ "input": { "target": "com.amazonaws.elasticsearchservice#AddTagsRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.elasticsearchservice#BaseException" @@ -1613,6 +1616,12 @@ }, "com.amazonaws.elasticsearchservice#DeleteElasticsearchServiceRole": { "type": "operation", + "input": { + "target": "smithy.api#Unit" + }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.elasticsearchservice#BaseException" @@ -3141,7 +3150,13 @@ "Iops": { "target": "com.amazonaws.elasticsearchservice#IntegerClass", "traits": { - "smithy.api#documentation": "

Specifies the IOPD for a Provisioned IOPS EBS volume (SSD).

" + "smithy.api#documentation": "

Specifies the IOPS for Provisioned IOPS And GP3 EBS volume (SSD).

" + } + }, + "Throughput": { + "target": "com.amazonaws.elasticsearchservice#IntegerClass", + "traits": { + "smithy.api#documentation": "

Specifies the Throughput for GP3 EBS volume (SSD).

" } } }, @@ -5748,6 +5763,9 @@ "input": { "target": "com.amazonaws.elasticsearchservice#RemoveTagsRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.elasticsearchservice#BaseException" @@ -6413,7 +6431,7 @@ "com.amazonaws.elasticsearchservice#StorageSubTypeName": { "type": "string", "traits": { - "smithy.api#documentation": "

\n SubType of the given storage type.\n List of available sub-storage options:\n For \"instance\" storageType we wont have any storageSubType,\n in case of \"ebs\" storageType we will have following valid storageSubTypes\n

    \n
  1. standard
    2. \n
  2. gp2
    3. \n
  3. io1
    4. \n
\n Refer VolumeType for more information regarding above EBS storage options.\n

" + "smithy.api#documentation": "

\n SubType of the given storage type.\n List of available sub-storage options:\n For \"instance\" storageType we wont have any storageSubType,\n in case of \"ebs\" storageType we will have following valid storageSubTypes\n

    \n
  1. standard
    2. \n
  2. gp2
    3. \n
  3. gp3
    4. \n
  4. io1
    5. \n
\n Refer VolumeType for more information regarding above EBS storage options.\n

" } }, "com.amazonaws.elasticsearchservice#StorageType": { @@ -6442,7 +6460,7 @@ "LimitName": { "target": "com.amazonaws.elasticsearchservice#LimitName", "traits": { - "smithy.api#documentation": "

\n Name of storage limits that are applicable for given storage type.\n If\n \n StorageType\n \n is ebs, following storage options are applicable\n

    \n
  1. MinimumVolumeSize
    2. \n Minimum amount of volume size that is applicable for given storage type.It can be empty if it is not applicable.\n
  2. MaximumVolumeSize
    3. \n Maximum amount of volume size that is applicable for given storage type.It can be empty if it is not applicable.\n
  3. MaximumIops
    4. \n Maximum amount of Iops that is applicable for given storage type.It can be empty if it is not applicable.\n
  4. MinimumIops
    5. \n Minimum amount of Iops that is applicable for given storage type.It can be empty if it is not applicable.\n
\n

" + "smithy.api#documentation": "

\n Name of storage limits that are applicable for given storage type.\n If\n \n StorageType\n \n is ebs, following storage options are applicable\n

    \n
  1. MinimumVolumeSize
    2. \n Minimum amount of volume size that is applicable for given storage type.It can be empty if it is not applicable.\n
  2. MaximumVolumeSize
    3. \n Maximum amount of volume size that is applicable for given storage type.It can be empty if it is not applicable.\n
  3. MaximumIops
    4. \n Maximum amount of Iops that is applicable for given storage type.It can be empty if it is not applicable.\n
  4. MinimumIops
    5. \n Minimum amount of Iops that is applicable for given storage type.It can be empty if it is not applicable.\n
  5. MaximumThroughput
    6. \n Maximum amount of Throughput that is applicable for given storage type.It can be empty if it is not applicable.\n
  6. MinimumThroughput
    7. \n Minimum amount of Throughput that is applicable for given storage type.It can be empty if it is not applicable.\n
\n

" } }, "LimitValues": { @@ -7151,7 +7169,7 @@ "com.amazonaws.elasticsearchservice#VolumeType": { "type": "string", "traits": { - "smithy.api#documentation": "

The type of EBS volume, standard, gp2, or io1. See Configuring EBS-based Storagefor more information.

", + "smithy.api#documentation": "

The type of EBS volume, standard, gp2, gp3 or io1. See Configuring EBS-based Storagefor more information.

", "smithy.api#enum": [ { "value": "standard", @@ -7164,6 +7182,10 @@ { "value": "io1", "name": "io1" + }, + { + "value": "gp3", + "name": "gp3" } ] } diff --git a/codegen/sdk/aws-models/fsx.json b/codegen/sdk/aws-models/fsx.json index a30a82df47d..f477e31a8be 100644 --- a/codegen/sdk/aws-models/fsx.json +++ b/codegen/sdk/aws-models/fsx.json @@ -1308,7 +1308,7 @@ "Paths": { "target": "com.amazonaws.fsx#DataRepositoryTaskPaths", "traits": { - "smithy.api#documentation": "

(Optional) The path or paths on the Amazon FSx file system to use when the data repository task is processed. \n The default path is the file system root directory. The paths you provide need to be relative to the mount point of the file system. \n If the mount point is /mnt/fsx and /mnt/fsx/path1 is a directory or \n file on the file system you want to export, then the path to provide is path1.\n If a path that you provide isn't valid, the task fails.

" + "smithy.api#documentation": "

A list of paths for the data repository task to use when the task is processed.\n If a path that you provide isn't valid, the task fails.

\n " } }, "FileSystemId": { @@ -1677,7 +1677,7 @@ "CopyTagsToVolumes": { "target": "com.amazonaws.fsx#Flag", "traits": { - "smithy.api#documentation": "

A Boolean value indicating whether tags for the volume should be copied to snapshots.\n This value defaults to false. If it's set to true, all tags\n for the volume are copied to snapshots where the user doesn't specify tags. If this\n value is true, and you specify one or more tags, only the specified tags\n are copied to snapshots. If you specify one or more tags when creating the snapshot, no\n tags are copied from the volume, regardless of this value.

" + "smithy.api#documentation": "

A Boolean value indicating whether tags for the file system should be copied to volumes.\n This value defaults to false. If it's set to true, all tags\n for the file system are copied to volumes where the user doesn't specify tags. If this\n value is true, and you specify one or more tags, only the specified tags\n are copied to volumes. If you specify one or more tags when creating the volume, no\n tags are copied from the file system, regardless of this value.

" } }, "DailyAutomaticBackupStartTime": { @@ -5113,7 +5113,7 @@ } ], "traits": { - "smithy.api#documentation": "

Lists tags for an Amazon FSx file systems and backups in the case of Amazon FSx for\n Windows File Server.

\n\n

When retrieving all tags, you can optionally specify the MaxResults\n parameter to limit the number of tags in a response. If more tags remain, Amazon FSx\n returns a NextToken value in the response. In this case, send a later\n request with the NextToken request parameter set to the value of\n NextToken from the last response.

\n\n

This action is used in an iterative process to retrieve a list of your tags.\n ListTagsForResource is called first without a\n NextTokenvalue. Then the action continues to be called with the\n NextToken parameter set to the value of the last NextToken\n value until a response has no NextToken.

\n\n

When using this action, keep the following in mind:

\n ", + "smithy.api#documentation": "

Lists tags for Amazon FSx resources.

\n\n

When retrieving all tags, you can optionally specify the MaxResults\n parameter to limit the number of tags in a response. If more tags remain, Amazon FSx\n returns a NextToken value in the response. In this case, send a later\n request with the NextToken request parameter set to the value of\n NextToken from the last response.

\n\n

This action is used in an iterative process to retrieve a list of your tags.\n ListTagsForResource is called first without a\n NextTokenvalue. Then the action continues to be called with the\n NextToken parameter set to the value of the last NextToken\n value until a response has no NextToken.

\n\n

When using this action, keep the following in mind:

\n ", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", diff --git a/codegen/sdk/aws-models/license-manager-user-subscriptions.json b/codegen/sdk/aws-models/license-manager-user-subscriptions.json new file mode 100644 index 00000000000..04488c6868c --- /dev/null +++ b/codegen/sdk/aws-models/license-manager-user-subscriptions.json @@ -0,0 +1,1303 @@ +{ + "smithy": "1.0", + "shapes": { + "com.amazonaws.licensemanagerusersubscriptions#AccessDeniedException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String" + } + }, + "traits": { + "smithy.api#documentation": "

You don't have sufficient access to perform this action.

", + "smithy.api#error": "client" + } + }, + "com.amazonaws.licensemanagerusersubscriptions#ActiveDirectoryIdentityProvider": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The directory ID for an Active Directory identity provider.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

Details about an Active Directory identity provider.

" + } + }, + "com.amazonaws.licensemanagerusersubscriptions#AssociateUser": { + "type": "operation", + "input": { + "target": "com.amazonaws.licensemanagerusersubscriptions#AssociateUserRequest" + }, + "output": { + "target": "com.amazonaws.licensemanagerusersubscriptions#AssociateUserResponse" + }, + "errors": [ + { + "target": "com.amazonaws.licensemanagerusersubscriptions#AccessDeniedException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ConflictException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#InternalServerException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ThrottlingException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Associates the user to an EC2 instance to utilize user-based subscriptions.

", + "smithy.api#http": { + "code": 200, + "method": "POST", + "uri": "/user/AssociateUser" + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.licensemanagerusersubscriptions#AssociateUserRequest": { + "type": "structure", + "members": { + "Username": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The user name from the identity provider for the user.

", + "smithy.api#required": {} + } + }, + "InstanceId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The ID of the EC2 instance, which provides user-based subscriptions.

", + "smithy.api#required": {} + } + }, + "IdentityProvider": { + "target": "com.amazonaws.licensemanagerusersubscriptions#IdentityProvider", + "traits": { + "smithy.api#documentation": "

The identity provider of the user.

", + "smithy.api#required": {} + } + }, + "Domain": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The domain name of the user.

" + } + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#AssociateUserResponse": { + "type": "structure", + "members": { + "InstanceUserSummary": { + "target": "com.amazonaws.licensemanagerusersubscriptions#InstanceUserSummary", + "traits": { + "smithy.api#documentation": "

Metadata that describes the associate user operation.

", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#BoxInteger": { + "type": "integer", + "traits": { + "smithy.api#box": {} + } + }, + "com.amazonaws.licensemanagerusersubscriptions#ConflictException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String" + } + }, + "traits": { + "smithy.api#documentation": "

The request couldn't be completed because it conflicted with the current state of the resource.

", + "smithy.api#error": "server" + } + }, + "com.amazonaws.licensemanagerusersubscriptions#DeregisterIdentityProvider": { + "type": "operation", + "input": { + "target": "com.amazonaws.licensemanagerusersubscriptions#DeregisterIdentityProviderRequest" + }, + "output": { + "target": "com.amazonaws.licensemanagerusersubscriptions#DeregisterIdentityProviderResponse" + }, + "errors": [ + { + "target": "com.amazonaws.licensemanagerusersubscriptions#AccessDeniedException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ConflictException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#InternalServerException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ThrottlingException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Deregisters the identity provider from providing user-based subscriptions.

", + "smithy.api#http": { + "code": 200, + "method": "POST", + "uri": "/identity-provider/DeregisterIdentityProvider" + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.licensemanagerusersubscriptions#DeregisterIdentityProviderRequest": { + "type": "structure", + "members": { + "IdentityProvider": { + "target": "com.amazonaws.licensemanagerusersubscriptions#IdentityProvider", + "traits": { + "smithy.api#documentation": "

An object that specifies details for the identity provider.

", + "smithy.api#required": {} + } + }, + "Product": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The name of the user-based subscription product.

", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#DeregisterIdentityProviderResponse": { + "type": "structure", + "members": { + "IdentityProviderSummary": { + "target": "com.amazonaws.licensemanagerusersubscriptions#IdentityProviderSummary", + "traits": { + "smithy.api#documentation": "

Metadata that describes the results of an identity provider operation.

", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#DisassociateUser": { + "type": "operation", + "input": { + "target": "com.amazonaws.licensemanagerusersubscriptions#DisassociateUserRequest" + }, + "output": { + "target": "com.amazonaws.licensemanagerusersubscriptions#DisassociateUserResponse" + }, + "errors": [ + { + "target": "com.amazonaws.licensemanagerusersubscriptions#AccessDeniedException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ConflictException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#InternalServerException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ThrottlingException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Disassociates the user from an EC2 instance providing user-based subscriptions.

", + "smithy.api#http": { + "code": 200, + "method": "POST", + "uri": "/user/DisassociateUser" + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.licensemanagerusersubscriptions#DisassociateUserRequest": { + "type": "structure", + "members": { + "Username": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The user name from the identity provider for the user.

", + "smithy.api#required": {} + } + }, + "InstanceId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The ID of the EC2 instance, which provides user-based subscriptions.

", + "smithy.api#required": {} + } + }, + "IdentityProvider": { + "target": "com.amazonaws.licensemanagerusersubscriptions#IdentityProvider", + "traits": { + "smithy.api#documentation": "

An object that specifies details for the identity provider.

", + "smithy.api#required": {} + } + }, + "Domain": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The domain name of the user.

" + } + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#DisassociateUserResponse": { + "type": "structure", + "members": { + "InstanceUserSummary": { + "target": "com.amazonaws.licensemanagerusersubscriptions#InstanceUserSummary", + "traits": { + "smithy.api#documentation": "

Metadata that describes the associate user operation.

", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#Filter": { + "type": "structure", + "members": { + "Attribute": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The name of an attribute to use as a filter.

" + } + }, + "Operation": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The type of search (For example, eq, geq, leq)

" + } + }, + "Value": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

Value of the filter.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

A filter name and value pair that is used to return more specific results from a\n describe operation. Filters can be used to match a set of resources by specific criteria,\n such as tags, attributes, or IDs.

" + } + }, + "com.amazonaws.licensemanagerusersubscriptions#FilterList": { + "type": "list", + "member": { + "target": "com.amazonaws.licensemanagerusersubscriptions#Filter" + } + }, + "com.amazonaws.licensemanagerusersubscriptions#IdentityProvider": { + "type": "union", + "members": { + "ActiveDirectoryIdentityProvider": { + "target": "com.amazonaws.licensemanagerusersubscriptions#ActiveDirectoryIdentityProvider", + "traits": { + "smithy.api#documentation": "

An object that details an Active Directory identity provider.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

Details about an identity provider.

" + } + }, + "com.amazonaws.licensemanagerusersubscriptions#IdentityProviderSummary": { + "type": "structure", + "members": { + "IdentityProvider": { + "target": "com.amazonaws.licensemanagerusersubscriptions#IdentityProvider", + "traits": { + "smithy.api#documentation": "

An object that specifies details for the identity provider.

", + "smithy.api#required": {} + } + }, + "Product": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The name of the user-based subscription product.

", + "smithy.api#required": {} + } + }, + "Status": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The status of an identity provider.

", + "smithy.api#required": {} + } + }, + "FailureMessage": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The failure message associated with an identity provider.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

Describes an identity provider.

" + } + }, + "com.amazonaws.licensemanagerusersubscriptions#IdentityProviderSummaryList": { + "type": "list", + "member": { + "target": "com.amazonaws.licensemanagerusersubscriptions#IdentityProviderSummary" + } + }, + "com.amazonaws.licensemanagerusersubscriptions#InstanceSummary": { + "type": "structure", + "members": { + "InstanceId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The ID of the EC2 instance, which provides user-based subscriptions.

", + "smithy.api#required": {} + } + }, + "Status": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The status of an EC2 instance resource.

", + "smithy.api#required": {} + } + }, + "Products": { + "target": "com.amazonaws.licensemanagerusersubscriptions#StringList", + "traits": { + "smithy.api#documentation": "

A list of provided user-based subscription products.

", + "smithy.api#required": {} + } + }, + "LastStatusCheckDate": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The date of the last status check.

" + } + }, + "StatusMessage": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The status message for an EC2 instance.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

Describes an EC2 instance providing user-based subscriptions.

" + } + }, + "com.amazonaws.licensemanagerusersubscriptions#InstanceSummaryList": { + "type": "list", + "member": { + "target": "com.amazonaws.licensemanagerusersubscriptions#InstanceSummary" + } + }, + "com.amazonaws.licensemanagerusersubscriptions#InstanceUserSummary": { + "type": "structure", + "members": { + "Username": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The user name from the identity provider for the user.

", + "smithy.api#required": {} + } + }, + "InstanceId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The ID of the EC2 instance, which provides user-based subscriptions.

", + "smithy.api#required": {} + } + }, + "IdentityProvider": { + "target": "com.amazonaws.licensemanagerusersubscriptions#IdentityProvider", + "traits": { + "smithy.api#documentation": "

An object that specifies details for the identity provider.

", + "smithy.api#required": {} + } + }, + "Status": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The status of a user associated with an EC2 instance.

", + "smithy.api#required": {} + } + }, + "StatusMessage": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The status message for users of an EC2 instance.

" + } + }, + "Domain": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The domain name of the user.

" + } + }, + "AssociationDate": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The date a user was associated with an EC2 instance.

" + } + }, + "DisassociationDate": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The date a user was disassociated from an EC2 instance.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

Describes users of an EC2 instance providing user-based subscriptions.

" + } + }, + "com.amazonaws.licensemanagerusersubscriptions#InstanceUserSummaryList": { + "type": "list", + "member": { + "target": "com.amazonaws.licensemanagerusersubscriptions#InstanceUserSummary" + } + }, + "com.amazonaws.licensemanagerusersubscriptions#InternalServerException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String" + } + }, + "traits": { + "smithy.api#documentation": "

An exception occurred with the service.

", + "smithy.api#error": "server" + } + }, + "com.amazonaws.licensemanagerusersubscriptions#LicenseManagerUserSubscriptions": { + "type": "service", + "traits": { + "aws.api#service": { + "sdkId": "License Manager User Subscriptions", + "arnNamespace": "license-manager-user-subscriptions", + "cloudTrailEventSource": "license-manager-user-subscriptions.amazonaws.com" + }, + "aws.auth#sigv4": { + "name": "license-manager-user-subscriptions" + }, + "aws.protocols#restJson1": {}, + "smithy.api#cors": { + "additionalAllowedHeaders": [ + "*", + "content-type", + "x-amz-content-sha256", + "x-amz-user-agent", + "x-amzn-platform-id", + "x-amzn-trace-id", + "content-length", + "x-api-key", + "authorization", + "x-amz-date", + "x-amz-security-token", + "Access-Control-Allow-Headers", + "Access-Control-Allow-Methods", + "Access-Control-Allow-Origin" + ], + "additionalExposedHeaders": [ + "x-amzn-errortype", + "x-amzn-requestid", + "x-amzn-trace-id" + ] + }, + "smithy.api#documentation": "

With License Manager, you can create user-based subscriptions to utilize licensed software with a per user subscription fee on Amazon EC2 instances.

", + "smithy.api#title": "AWS License Manager User Subscriptions" + }, + "version": "2018-05-10", + "operations": [ + { + "target": "com.amazonaws.licensemanagerusersubscriptions#AssociateUser" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#DeregisterIdentityProvider" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#DisassociateUser" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ListIdentityProviders" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ListInstances" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ListProductSubscriptions" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ListUserAssociations" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#RegisterIdentityProvider" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#StartProductSubscription" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#StopProductSubscription" + } + ] + }, + "com.amazonaws.licensemanagerusersubscriptions#ListIdentityProviders": { + "type": "operation", + "input": { + "target": "com.amazonaws.licensemanagerusersubscriptions#ListIdentityProvidersRequest" + }, + "output": { + "target": "com.amazonaws.licensemanagerusersubscriptions#ListIdentityProvidersResponse" + }, + "errors": [ + { + "target": "com.amazonaws.licensemanagerusersubscriptions#AccessDeniedException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ConflictException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#InternalServerException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ThrottlingException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Lists the identity providers for user-based subscriptions.

", + "smithy.api#http": { + "code": 200, + "method": "POST", + "uri": "/identity-provider/ListIdentityProviders" + }, + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "pageSize": "MaxResults", + "items": "IdentityProviderSummaries" + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#ListIdentityProvidersRequest": { + "type": "structure", + "members": { + "MaxResults": { + "target": "com.amazonaws.licensemanagerusersubscriptions#BoxInteger", + "traits": { + "smithy.api#documentation": "

Maximum number of results to return in a single call.

" + } + }, + "NextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

Token for the next set of results.

" + } + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#ListIdentityProvidersResponse": { + "type": "structure", + "members": { + "IdentityProviderSummaries": { + "target": "com.amazonaws.licensemanagerusersubscriptions#IdentityProviderSummaryList", + "traits": { + "smithy.api#documentation": "

Metadata that describes the list identity providers operation.

", + "smithy.api#required": {} + } + }, + "NextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

Token for the next set of results.

" + } + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#ListInstances": { + "type": "operation", + "input": { + "target": "com.amazonaws.licensemanagerusersubscriptions#ListInstancesRequest" + }, + "output": { + "target": "com.amazonaws.licensemanagerusersubscriptions#ListInstancesResponse" + }, + "errors": [ + { + "target": "com.amazonaws.licensemanagerusersubscriptions#AccessDeniedException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ConflictException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#InternalServerException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ThrottlingException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Lists the EC2 instances providing user-based subscriptions.

", + "smithy.api#http": { + "code": 200, + "method": "POST", + "uri": "/instance/ListInstances" + }, + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "pageSize": "MaxResults", + "items": "InstanceSummaries" + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#ListInstancesRequest": { + "type": "structure", + "members": { + "MaxResults": { + "target": "com.amazonaws.licensemanagerusersubscriptions#BoxInteger", + "traits": { + "smithy.api#documentation": "

Maximum number of results to return in a single call.

" + } + }, + "NextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

Token for the next set of results.

" + } + }, + "Filters": { + "target": "com.amazonaws.licensemanagerusersubscriptions#FilterList", + "traits": { + "smithy.api#documentation": "

An array of structures that you can use to filter the results to those that match one or\n more sets of key-value pairs that you specify.

" + } + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#ListInstancesResponse": { + "type": "structure", + "members": { + "InstanceSummaries": { + "target": "com.amazonaws.licensemanagerusersubscriptions#InstanceSummaryList", + "traits": { + "smithy.api#documentation": "

Metadata that describes the list instances operation.

" + } + }, + "NextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

Token for the next set of results.

" + } + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#ListProductSubscriptions": { + "type": "operation", + "input": { + "target": "com.amazonaws.licensemanagerusersubscriptions#ListProductSubscriptionsRequest" + }, + "output": { + "target": "com.amazonaws.licensemanagerusersubscriptions#ListProductSubscriptionsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.licensemanagerusersubscriptions#AccessDeniedException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ConflictException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#InternalServerException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ThrottlingException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Lists the user-based subscription products available from an identity provider.

", + "smithy.api#http": { + "code": 200, + "method": "POST", + "uri": "/user/ListProductSubscriptions" + }, + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "pageSize": "MaxResults", + "items": "ProductUserSummaries" + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#ListProductSubscriptionsRequest": { + "type": "structure", + "members": { + "Product": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The name of the user-based subscription product.

", + "smithy.api#required": {} + } + }, + "IdentityProvider": { + "target": "com.amazonaws.licensemanagerusersubscriptions#IdentityProvider", + "traits": { + "smithy.api#documentation": "

An object that specifies details for the identity provider.

", + "smithy.api#required": {} + } + }, + "MaxResults": { + "target": "com.amazonaws.licensemanagerusersubscriptions#BoxInteger", + "traits": { + "smithy.api#documentation": "

Maximum number of results to return in a single call.

" + } + }, + "Filters": { + "target": "com.amazonaws.licensemanagerusersubscriptions#FilterList", + "traits": { + "smithy.api#documentation": "

An array of structures that you can use to filter the results to those that match one or\n more sets of key-value pairs that you specify.

" + } + }, + "NextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

Token for the next set of results.

" + } + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#ListProductSubscriptionsResponse": { + "type": "structure", + "members": { + "ProductUserSummaries": { + "target": "com.amazonaws.licensemanagerusersubscriptions#ProductUserSummaryList", + "traits": { + "smithy.api#documentation": "

Metadata that describes the list product subscriptions operation.

" + } + }, + "NextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

Token for the next set of results.

" + } + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#ListUserAssociations": { + "type": "operation", + "input": { + "target": "com.amazonaws.licensemanagerusersubscriptions#ListUserAssociationsRequest" + }, + "output": { + "target": "com.amazonaws.licensemanagerusersubscriptions#ListUserAssociationsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.licensemanagerusersubscriptions#AccessDeniedException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ConflictException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#InternalServerException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ThrottlingException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Lists user associations for an identity provider.

", + "smithy.api#http": { + "code": 200, + "method": "POST", + "uri": "/user/ListUserAssociations" + }, + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "pageSize": "MaxResults", + "items": "InstanceUserSummaries" + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#ListUserAssociationsRequest": { + "type": "structure", + "members": { + "InstanceId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The ID of the EC2 instance, which provides user-based subscriptions.

", + "smithy.api#required": {} + } + }, + "IdentityProvider": { + "target": "com.amazonaws.licensemanagerusersubscriptions#IdentityProvider", + "traits": { + "smithy.api#documentation": "

An object that specifies details for the identity provider.

", + "smithy.api#required": {} + } + }, + "MaxResults": { + "target": "com.amazonaws.licensemanagerusersubscriptions#BoxInteger", + "traits": { + "smithy.api#documentation": "

Maximum number of results to return in a single call.

" + } + }, + "Filters": { + "target": "com.amazonaws.licensemanagerusersubscriptions#FilterList", + "traits": { + "smithy.api#documentation": "

An array of structures that you can use to filter the results to those that match one or\n more sets of key-value pairs that you specify.

" + } + }, + "NextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

Token for the next set of results.

" + } + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#ListUserAssociationsResponse": { + "type": "structure", + "members": { + "InstanceUserSummaries": { + "target": "com.amazonaws.licensemanagerusersubscriptions#InstanceUserSummaryList", + "traits": { + "smithy.api#documentation": "

Metadata that describes the list user association operation.

" + } + }, + "NextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

Token for the next set of results.

" + } + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#ProductUserSummary": { + "type": "structure", + "members": { + "Username": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The user name from the identity provider of the user.

", + "smithy.api#required": {} + } + }, + "Product": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The name of the user-based subscription product.

", + "smithy.api#required": {} + } + }, + "IdentityProvider": { + "target": "com.amazonaws.licensemanagerusersubscriptions#IdentityProvider", + "traits": { + "smithy.api#documentation": "

An object that specifies details for the identity provider.

", + "smithy.api#required": {} + } + }, + "Status": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The status of a product for a user.

", + "smithy.api#required": {} + } + }, + "StatusMessage": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The status message for a product for a user.

" + } + }, + "Domain": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The domain name of the user.

" + } + }, + "SubscriptionStartDate": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The start date of a subscription.

" + } + }, + "SubscriptionEndDate": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The end date of a subscription.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

The summary of the user-based subscription products for a user.

" + } + }, + "com.amazonaws.licensemanagerusersubscriptions#ProductUserSummaryList": { + "type": "list", + "member": { + "target": "com.amazonaws.licensemanagerusersubscriptions#ProductUserSummary" + } + }, + "com.amazonaws.licensemanagerusersubscriptions#RegisterIdentityProvider": { + "type": "operation", + "input": { + "target": "com.amazonaws.licensemanagerusersubscriptions#RegisterIdentityProviderRequest" + }, + "output": { + "target": "com.amazonaws.licensemanagerusersubscriptions#RegisterIdentityProviderResponse" + }, + "errors": [ + { + "target": "com.amazonaws.licensemanagerusersubscriptions#AccessDeniedException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ConflictException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#InternalServerException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ThrottlingException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Registers an identity provider for user-based subscriptions.

", + "smithy.api#http": { + "code": 200, + "method": "POST", + "uri": "/identity-provider/RegisterIdentityProvider" + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.licensemanagerusersubscriptions#RegisterIdentityProviderRequest": { + "type": "structure", + "members": { + "IdentityProvider": { + "target": "com.amazonaws.licensemanagerusersubscriptions#IdentityProvider", + "traits": { + "smithy.api#documentation": "

An object that specifies details for the identity provider.

", + "smithy.api#required": {} + } + }, + "Product": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The name of the user-based subscription product.

", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#RegisterIdentityProviderResponse": { + "type": "structure", + "members": { + "IdentityProviderSummary": { + "target": "com.amazonaws.licensemanagerusersubscriptions#IdentityProviderSummary", + "traits": { + "smithy.api#documentation": "

Metadata that describes the results of an identity provider operation.

", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#ResourceNotFoundException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String" + } + }, + "traits": { + "smithy.api#documentation": "

The resource couldn't be found.

", + "smithy.api#error": "client", + "smithy.api#httpError": 404 + } + }, + "com.amazonaws.licensemanagerusersubscriptions#ServiceQuotaExceededException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String" + } + }, + "traits": { + "smithy.api#documentation": "

The request failed because a service quota is exceeded.

", + "smithy.api#error": "client" + } + }, + "com.amazonaws.licensemanagerusersubscriptions#StartProductSubscription": { + "type": "operation", + "input": { + "target": "com.amazonaws.licensemanagerusersubscriptions#StartProductSubscriptionRequest" + }, + "output": { + "target": "com.amazonaws.licensemanagerusersubscriptions#StartProductSubscriptionResponse" + }, + "errors": [ + { + "target": "com.amazonaws.licensemanagerusersubscriptions#AccessDeniedException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ConflictException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#InternalServerException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ThrottlingException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Starts a product subscription for a user with the specified identity provider.

", + "smithy.api#http": { + "code": 200, + "method": "POST", + "uri": "/user/StartProductSubscription" + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#StartProductSubscriptionRequest": { + "type": "structure", + "members": { + "Username": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The user name from the identity provider of the user.

", + "smithy.api#required": {} + } + }, + "IdentityProvider": { + "target": "com.amazonaws.licensemanagerusersubscriptions#IdentityProvider", + "traits": { + "smithy.api#documentation": "

An object that specifies details for the identity provider.

", + "smithy.api#required": {} + } + }, + "Product": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The name of the user-based subscription product.

", + "smithy.api#required": {} + } + }, + "Domain": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The domain name of the user.

" + } + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#StartProductSubscriptionResponse": { + "type": "structure", + "members": { + "ProductUserSummary": { + "target": "com.amazonaws.licensemanagerusersubscriptions#ProductUserSummary", + "traits": { + "smithy.api#documentation": "

Metadata that describes the start product subscription operation.

", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#StopProductSubscription": { + "type": "operation", + "input": { + "target": "com.amazonaws.licensemanagerusersubscriptions#StopProductSubscriptionRequest" + }, + "output": { + "target": "com.amazonaws.licensemanagerusersubscriptions#StopProductSubscriptionResponse" + }, + "errors": [ + { + "target": "com.amazonaws.licensemanagerusersubscriptions#AccessDeniedException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ConflictException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#InternalServerException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ThrottlingException" + }, + { + "target": "com.amazonaws.licensemanagerusersubscriptions#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Stops a product subscription for a user with the specified identity provider.

", + "smithy.api#http": { + "code": 200, + "method": "POST", + "uri": "/user/StopProductSubscription" + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#StopProductSubscriptionRequest": { + "type": "structure", + "members": { + "Username": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The user name from the identity provider for the user.

", + "smithy.api#required": {} + } + }, + "IdentityProvider": { + "target": "com.amazonaws.licensemanagerusersubscriptions#IdentityProvider", + "traits": { + "smithy.api#documentation": "

An object that specifies details for the identity provider.

", + "smithy.api#required": {} + } + }, + "Product": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The name of the user-based subscription product.

", + "smithy.api#required": {} + } + }, + "Domain": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The domain name of the user.

" + } + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#StopProductSubscriptionResponse": { + "type": "structure", + "members": { + "ProductUserSummary": { + "target": "com.amazonaws.licensemanagerusersubscriptions#ProductUserSummary", + "traits": { + "smithy.api#documentation": "

Metadata that describes the start product subscription operation.

", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.licensemanagerusersubscriptions#StringList": { + "type": "list", + "member": { + "target": "smithy.api#String" + } + }, + "com.amazonaws.licensemanagerusersubscriptions#ThrottlingException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String" + } + }, + "traits": { + "smithy.api#documentation": "

The request was denied because of request throttling. Retry the request.

", + "smithy.api#error": "client" + } + }, + "com.amazonaws.licensemanagerusersubscriptions#ValidationException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String" + } + }, + "traits": { + "smithy.api#documentation": "

A parameter is not valid.

", + "smithy.api#error": "client" + } + } + } +} \ No newline at end of file diff --git a/codegen/sdk/aws-models/lookoutvision.json b/codegen/sdk/aws-models/lookoutvision.json index 69755bd6847..80d9d65af0d 100644 --- a/codegen/sdk/aws-models/lookoutvision.json +++ b/codegen/sdk/aws-models/lookoutvision.json @@ -45,6 +45,26 @@ "smithy.api#httpError": 403 } }, + "com.amazonaws.lookoutvision#Anomaly": { + "type": "structure", + "members": { + "Name": { + "target": "com.amazonaws.lookoutvision#AnomalyName", + "traits": { + "smithy.api#documentation": "

The name of an anomaly type found in an image. \n Name maps to an anomaly type in the training dataset, apart from the anomaly type background.\n The service automatically inserts the background anomaly type into the response from DetectAnomalies.

" + } + }, + "PixelAnomaly": { + "target": "com.amazonaws.lookoutvision#PixelAnomaly", + "traits": { + "smithy.api#documentation": "

Information about the pixel mask that covers an anomaly type.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

Information about an anomaly type found on an image by an image segmentation model. \n For more information, see DetectAnomalies.

" + } + }, "com.amazonaws.lookoutvision#AnomalyClassFilter": { "type": "string", "traits": { @@ -55,6 +75,31 @@ "smithy.api#pattern": "^(normal|anomaly)$" } }, + "com.amazonaws.lookoutvision#AnomalyList": { + "type": "list", + "member": { + "target": "com.amazonaws.lookoutvision#Anomaly" + } + }, + "com.amazonaws.lookoutvision#AnomalyMask": { + "type": "blob", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 5242880 + } + } + }, + "com.amazonaws.lookoutvision#AnomalyName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 256 + }, + "smithy.api#pattern": "^[a-zA-Z0-9]*$" + } + }, "com.amazonaws.lookoutvision#Boolean": { "type": "boolean" }, @@ -68,6 +113,16 @@ "smithy.api#pattern": "^[a-zA-Z0-9-]+$" } }, + "com.amazonaws.lookoutvision#Color": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 7, + "max": 7 + }, + "smithy.api#pattern": "^\\#[a-zA-Z0-9]{6}$" + } + }, "com.amazonaws.lookoutvision#CompilerOptions": { "type": "string", "traits": { @@ -1153,7 +1208,7 @@ } ], "traits": { - "smithy.api#documentation": "

Detects anomalies in an image that you supply.

\n

The response from DetectAnomalies includes a boolean prediction\n that the image contains one or more anomalies and a confidence value for the prediction.

\n \n

Before calling DetectAnomalies, you must first start your model with the StartModel operation.\n You are charged for the amount of time, in minutes, that a model runs and for the number of anomaly detection units that your\n model uses. If you are not using a model, use the StopModel operation to stop your model.

\n \n

This operation requires permissions to perform the\n lookoutvision:DetectAnomalies operation.

", + "smithy.api#documentation": "

Detects anomalies in an image that you supply.

\n

The response from DetectAnomalies includes a boolean prediction\n that the image contains one or more anomalies and a confidence value for the prediction.\n If the model is an image segmentation model, the response also includes segmentation\n information for each type of anomaly found in the image.

\n \n

Before calling DetectAnomalies, you must first start your model with the StartModel operation.\n You are charged for the amount of time, in minutes, that a model runs and for the number of anomaly detection units that your\n model uses. If you are not using a model, use the StopModel operation to stop your model.

\n \n \n

For more information, see Detecting anomalies in an image in the Amazon Lookout for Vision developer guide.

\n \n

This operation requires permissions to perform the\n lookoutvision:DetectAnomalies operation.

", "smithy.api#http": { "method": "POST", "uri": "/2020-11-20/projects/{ProjectName}/models/{ModelVersion}/detect", @@ -1221,18 +1276,30 @@ "IsAnomalous": { "target": "com.amazonaws.lookoutvision#Boolean", "traits": { - "smithy.api#documentation": "

True if the image contains an anomaly, otherwise false.

" + "smithy.api#documentation": "

True if Amazon Lookout for Vision classifies the image as containing an anomaly, otherwise false.

" } }, "Confidence": { "target": "com.amazonaws.lookoutvision#Float", "traits": { - "smithy.api#documentation": "

The confidence that Amazon Lookout for Vision has in the accuracy of the prediction.

" + "smithy.api#documentation": "

The confidence that Lookout for Vision has in the accuracy of the classification in IsAnomalous.

" + } + }, + "Anomalies": { + "target": "com.amazonaws.lookoutvision#AnomalyList", + "traits": { + "smithy.api#documentation": "

If the model is an image segmentation model, Anomalies contains a list of\n anomaly types found in the image. There is one entry for each type of anomaly found (even\n if multiple instances of an anomaly type exist on the image). The first element in the list\n is always an anomaly type representing the image background ('background') and shouldn't be\n considered an anomaly. Amazon Lookout for Vision automatically add the background anomaly type to the\n response, and you don't need to declare a background anomaly type in your dataset.

\n

If the list has one entry ('background'), no anomalies were found on the image.

\n

\n

An image classification model doesn't return an Anomalies list.

" + } + }, + "AnomalyMask": { + "target": "com.amazonaws.lookoutvision#AnomalyMask", + "traits": { + "smithy.api#documentation": "

If the model is an image segmentation model, AnomalyMask contains pixel masks that covers all anomaly types found on the image.\n \n Each anomaly type has a different mask color. To map a color to an anomaly type, see the color field\n of the PixelAnomaly object.

\n

An image classification model doesn't return an Anomalies list.

" } } }, "traits": { - "smithy.api#documentation": "

The prediction results from a call to DetectAnomalies.

" + "smithy.api#documentation": "

The prediction results from a call to DetectAnomalies.\n DetectAnomalyResult includes classification information for the prediction (IsAnomalous and Confidence).\n If the model you use is an image segementation model, DetectAnomalyResult also includes segmentation information (Anomalies\n and AnomalyMask). Classification information is calculated separately from segmentation information\n and you shouldn't assume a relationship between them.

" } }, "com.amazonaws.lookoutvision#ExceptionString": { @@ -1250,7 +1317,7 @@ "CompilerOptions": { "target": "com.amazonaws.lookoutvision#CompilerOptions", "traits": { - "smithy.api#documentation": "

Additional compiler options for the Greengrass component. Currently, \n only NVIDIA Graphics Processing Units (GPU) are supported. If you specify TargetPlatform, you must specify\nCompilerOptions. If you specify TargetDevice, don't specify CompilerOptions.

\n \n \n

For more information, see \n Compiler options in the Amazon Lookout for Vision Developer Guide.

" + "smithy.api#documentation": "

Additional compiler options for the Greengrass component. Currently, \n only NVIDIA Graphics Processing Units (GPU) and CPU accelerators are supported. \n If you specify TargetDevice, don't specify CompilerOptions.

\n \n \n

For more information, see \n Compiler options in the Amazon Lookout for Vision Developer Guide.

" } }, "TargetDevice": { @@ -1262,7 +1329,7 @@ "TargetPlatform": { "target": "com.amazonaws.lookoutvision#TargetPlatform", "traits": { - "smithy.api#documentation": "

The target platform for the model. If you specify TargetPlatform, you can't specify\n TargetDevice.\n

" + "smithy.api#documentation": "

The target platform for the model. If you specify TargetPlatform, you can't specify\n TargetDevice. \n

" } }, "S3OutputLocation": { @@ -2522,6 +2589,26 @@ "smithy.api#pattern": "^[a-zA-Z0-9\\/\\+\\=]{0,2048}$" } }, + "com.amazonaws.lookoutvision#PixelAnomaly": { + "type": "structure", + "members": { + "TotalPercentageArea": { + "target": "com.amazonaws.lookoutvision#Float", + "traits": { + "smithy.api#documentation": "

The percentage area of the image that the anomaly type covers.

" + } + }, + "Color": { + "target": "com.amazonaws.lookoutvision#Color", + "traits": { + "smithy.api#documentation": "

A hex color value for the mask that covers an anomaly type. Each anomaly type has\n a different mask color. The color maps to the color of the anomaly type used in the\n training dataset.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

Information about the pixels in an anomaly mask. For more information, see Anomaly.\n PixelAnomaly is only returned by image segmentation models.

" + } + }, "com.amazonaws.lookoutvision#ProjectArn": { "type": "string" }, @@ -3217,8 +3304,7 @@ "Accelerator": { "target": "com.amazonaws.lookoutvision#TargetPlatformAccelerator", "traits": { - "smithy.api#documentation": "

The target accelerator for the model. NVIDIA (Nvidia graphics processing unit) \n is the only accelerator that is currently supported. You must also specify the gpu-code, trt-ver,\n and cuda-ver compiler options.\n \n

", - "smithy.api#required": {} + "smithy.api#documentation": "

The target accelerator for the model. Currently, Amazon Lookout for Vision only supports NVIDIA (Nvidia graphics processing unit) \n and CPU accelerators. If you specify NVIDIA as an accelerator, you must also specify the gpu-code, trt-ver,\n and cuda-ver compiler options. If you don't specify an accelerator, Lookout for Vision uses the CPU for compilation and we highly recommend that you use the\n GreengrassConfiguration$CompilerOptions field. For example, you can use the following compiler options for CPU:

\n " } } }, diff --git a/codegen/sdk/aws-models/opensearch.json b/codegen/sdk/aws-models/opensearch.json index b3196a060ae..95f879c0ec2 100644 --- a/codegen/sdk/aws-models/opensearch.json +++ b/codegen/sdk/aws-models/opensearch.json @@ -158,6 +158,9 @@ "input": { "target": "com.amazonaws.opensearch#AddTagsRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.opensearch#BaseException" @@ -3504,7 +3507,13 @@ "Iops": { "target": "com.amazonaws.opensearch#IntegerClass", "traits": { - "smithy.api#documentation": "

The IOPD for a Provisioned IOPS EBS volume (SSD).

" + "smithy.api#documentation": "

The IOPS for Provisioned IOPS And GP3 EBS volume (SSD).

" + } + }, + "Throughput": { + "target": "com.amazonaws.opensearch#IntegerClass", + "traits": { + "smithy.api#documentation": "

The Throughput for GP3 EBS volume (SSD).

" } } }, @@ -5920,6 +5929,9 @@ "input": { "target": "com.amazonaws.opensearch#RemoveTagsRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.opensearch#BaseException" @@ -6596,7 +6608,7 @@ "com.amazonaws.opensearch#StorageSubTypeName": { "type": "string", "traits": { - "smithy.api#documentation": "

\n Sub-type of the given storage type.\n List of available sub-storage options:\n \"instance\" storageType has no storageSubType.\n \"ebs\" storageType has the following valid storageSubTypes:\n

    \n
  1. standard
    2. \n
  2. gp2
    3. \n
  3. io1
    4. \n
\n See\n \n VolumeType\n \n for more information regarding each EBS storage option.\n

" + "smithy.api#documentation": "

\n Sub-type of the given storage type.\n List of available sub-storage options:\n \"instance\" storageType has no storageSubType.\n \"ebs\" storageType has the following valid storageSubTypes:\n

    \n
  1. standard
    2. \n
  2. gp2
    3. \n
  3. gp3
    4. \n
  4. io1
    5. \n
\n See\n \n VolumeType\n \n for more information regarding each EBS storage option.\n

" } }, "com.amazonaws.opensearch#StorageType": { @@ -6625,7 +6637,7 @@ "LimitName": { "target": "com.amazonaws.opensearch#LimitName", "traits": { - "smithy.api#documentation": "

\n Name of storage limits that are applicable for the given storage type.\n If\n \n StorageType\n \n is \"ebs\", the following storage options are applicable:\n

    \n
  1. MinimumVolumeSize
    2. \n Minimum amount of volume size that is applicable for the given storage type. Can be empty if not applicable.\n
  2. MaximumVolumeSize
    3. \n Maximum amount of volume size that is applicable for the given storage type. Can be empty if not applicable.\n
  3. MaximumIops
    4. \n Maximum amount of Iops that is applicable for given the storage type. Can be empty if not applicable.\n
  4. MinimumIops
    5. \n Minimum amount of Iops that is applicable for given the storage type. Can be empty if not applicable.\n
\n

" + "smithy.api#documentation": "

\n Name of storage limits that are applicable for the given storage type.\n If\n \n StorageType\n \n is \"ebs\", the following storage options are applicable:\n

    \n
  1. MinimumVolumeSize
    2. \n Minimum amount of volume size that is applicable for the given storage type. Can be empty if not applicable.\n
  2. MaximumVolumeSize
    3. \n Maximum amount of volume size that is applicable for the given storage type. Can be empty if not applicable.\n
  3. MaximumIops
    4. \n Maximum amount of Iops that is applicable for given the storage type. Can be empty if not applicable.\n
  4. MinimumIops
    5. \n Minimum amount of Iops that is applicable for given the storage type. Can be empty if not applicable.\n
  5. MaximumThroughput
    6. \n Maximum amount of Throughput that is applicable for given the storage type. Can be empty if not applicable.\n
  6. MinimumThroughput
    7. \n Minimum amount of Throughput that is applicable for given the storage type. Can be empty if not applicable.\n
\n

" } }, "LimitValues": { @@ -7388,7 +7400,7 @@ "com.amazonaws.opensearch#VolumeType": { "type": "string", "traits": { - "smithy.api#documentation": "

The type of EBS volume, standard, gp2, or io1. See Configuring EBS-based Storage for more information.\n

", + "smithy.api#documentation": "

The type of EBS volume, standard, gp2, gp3 or io1. See Configuring EBS-based Storage for more information.\n

", "smithy.api#enum": [ { "value": "standard", @@ -7401,6 +7413,10 @@ { "value": "io1", "name": "io1" + }, + { + "value": "gp3", + "name": "gp3" } ] } diff --git a/codegen/sdk/aws-models/personalize.json b/codegen/sdk/aws-models/personalize.json index 7e2e23f7cc6..6bf5c690d90 100644 --- a/codegen/sdk/aws-models/personalize.json +++ b/codegen/sdk/aws-models/personalize.json @@ -1368,7 +1368,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates an empty dataset and adds it to the specified dataset group. Use \n CreateDatasetImportJob to import your training data to a dataset.

\n \n

There are three types of datasets:

\n \n

Each dataset type has an associated schema with required field types. Only the\n Interactions dataset is required in order to train a model (also referred to as\n creating a solution).

\n

A dataset can be in one of the following states:

\n \n

To get the status of the dataset, call DescribeDataset.

\n

\n Related APIs\n

\n ", + "smithy.api#documentation": "

Creates an empty dataset and adds it to the specified dataset group.\n Use CreateDatasetImportJob to import your training data to a\n dataset.

\n\n

There are three types of datasets:

\n \n

Each dataset type has an associated schema with required field types.\n Only the Interactions dataset is required in order to train a\n model (also referred to as creating a solution).

\n

A dataset can be in one of the following states:

\n \n

To get the status of the dataset, call DescribeDataset.

\n

\n Related APIs\n

\n ", "smithy.api#idempotent": {} } }, @@ -1401,7 +1401,7 @@ } ], "traits": { - "smithy.api#documentation": "

\n Creates a job that exports data from your dataset to an Amazon S3 bucket. \n To allow Amazon Personalize to export the training data, you must specify an\n service-linked IAM role that gives Amazon Personalize PutObject permissions for your Amazon S3 bucket. \n For information, see Exporting a dataset \n in the Amazon Personalize developer guide.\n

\n

\n Status\n

\n

A dataset export job can be in one of the following states:

\n \n

\n To get the status of the export job, call DescribeDatasetExportJob,\n and specify the Amazon Resource Name (ARN) of the dataset export job. The dataset export is\n complete when the status shows as ACTIVE. If the status shows as CREATE FAILED, the response\n includes a failureReason key, which describes why the job failed.\n

", + "smithy.api#documentation": "

Creates a job that exports data from your dataset to an Amazon S3 bucket.\n To allow Amazon Personalize to export the training data, you must specify an\n service-linked IAM role that gives Amazon Personalize PutObject\n permissions for your Amazon S3 bucket. For information, see Exporting a dataset in the Amazon Personalize developer guide.

\n

\n Status\n

\n

A dataset export job can be in one of the following states:

\n \n

To get the status of the export job, call DescribeDatasetExportJob, and specify the Amazon Resource Name\n (ARN) of the dataset export job. The dataset export is complete when the\n status shows as ACTIVE. If the status shows as CREATE FAILED, the response\n includes a failureReason key, which describes why the job\n failed.

", "smithy.api#idempotent": {} } }, @@ -1418,20 +1418,20 @@ "datasetArn": { "target": "com.amazonaws.personalize#Arn", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the dataset that contains the data to export.

", + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the dataset that contains the data\n to export.

", "smithy.api#required": {} } }, "ingestionMode": { "target": "com.amazonaws.personalize#IngestionMode", "traits": { - "smithy.api#documentation": "

The data to export, based on how you imported the data. You can choose to export only BULK data that you imported using a dataset import job, \n only PUT data that you imported incrementally (using the console, PutEvents, PutUsers and PutItems operations), or ALL \n for both types. The default value is PUT.\n

" + "smithy.api#documentation": "

The data to export, based on how you imported the data. You can choose\n to export only BULK data that you imported using a dataset\n import job, only PUT data that you imported incrementally\n (using the console, PutEvents, PutUsers and PutItems operations), or\n ALL for both types. The default value is PUT.\n

" } }, "roleArn": { "target": "com.amazonaws.personalize#RoleArn", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the IAM service role that has permissions to add data to your\n output Amazon S3 bucket.

", + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the IAM service role that has\n permissions to add data to your output Amazon S3 bucket.

", "smithy.api#required": {} } }, @@ -1484,7 +1484,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates an empty dataset group. A dataset group is a container for Amazon Personalize resources. \n A dataset group can contain at most three datasets, one for each type of\n dataset:

\n \n

\n A dataset group can be a Domain dataset group, where you specify a domain and use\n pre-configured resources like recommenders, or a Custom dataset group, where you use custom resources, such as a solution with a solution version, that\n you deploy with a campaign. If you start with a Domain dataset group, you can still add custom resources such as\n solutions and solution versions trained with recipes for custom use cases and deployed with campaigns.\n

\n

A dataset group can be in one of the following states:

\n \n

To get the status of the dataset group, call DescribeDatasetGroup. If\n the status shows as CREATE FAILED, the response includes a failureReason key,\n which describes why the creation failed.

\n \n

You must wait until the status of the dataset group is ACTIVE\n before adding a dataset to the group.

\n \n

You can specify an Key Management Service (KMS) key to encrypt the datasets in the group. If you\n specify a KMS key, you must also include an Identity and Access Management (IAM) role that has permission to\n access the key.

\n

\n APIs that require a dataset group ARN in the request\n

\n \n

\n Related APIs\n

\n " + "smithy.api#documentation": "

Creates an empty dataset group. A dataset group is a container for\n Amazon Personalize resources. A dataset group can contain at most three datasets, one\n for each type of dataset:

\n \n

A dataset group can be a Domain dataset group, where you specify a\n domain and use pre-configured resources like recommenders, or a\n Custom dataset group, where you use custom resources, such as a solution\n with a solution version, that you deploy with a campaign. If you start\n with a Domain dataset group, you can still add custom resources such as\n solutions and solution versions trained with recipes for custom use cases\n and deployed with campaigns.

\n

A dataset group can be in one of the following states:

\n \n

To get the status of the dataset group, call DescribeDatasetGroup. If the status shows as CREATE FAILED, the\n response includes a failureReason key, which describes why\n the creation failed.

\n \n

You must wait until the status of the dataset group is\n ACTIVE before adding a dataset to the group.

\n \n

You can specify an Key Management Service (KMS) key to encrypt the datasets in\n the group. If you specify a KMS key, you must also include an Identity and Access Management\n (IAM) role that has permission to access the key.

\n

\n APIs that require a dataset group ARN in the request\n

\n \n

\n Related APIs\n

\n " } }, "com.amazonaws.personalize#CreateDatasetGroupRequest": { @@ -1500,19 +1500,19 @@ "roleArn": { "target": "com.amazonaws.personalize#RoleArn", "traits": { - "smithy.api#documentation": "

The ARN of the Identity and Access Management (IAM) role that has permissions to access the Key Management Service (KMS) key. Supplying an IAM\n role is only valid when also specifying a KMS key.

" + "smithy.api#documentation": "

The ARN of the Identity and Access Management (IAM) role that has permissions to access\n the Key Management Service (KMS) key. Supplying an IAM role is only valid when also\n specifying a KMS key.

" } }, "kmsKeyArn": { "target": "com.amazonaws.personalize#KmsKeyArn", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of a Key Management Service (KMS) key used to encrypt the datasets.

" + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of a Key Management Service (KMS) key used to\n encrypt the datasets.

" } }, "domain": { "target": "com.amazonaws.personalize#Domain", "traits": { - "smithy.api#documentation": "

The domain of the dataset group. Specify a domain to create a Domain dataset group. The domain you specify \n determines the default schemas for datasets and the use cases available for recommenders. If you don't specify a domain,\n you create a Custom dataset group with solution versions that you deploy with a campaign.\n

" + "smithy.api#documentation": "

The domain of the dataset group. Specify a domain to create a\n Domain dataset group. The domain you specify determines the default\n schemas for datasets and the use cases available for recommenders. If you\n don't specify a domain, you create a Custom dataset group with solution\n versions that you deploy with a campaign.

" } }, "tags": { @@ -1569,7 +1569,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates a job that imports training data from your data source (an Amazon S3 bucket) to an\n Amazon Personalize dataset. To allow Amazon Personalize to import the training data, you must specify an\n IAM service role that has permission to read from the data source, as Amazon Personalize makes a\n copy of your data and processes it internally. For information on granting access\n to your Amazon S3 bucket, see Giving Amazon Personalize \n Access to Amazon S3 Resources.

\n \n

The dataset import job replaces any existing data in the dataset that you imported in bulk.

\n \n

\n Status\n

\n

A dataset import job can be in one of the following states:

\n \n

To get the status of the import job, call DescribeDatasetImportJob,\n providing the Amazon Resource Name (ARN) of the dataset import job. The dataset import is\n complete when the status shows as ACTIVE. If the status shows as CREATE FAILED, the response\n includes a failureReason key, which describes why the job failed.

\n \n

Importing takes time. You must wait until the status shows as ACTIVE before training a\n model using the dataset.

\n \n \n

\n Related APIs\n

\n " + "smithy.api#documentation": "

Creates a job that imports training data from your data source (an\n Amazon S3 bucket) to an Amazon Personalize dataset. To allow Amazon Personalize to import the\n training data, you must specify an IAM service role that has permission to\n read from the data source, as Amazon Personalize makes a copy of your data and\n processes it internally. For information on granting access to your Amazon S3\n bucket, see Giving\n Amazon Personalize Access to Amazon S3 Resources.

\n \n

By default, a dataset import job replaces any existing data in the\n dataset that you imported in bulk. To add new records without replacing\n existing data, specify INCREMENTAL for the import mode in the\n CreateDatasetImportJob operation.

\n \n

\n Status\n

\n

A dataset import job can be in one of the following states:

\n \n

To get the status of the import job, call DescribeDatasetImportJob, providing the Amazon Resource Name\n (ARN) of the dataset import job. The dataset import is complete when the\n status shows as ACTIVE. If the status shows as CREATE FAILED, the response\n includes a failureReason key, which describes why the job\n failed.

\n \n

Importing takes time. You must wait until the status shows as ACTIVE\n before training a model using the dataset.

\n \n \n

\n Related APIs\n

\n " } }, "com.amazonaws.personalize#CreateDatasetImportJobRequest": { @@ -1599,7 +1599,7 @@ "roleArn": { "target": "com.amazonaws.personalize#RoleArn", "traits": { - "smithy.api#documentation": "

The ARN of the IAM role that has permissions to read from the Amazon S3 data source.

", + "smithy.api#documentation": "

The ARN of the IAM role that has permissions to read from the Amazon S3\n data source.

", "smithy.api#required": {} } }, @@ -1608,6 +1608,12 @@ "traits": { "smithy.api#documentation": "

A list of tags to apply to the dataset import job.

" } + }, + "importMode": { + "target": "com.amazonaws.personalize#ImportMode", + "traits": { + "smithy.api#documentation": "

Specify how to add the new records to an existing dataset. The default\n import mode is FULL. If you haven't imported bulk records into the dataset previously, you\n can only specify FULL.

\n " + } } } }, @@ -1635,14 +1641,14 @@ "schemaArn": { "target": "com.amazonaws.personalize#Arn", "traits": { - "smithy.api#documentation": "

The ARN of the schema to associate with the dataset. The schema defines the dataset\n fields.

", + "smithy.api#documentation": "

The ARN of the schema to associate with the dataset. The schema\n defines the dataset fields.

", "smithy.api#required": {} } }, "datasetGroupArn": { "target": "com.amazonaws.personalize#Arn", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the dataset group to add the dataset to.

", + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the dataset group to add the dataset\n to.

", "smithy.api#required": {} } }, @@ -2129,12 +2135,12 @@ "dataLocation": { "target": "com.amazonaws.personalize#S3Location", "traits": { - "smithy.api#documentation": "

The path to the Amazon S3 bucket where the data that you want to upload to your dataset is\n stored. For example:

\n

\n s3://bucket-name/folder-name/\n

" + "smithy.api#documentation": "

The path to the Amazon S3 bucket where the data that you want to upload to\n your dataset is stored. For example:

\n

\n s3://bucket-name/folder-name/\n

" } } }, "traits": { - "smithy.api#documentation": "

Describes the data source that contains the data to upload to a dataset.

" + "smithy.api#documentation": "

Describes the data source that contains the data to upload to a\n dataset.

" } }, "com.amazonaws.personalize#Dataset": { @@ -2149,7 +2155,7 @@ "datasetArn": { "target": "com.amazonaws.personalize#Arn", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the dataset that you want metadata for.

" + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the dataset that you want metadata\n for.

" } }, "datasetGroupArn": { @@ -2173,7 +2179,7 @@ "status": { "target": "com.amazonaws.personalize#Status", "traits": { - "smithy.api#documentation": "

The status of the dataset.

\n

A dataset can be in one of the following states:

\n " + "smithy.api#documentation": "

The status of the dataset.

\n

A dataset can be in one of the following states:

\n " } }, "creationDateTime": { @@ -2217,37 +2223,37 @@ "ingestionMode": { "target": "com.amazonaws.personalize#IngestionMode", "traits": { - "smithy.api#documentation": "

The data to export, based on how you imported the data. You can choose to export BULK data that you imported using a dataset import job, \n PUT data that you imported incrementally (using the console, PutEvents, PutUsers and PutItems operations), or ALL \n for both types. The default value is PUT.\n

" + "smithy.api#documentation": "

The data to export, based on how you imported the data. You can choose\n to export BULK data that you imported using a dataset import\n job, PUT data that you imported incrementally (using the\n console, PutEvents, PutUsers and PutItems operations), or ALL\n for both types. The default value is PUT.

" } }, "roleArn": { "target": "com.amazonaws.personalize#Arn", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the IAM service role that has permissions to add data to your\n output Amazon S3 bucket.

" + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the IAM service role that has\n permissions to add data to your output Amazon S3 bucket.

" } }, "status": { "target": "com.amazonaws.personalize#Status", "traits": { - "smithy.api#documentation": "

The status of the dataset export job.

\n

A dataset export job can be in one of the following states:

\n " + "smithy.api#documentation": "

The status of the dataset export job.

\n

A dataset export job can be in one of the following states:

\n " } }, "jobOutput": { "target": "com.amazonaws.personalize#DatasetExportJobOutput", "traits": { - "smithy.api#documentation": "

The path to the Amazon S3 bucket where the job's output is stored. For example:

\n

\n s3://bucket-name/folder-name/\n

" + "smithy.api#documentation": "

The path to the Amazon S3 bucket where the job's output is stored. For\n example:

\n

\n s3://bucket-name/folder-name/\n

" } }, "creationDateTime": { "target": "com.amazonaws.personalize#Date", "traits": { - "smithy.api#documentation": "

The creation date and time (in Unix time) of the dataset export job.

" + "smithy.api#documentation": "

The creation date and time (in Unix time) of the dataset export\n job.

" } }, "lastUpdatedDateTime": { "target": "com.amazonaws.personalize#Date", "traits": { - "smithy.api#documentation": "

The date and time (in Unix time) the status of the dataset export job was last updated.

" + "smithy.api#documentation": "

The date and time (in Unix time) the status of the dataset export job\n was last updated.

" } }, "failureReason": { @@ -2258,7 +2264,7 @@ } }, "traits": { - "smithy.api#documentation": "

Describes a job that exports a dataset to an Amazon S3 bucket. For more information, see CreateDatasetExportJob.

\n

A dataset export job can be in one of the following states:

\n " + "smithy.api#documentation": "

Describes a job that exports a dataset to an Amazon S3 bucket. For more\n information, see CreateDatasetExportJob.

\n

A dataset export job can be in one of the following states:

\n " } }, "com.amazonaws.personalize#DatasetExportJobOutput": { @@ -2349,19 +2355,19 @@ "status": { "target": "com.amazonaws.personalize#Status", "traits": { - "smithy.api#documentation": "

The current status of the dataset group.

\n

A dataset group can be in one of the following states:

\n " + "smithy.api#documentation": "

The current status of the dataset group.

\n

A dataset group can be in one of the following states:

\n " } }, "roleArn": { "target": "com.amazonaws.personalize#RoleArn", "traits": { - "smithy.api#documentation": "

The ARN of the IAM role that has permissions to create the dataset group.

" + "smithy.api#documentation": "

The ARN of the IAM role that has permissions to create the dataset\n group.

" } }, "kmsKeyArn": { "target": "com.amazonaws.personalize#KmsKeyArn", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the Key Management Service (KMS) key used to encrypt the datasets.

" + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the Key Management Service (KMS) key used to\n encrypt the datasets.

" } }, "creationDateTime": { @@ -2373,7 +2379,7 @@ "lastUpdatedDateTime": { "target": "com.amazonaws.personalize#Date", "traits": { - "smithy.api#documentation": "

The last update date and time (in Unix time) of the dataset group.

" + "smithy.api#documentation": "

The last update date and time (in Unix time) of the dataset\n group.

" } }, "failureReason": { @@ -2390,7 +2396,7 @@ } }, "traits": { - "smithy.api#documentation": "

A dataset group is a collection of related datasets (Interactions, User, and Item). You\n create a dataset group by calling CreateDatasetGroup. You then create a\n dataset and add it to a dataset group by calling CreateDataset. The dataset\n group is used to create and train a solution by calling CreateSolution. A\n dataset group can contain only one of each type of dataset.

\n

You can specify an Key Management Service (KMS) key to encrypt the datasets in the group.

" + "smithy.api#documentation": "

A dataset group is a collection of related datasets (Interactions,\n User, and Item). You create a dataset group by calling CreateDatasetGroup. You then create a dataset and add it to a\n dataset group by calling CreateDataset. The dataset group is used to create and train a\n solution by calling CreateSolution. A dataset group can contain only one of each\n type of dataset.

\n

You can specify an Key Management Service (KMS) key to encrypt the datasets in\n the group.

" } }, "com.amazonaws.personalize#DatasetGroupSummary": { @@ -2473,7 +2479,7 @@ "datasetArn": { "target": "com.amazonaws.personalize#Arn", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the dataset that receives the imported data.

" + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the dataset that receives the\n imported data.

" } }, "dataSource": { @@ -2485,19 +2491,19 @@ "roleArn": { "target": "com.amazonaws.personalize#Arn", "traits": { - "smithy.api#documentation": "

The ARN of the IAM role that has permissions to read from the Amazon S3 data\n source.

" + "smithy.api#documentation": "

The ARN of the IAM role that has permissions to read from the Amazon S3\n data source.

" } }, "status": { "target": "com.amazonaws.personalize#Status", "traits": { - "smithy.api#documentation": "

The status of the dataset import job.

\n

A dataset import job can be in one of the following states:

\n " + "smithy.api#documentation": "

The status of the dataset import job.

\n

A dataset import job can be in one of the following states:

\n " } }, "creationDateTime": { "target": "com.amazonaws.personalize#Date", "traits": { - "smithy.api#documentation": "

The creation date and time (in Unix time) of the dataset import job.

" + "smithy.api#documentation": "

The creation date and time (in Unix time) of the dataset import\n job.

" } }, "lastUpdatedDateTime": { @@ -2511,10 +2517,16 @@ "traits": { "smithy.api#documentation": "

If a dataset import job fails, provides the reason why.

" } + }, + "importMode": { + "target": "com.amazonaws.personalize#ImportMode", + "traits": { + "smithy.api#documentation": "

The import mode used by the dataset import job to import new\n records.

" + } } }, "traits": { - "smithy.api#documentation": "

Describes a job that imports training data from a data source (Amazon S3 bucket) to an\n Amazon Personalize dataset. For more information, see CreateDatasetImportJob.

\n

A dataset import job can be in one of the following states:

\n " + "smithy.api#documentation": "

Describes a job that imports training data from a data source (Amazon S3\n bucket) to an Amazon Personalize dataset. For more information, see CreateDatasetImportJob.

\n

A dataset import job can be in one of the following states:

\n " } }, "com.amazonaws.personalize#DatasetImportJobSummary": { @@ -2555,6 +2567,12 @@ "traits": { "smithy.api#documentation": "

If a dataset import job fails, the reason behind the failure.

" } + }, + "importMode": { + "target": "com.amazonaws.personalize#ImportMode", + "traits": { + "smithy.api#documentation": "

The import mode the dataset import job used to update the data in the dataset. \n For more information see Updating existing bulk\n data.\n

" + } } }, "traits": { @@ -2931,7 +2949,7 @@ } ], "traits": { - "smithy.api#documentation": "

Deletes a dataset. You can't delete a dataset if an associated\n DatasetImportJob or SolutionVersion is in the CREATE PENDING or IN\n PROGRESS state. For more information on datasets, see CreateDataset.

", + "smithy.api#documentation": "

Deletes a dataset. You can't delete a dataset if an associated\n DatasetImportJob or SolutionVersion is in the\n CREATE PENDING or IN PROGRESS state. For more information on datasets, see\n CreateDataset.

", "smithy.api#idempotent": {} } }, @@ -2955,7 +2973,7 @@ } ], "traits": { - "smithy.api#documentation": "

Deletes a dataset group. Before you delete a dataset group, you must delete the\n following:

\n ", + "smithy.api#documentation": "

Deletes a dataset group. Before you delete a dataset group, you must\n delete the following:

\n ", "smithy.api#idempotent": {} } }, @@ -3355,7 +3373,7 @@ } ], "traits": { - "smithy.api#documentation": "

Describes the given dataset. For more information on datasets, see CreateDataset.

", + "smithy.api#documentation": "

Describes the given dataset. For more information on datasets, see\n CreateDataset.

", "smithy.api#idempotent": {} } }, @@ -3376,7 +3394,7 @@ } ], "traits": { - "smithy.api#documentation": "

Describes the dataset export job created by CreateDatasetExportJob,\n including the export job status.

", + "smithy.api#documentation": "

Describes the dataset export job created by CreateDatasetExportJob, including the export job status.

", "smithy.api#idempotent": {} } }, @@ -3386,7 +3404,7 @@ "datasetExportJobArn": { "target": "com.amazonaws.personalize#Arn", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the dataset export job to describe.

", + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the dataset export job to\n describe.

", "smithy.api#required": {} } } @@ -3420,7 +3438,7 @@ } ], "traits": { - "smithy.api#documentation": "

Describes the given dataset group. For more information on dataset groups, see CreateDatasetGroup.

", + "smithy.api#documentation": "

Describes the given dataset group. For more information on dataset\n groups, see CreateDatasetGroup.

", "smithy.api#idempotent": {} } }, @@ -3430,7 +3448,7 @@ "datasetGroupArn": { "target": "com.amazonaws.personalize#Arn", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the dataset group to describe.

", + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the dataset group to\n describe.

", "smithy.api#required": {} } } @@ -3464,7 +3482,7 @@ } ], "traits": { - "smithy.api#documentation": "

Describes the dataset import job created by CreateDatasetImportJob,\n including the import job status.

", + "smithy.api#documentation": "

Describes the dataset import job created by CreateDatasetImportJob, including the import job status.

", "smithy.api#idempotent": {} } }, @@ -3474,7 +3492,7 @@ "datasetImportJobArn": { "target": "com.amazonaws.personalize#Arn", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the dataset import job to describe.

", + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the dataset import job to\n describe.

", "smithy.api#required": {} } } @@ -4408,6 +4426,21 @@ } } }, + "com.amazonaws.personalize#ImportMode": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "FULL", + "name": "FULL" + }, + { + "value": "INCREMENTAL", + "name": "INCREMENTAL" + } + ] + } + }, "com.amazonaws.personalize#IngestionMode": { "type": "string", "traits": { @@ -4757,7 +4790,7 @@ } ], "traits": { - "smithy.api#documentation": "

Returns a list of dataset export jobs that use the given dataset. When a dataset is not\n specified, all the dataset export jobs associated with the account are listed. The response\n provides the properties for each dataset export job, including the Amazon Resource Name (ARN).\n For more information on dataset export jobs, see CreateDatasetExportJob. For\n more information on datasets, see CreateDataset.

", + "smithy.api#documentation": "

Returns a list of dataset export jobs that use the given dataset. When\n a dataset is not specified, all the dataset export jobs associated with\n the account are listed. The response provides the properties for each\n dataset export job, including the Amazon Resource Name (ARN). For more\n information on dataset export jobs, see CreateDatasetExportJob. For more information on datasets, see\n CreateDataset.

", "smithy.api#idempotent": {}, "smithy.api#paginated": { "inputToken": "nextToken", @@ -4773,13 +4806,13 @@ "datasetArn": { "target": "com.amazonaws.personalize#Arn", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the dataset to list the dataset export jobs for.

" + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the dataset to list the dataset\n export jobs for.

" } }, "nextToken": { "target": "com.amazonaws.personalize#NextToken", "traits": { - "smithy.api#documentation": "

A token returned from the previous call to ListDatasetExportJobs for getting\n the next set of dataset export jobs (if they exist).

" + "smithy.api#documentation": "

A token returned from the previous call to\n ListDatasetExportJobs for getting the next set of dataset\n export jobs (if they exist).

" } }, "maxResults": { @@ -4802,7 +4835,7 @@ "nextToken": { "target": "com.amazonaws.personalize#NextToken", "traits": { - "smithy.api#documentation": "

A token for getting the next set of dataset export jobs (if they exist).

" + "smithy.api#documentation": "

A token for getting the next set of dataset export jobs (if they\n exist).

" } } } @@ -4821,7 +4854,7 @@ } ], "traits": { - "smithy.api#documentation": "

Returns a list of dataset groups. The response provides the properties for each dataset\n group, including the Amazon Resource Name (ARN). For more information on dataset groups, see\n CreateDatasetGroup.

", + "smithy.api#documentation": "

Returns a list of dataset groups. The response provides the properties\n for each dataset group, including the Amazon Resource Name (ARN). For more\n information on dataset groups, see CreateDatasetGroup.

", "smithy.api#idempotent": {}, "smithy.api#paginated": { "inputToken": "nextToken", @@ -4837,7 +4870,7 @@ "nextToken": { "target": "com.amazonaws.personalize#NextToken", "traits": { - "smithy.api#documentation": "

A token returned from the previous call to ListDatasetGroups for getting the\n next set of dataset groups (if they exist).

" + "smithy.api#documentation": "

A token returned from the previous call to\n ListDatasetGroups for getting the next set of dataset\n groups (if they exist).

" } }, "maxResults": { @@ -4860,7 +4893,7 @@ "nextToken": { "target": "com.amazonaws.personalize#NextToken", "traits": { - "smithy.api#documentation": "

A token for getting the next set of dataset groups (if they exist).

" + "smithy.api#documentation": "

A token for getting the next set of dataset groups (if they\n exist).

" } } } @@ -4882,7 +4915,7 @@ } ], "traits": { - "smithy.api#documentation": "

Returns a list of dataset import jobs that use the given dataset. When a dataset is not\n specified, all the dataset import jobs associated with the account are listed. The response\n provides the properties for each dataset import job, including the Amazon Resource Name (ARN).\n For more information on dataset import jobs, see CreateDatasetImportJob. For\n more information on datasets, see CreateDataset.

", + "smithy.api#documentation": "

Returns a list of dataset import jobs that use the given dataset. When\n a dataset is not specified, all the dataset import jobs associated with\n the account are listed. The response provides the properties for each\n dataset import job, including the Amazon Resource Name (ARN). For more\n information on dataset import jobs, see CreateDatasetImportJob. For more information on datasets, see\n CreateDataset.

", "smithy.api#idempotent": {}, "smithy.api#paginated": { "inputToken": "nextToken", @@ -4898,13 +4931,13 @@ "datasetArn": { "target": "com.amazonaws.personalize#Arn", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the dataset to list the dataset import jobs for.

" + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the dataset to list the dataset\n import jobs for.

" } }, "nextToken": { "target": "com.amazonaws.personalize#NextToken", "traits": { - "smithy.api#documentation": "

A token returned from the previous call to ListDatasetImportJobs for getting\n the next set of dataset import jobs (if they exist).

" + "smithy.api#documentation": "

A token returned from the previous call to\n ListDatasetImportJobs for getting the next set of dataset\n import jobs (if they exist).

" } }, "maxResults": { @@ -4927,7 +4960,7 @@ "nextToken": { "target": "com.amazonaws.personalize#NextToken", "traits": { - "smithy.api#documentation": "

A token for getting the next set of dataset import jobs (if they exist).

" + "smithy.api#documentation": "

A token for getting the next set of dataset import jobs (if they\n exist).

" } } } @@ -4949,7 +4982,7 @@ } ], "traits": { - "smithy.api#documentation": "

Returns the list of datasets contained in the given dataset group. The response provides\n the properties for each dataset, including the Amazon Resource Name (ARN). For more\n information on datasets, see CreateDataset.

", + "smithy.api#documentation": "

Returns the list of datasets contained in the given dataset group. The\n response provides the properties for each dataset, including the Amazon\n Resource Name (ARN). For more information on datasets, see CreateDataset.

", "smithy.api#idempotent": {}, "smithy.api#paginated": { "inputToken": "nextToken", @@ -4965,13 +4998,13 @@ "datasetGroupArn": { "target": "com.amazonaws.personalize#Arn", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the dataset group that contains the datasets to\n list.

" + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the dataset group that contains the\n datasets to list.

" } }, "nextToken": { "target": "com.amazonaws.personalize#NextToken", "traits": { - "smithy.api#documentation": "

A token returned from the previous call to ListDatasetImportJobs for getting\n the next set of dataset import jobs (if they exist).

" + "smithy.api#documentation": "

A token returned from the previous call to\n ListDatasetImportJobs for getting the next set of dataset\n import jobs (if they exist).

" } }, "maxResults": { @@ -4988,7 +5021,7 @@ "datasets": { "target": "com.amazonaws.personalize#Datasets", "traits": { - "smithy.api#documentation": "

An array of Dataset objects. Each object provides metadata\n information.

" + "smithy.api#documentation": "

An array of Dataset objects. Each object provides\n metadata information.

" } }, "nextToken": { diff --git a/codegen/sdk/aws-models/shield.json b/codegen/sdk/aws-models/shield.json index 7dab9f0c7df..38d2908adb5 100644 --- a/codegen/sdk/aws-models/shield.json +++ b/codegen/sdk/aws-models/shield.json @@ -43,7 +43,7 @@ "name": "shield" }, "aws.protocols#awsJson1_1": {}, - "smithy.api#documentation": "Shield Advanced\n

This is the Shield Advanced API Reference. This guide is for developers who need detailed information about the Shield Advanced API actions, \n data types, and errors. For detailed information about WAF and Shield Advanced features and an overview of how to use the WAF and Shield Advanced APIs, see the \n WAF and Shield Developer Guide.

", + "smithy.api#documentation": "Shield Advanced\n

This is the Shield Advanced API Reference. This guide is for developers who need detailed information about the Shield Advanced API actions,\n data types, and errors. For detailed information about WAF and Shield Advanced features and an overview of how to use the WAF and Shield Advanced APIs, see the\n WAF and Shield Developer Guide.

", "smithy.api#title": "AWS Shield", "smithy.api#xmlNamespace": { "uri": "http://ddp.amazonaws.com/doc/2016-06-02/" @@ -198,12 +198,13 @@ "Action": { "target": "com.amazonaws.shield#ResponseAction", "traits": { + "smithy.api#documentation": "

Specifies the action setting that Shield Advanced should use in the WAF rules that it creates on behalf of the\n protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature,\n when you enable or update automatic mitigation. Shield Advanced creates the WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.

", "smithy.api#required": {} } } }, "traits": { - "smithy.api#documentation": "

The automatic application layer DDoS mitigation settings for a Protection. \n This configuration determines whether Shield Advanced automatically \n manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.

" + "smithy.api#documentation": "

The automatic application layer DDoS mitigation settings for a Protection.\n This configuration determines whether Shield Advanced automatically\n manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.

" } }, "com.amazonaws.shield#ApplicationLayerAutomaticResponseStatus": { @@ -256,7 +257,7 @@ } ], "traits": { - "smithy.api#documentation": "

Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as Application Load Balancer access logs, CloudFront logs, or logs from third party sources. You can associate up to 10 Amazon S3 buckets with your subscription.

\n

To use the services of the SRT and make an AssociateDRTLogBucket request, you must be subscribed to the Business Support plan or the Enterprise Support plan.

" + "smithy.api#documentation": "

Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as Application Load Balancer access logs, CloudFront logs, or logs from third party sources. You can associate up to 10 Amazon S3 buckets with your subscription.

\n

To use the services of the SRT and make an AssociateDRTLogBucket request, you must be subscribed to the Business Support plan or the Enterprise Support plan.

" } }, "com.amazonaws.shield#AssociateDRTLogBucketRequest": { @@ -304,7 +305,7 @@ } ], "traits": { - "smithy.api#documentation": "

Authorizes the Shield Response Team (SRT) using the specified role, to access your Amazon Web Services account to assist with DDoS attack mitigation during potential attacks. This enables the SRT to inspect your WAF configuration and create or update WAF rules and web ACLs.

\n

You can associate only one RoleArn with your subscription. If you submit an AssociateDRTRole request for an account that already has an associated role, the new RoleArn will replace the existing RoleArn.

\n

Prior to making the AssociateDRTRole request, you must attach the AWSShieldDRTAccessPolicy managed policy to the role that you'll specify in the request. You can access this policy in the IAM console at AWSShieldDRTAccessPolicy. For more information see Adding and removing IAM identity permissions. The role must also trust the service principal \ndrt.shield.amazonaws.com. For more information, see IAM JSON policy elements: Principal.

\n\n

The SRT will have access only to your WAF and Shield resources. By submitting this request, you authorize the SRT to inspect your WAF and Shield configuration and create and update WAF rules and web ACLs on your behalf. The SRT takes these actions only if explicitly authorized by you.

\n

You must have the iam:PassRole permission to make an AssociateDRTRole request. For more information, see Granting a user permissions to pass a role to an Amazon Web Services service.

\n

To use the services of the SRT and make an AssociateDRTRole request, you must be subscribed to the Business Support plan or the Enterprise Support plan.

" + "smithy.api#documentation": "

Authorizes the Shield Response Team (SRT) using the specified role, to access your Amazon Web Services account to assist with DDoS attack mitigation during potential attacks. This enables the SRT to inspect your WAF configuration and create or update WAF rules and web ACLs.

\n

You can associate only one RoleArn with your subscription. If you submit an AssociateDRTRole request for an account that already has an associated role, the new RoleArn will replace the existing RoleArn.

\n

Prior to making the AssociateDRTRole request, you must attach the AWSShieldDRTAccessPolicy managed policy to the role that you'll specify in the request. You can access this policy in the IAM console at AWSShieldDRTAccessPolicy. For more information see Adding and removing IAM identity permissions. The role must also trust the service principal\ndrt.shield.amazonaws.com. For more information, see IAM JSON policy elements: Principal.

\n\n

The SRT will have access only to your WAF and Shield resources. By submitting this request, you authorize the SRT to inspect your WAF and Shield configuration and create and update WAF rules and web ACLs on your behalf. The SRT takes these actions only if explicitly authorized by you.

\n

You must have the iam:PassRole permission to make an AssociateDRTRole request. For more information, see Granting a user permissions to pass a role to an Amazon Web Services service.

\n

To use the services of the SRT and make an AssociateDRTRole request, you must be subscribed to the Business Support plan or the Enterprise Support plan.

" } }, "com.amazonaws.shield#AssociateDRTRoleRequest": { @@ -465,7 +466,7 @@ "AttackProperties": { "target": "com.amazonaws.shield#AttackProperties", "traits": { - "smithy.api#documentation": "

The array of objects that provide details of the Shield event.

\n

For infrastructure \n layer events (L3 and L4 events), you can view metrics for top contributors in Amazon CloudWatch metrics. \n For more information, see Shield metrics and alarms \n in the WAF Developer Guide.

" + "smithy.api#documentation": "

The array of objects that provide details of the Shield event.

\n

For infrastructure\n layer events (L3 and L4 events), you can view metrics for top contributors in Amazon CloudWatch metrics.\n For more information, see Shield metrics and alarms\n in the WAF Developer Guide.

" } }, "Mitigations": { @@ -516,7 +517,7 @@ "AttackLayer": { "target": "com.amazonaws.shield#AttackLayer", "traits": { - "smithy.api#documentation": "

The type of Shield event that was observed. NETWORK indicates layer 3 and layer 4 events and APPLICATION\n indicates layer 7 events.

\n

For infrastructure \n layer events (L3 and L4 events), you can view metrics for top contributors in Amazon CloudWatch metrics. \n For more information, see Shield metrics and alarms \n in the WAF Developer Guide.

" + "smithy.api#documentation": "

The type of Shield event that was observed. NETWORK indicates layer 3 and layer 4 events and APPLICATION\n indicates layer 7 events.

\n

For infrastructure\n layer events (L3 and L4 events), you can view metrics for top contributors in Amazon CloudWatch metrics.\n For more information, see Shield metrics and alarms\n in the WAF Developer Guide.

" } }, "AttackPropertyIdentifier": { @@ -817,7 +818,7 @@ } ], "traits": { - "smithy.api#documentation": "

Enables Shield Advanced for a specific Amazon Web Services resource. The resource can be an Amazon CloudFront distribution, Elastic Load Balancing load balancer, Global Accelerator accelerator, Elastic IP Address, or an Amazon Route 53 hosted zone.

\n

You can add protection to only a single resource with each CreateProtection request. You can add protection to multiple resources \n at once through the Shield Advanced console at https://console.aws.amazon.com/wafv2/shieldv2#/.\n For more information see \n Getting Started with Shield Advanced \n and Adding Shield Advanced protection to Amazon Web Services resources.

" + "smithy.api#documentation": "

Enables Shield Advanced for a specific Amazon Web Services resource. The resource can be an Amazon CloudFront distribution, Amazon Route 53 hosted zone, Global Accelerator standard accelerator, Elastic IP Address, Application Load Balancer, or a Classic Load Balancer. You can protect Amazon EC2 instances and Network Load Balancers by association with protected Amazon EC2 Elastic IP addresses.

\n

You can add protection to only a single resource with each CreateProtection request. You can add protection to multiple resources\n at once through the Shield Advanced console at https://console.aws.amazon.com/wafv2/shieldv2#/.\n For more information see\n Getting Started with Shield Advanced\n and Adding Shield Advanced protection to Amazon Web Services resources.

" } }, "com.amazonaws.shield#CreateProtectionGroup": { @@ -879,7 +880,7 @@ "ResourceType": { "target": "com.amazonaws.shield#ProtectedResourceType", "traits": { - "smithy.api#documentation": "

The resource type to include in the protection group. All protected resources of this type are included in the protection group. Newly protected resources of this type are automatically added to the group. \n You must set this when you set Pattern to BY_RESOURCE_TYPE and you must not set it for any other Pattern setting.

" + "smithy.api#documentation": "

The resource type to include in the protection group. All protected resources of this type are included in the protection group. Newly protected resources of this type are automatically added to the group.\n You must set this when you set Pattern to BY_RESOURCE_TYPE and you must not set it for any other Pattern setting.

" } }, "Members": { @@ -913,7 +914,7 @@ "ResourceArn": { "target": "com.amazonaws.shield#ResourceArn", "traits": { - "smithy.api#documentation": "

The ARN (Amazon Resource Name) of the resource to be protected.

\n

The ARN should be in one of the following formats:

\n ", + "smithy.api#documentation": "

The ARN (Amazon Resource Name) of the resource to be protected.

\n

The ARN should be in one of the following formats:

\n ", "smithy.api#required": {} } }, @@ -953,7 +954,7 @@ } ], "traits": { - "smithy.api#documentation": "

Activates Shield Advanced for an account.

\n \n

When you initally create a subscription, your subscription is set to be automatically renewed at the end of the existing subscription period. You can change this by submitting an UpdateSubscription request.

" + "smithy.api#documentation": "

Activates Shield Advanced for an account.

\n \n

For accounts that are members of an Organizations organization, Shield Advanced subscriptions are billed against the organization's payer account,\n regardless of whether the payer account itself is subscribed.

\n \n

When you initially create a subscription, your subscription is set to be automatically renewed at the end of the existing subscription period. You can change this by submitting an UpdateSubscription request.

" } }, "com.amazonaws.shield#CreateSubscriptionRequest": { @@ -1118,7 +1119,7 @@ "Attack": { "target": "com.amazonaws.shield#AttackDetail", "traits": { - "smithy.api#documentation": "

The attack that is described.

" + "smithy.api#documentation": "

The attack that you requested.

" } } } @@ -1150,6 +1151,7 @@ "TimeRange": { "target": "com.amazonaws.shield#TimeRange", "traits": { + "smithy.api#documentation": "

The time range of the attack.

", "smithy.api#required": {} } }, @@ -1311,13 +1313,13 @@ "ProtectionId": { "target": "com.amazonaws.shield#ProtectionId", "traits": { - "smithy.api#documentation": "

The unique identifier (ID) for the Protection object that is\n described. When submitting the DescribeProtection request you must provide either the ResourceArn or the ProtectionID, but not both.

" + "smithy.api#documentation": "

The unique identifier (ID) for the Protection object to describe. \n You must provide either the ResourceArn of the protected resource or the ProtectionID of the protection, but not both.

" } }, "ResourceArn": { "target": "com.amazonaws.shield#ResourceArn", "traits": { - "smithy.api#documentation": "

The ARN (Amazon Resource Name) of the Amazon Web Services resource for the Protection object that is\n described. When submitting the DescribeProtection request you must provide either the ResourceArn or the ProtectionID, but not both.

" + "smithy.api#documentation": "

The ARN (Amazon Resource Name) of the protected Amazon Web Services resource. \n You must provide either the ResourceArn of the protected resource or the ProtectionID of the protection, but not both.

" } } } @@ -1328,7 +1330,7 @@ "Protection": { "target": "com.amazonaws.shield#Protection", "traits": { - "smithy.api#documentation": "

The Protection object that is described.

" + "smithy.api#documentation": "

The Protection that you requested.

" } } } @@ -1394,7 +1396,7 @@ } ], "traits": { - "smithy.api#documentation": "

Disable the Shield Advanced automatic application layer DDoS mitigation feature for the resource. This \n stops Shield Advanced from creating, verifying, and applying WAF rules for attacks that it detects for the resource.

" + "smithy.api#documentation": "

Disable the Shield Advanced automatic application layer DDoS mitigation feature for the protected resource. This\n stops Shield Advanced from creating, verifying, and applying WAF rules for attacks that it detects for the resource.

" } }, "com.amazonaws.shield#DisableApplicationLayerAutomaticResponseRequest": { @@ -1403,7 +1405,7 @@ "ResourceArn": { "target": "com.amazonaws.shield#ResourceArn", "traits": { - "smithy.api#documentation": "

The ARN (Amazon Resource Name) of the resource.

", + "smithy.api#documentation": "

The ARN (Amazon Resource Name) of the protected resource.

", "smithy.api#required": {} } } @@ -1673,7 +1675,7 @@ } ], "traits": { - "smithy.api#documentation": "

Enable the Shield Advanced automatic application layer DDoS mitigation for the resource.

\n \n

This feature is available for Amazon CloudFront distributions only.

\n \n

This causes Shield Advanced to create, verify, and apply WAF rules for DDoS attacks that it detects for the \n resource. Shield Advanced applies the rules in a Shield rule group inside the web ACL that you've associated \n with the resource. For information about how automatic mitigation works and the requirements for using it, see \n Shield Advanced automatic application layer DDoS mitigation.

\n

Don't use this action to make changes to automatic mitigation settings when it's already enabled for a resource. Instead, use UpdateApplicationLayerAutomaticResponse.

\n

To use this feature, you must associate a web ACL with the protected resource. The web ACL must be created using the latest version of WAF (v2). You can associate the web ACL through the Shield Advanced console \n at https://console.aws.amazon.com/wafv2/shieldv2#/. For more information, \n see Getting Started with Shield Advanced.

\n

You can also do this through the WAF console or the WAF API, but you must manage Shield Advanced automatic mitigation through Shield Advanced. For information about WAF, see \n WAF Developer Guide.

" + "smithy.api#documentation": "

Enable the Shield Advanced automatic application layer DDoS mitigation for the protected resource.

\n \n

This feature is available for Amazon CloudFront distributions and Application Load Balancers only.

\n \n

This causes Shield Advanced to create, verify, and apply WAF rules for DDoS attacks that it detects for the\n resource. Shield Advanced applies the rules in a Shield rule group inside the web ACL that you've associated\n with the resource. For information about how automatic mitigation works and the requirements for using it, see\n Shield Advanced automatic application layer DDoS mitigation.

\n \n

Don't use this action to make changes to automatic mitigation settings when it's already enabled for a resource. Instead, use UpdateApplicationLayerAutomaticResponse.

\n \n

To use this feature, you must associate a web ACL with the protected resource. The web ACL must be created using the latest version of WAF (v2). You can associate the web ACL through the Shield Advanced console\n at https://console.aws.amazon.com/wafv2/shieldv2#/. For more information,\n see Getting Started with Shield Advanced. You can also associate the web ACL to the resource through the WAF console or the WAF API, but you must manage Shield Advanced automatic mitigation through Shield Advanced. For information about WAF, see\n WAF Developer Guide.

" } }, "com.amazonaws.shield#EnableApplicationLayerAutomaticResponseRequest": { @@ -1682,14 +1684,14 @@ "ResourceArn": { "target": "com.amazonaws.shield#ResourceArn", "traits": { - "smithy.api#documentation": "

The ARN (Amazon Resource Name) of the resource.

", + "smithy.api#documentation": "

The ARN (Amazon Resource Name) of the protected resource.

", "smithy.api#required": {} } }, "Action": { "target": "com.amazonaws.shield#ResponseAction", "traits": { - "smithy.api#documentation": "

Specifies the action setting that Shield Advanced should use in the WAF rules that it creates on behalf of the \n protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, \n when you enable or update automatic mitigation. Shield Advanced creates the WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.

", + "smithy.api#documentation": "

Specifies the action setting that Shield Advanced should use in the WAF rules that it creates on behalf of the\n protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature,\n when you enable or update automatic mitigation. Shield Advanced creates the WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.

", "smithy.api#required": {} } } @@ -1788,6 +1790,64 @@ "target": "com.amazonaws.shield#HealthCheckId" } }, + "com.amazonaws.shield#InclusionProtectionFilters": { + "type": "structure", + "members": { + "ResourceArns": { + "target": "com.amazonaws.shield#ResourceArnFilters", + "traits": { + "smithy.api#documentation": "

The ARN (Amazon Resource Name) of the resource whose protection you want to retrieve.

" + } + }, + "ProtectionNames": { + "target": "com.amazonaws.shield#ProtectionNameFilters", + "traits": { + "smithy.api#documentation": "

The name of the protection that you want to retrieve.

" + } + }, + "ResourceTypes": { + "target": "com.amazonaws.shield#ProtectedResourceTypeFilters", + "traits": { + "smithy.api#documentation": "

The type of protected resource whose protections you want to retrieve.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

Narrows the set of protections that the call retrieves. You can retrieve a single protection by providing its name or the ARN (Amazon Resource Name) of its protected resource. You can also retrieve all protections for a specific resource type. You can provide up to one criteria per filter type. Shield Advanced returns protections that exactly match all of the filter criteria that you provide.

" + } + }, + "com.amazonaws.shield#InclusionProtectionGroupFilters": { + "type": "structure", + "members": { + "ProtectionGroupIds": { + "target": "com.amazonaws.shield#ProtectionGroupIdFilters", + "traits": { + "smithy.api#documentation": "

The ID of the protection group that you want to retrieve.

" + } + }, + "Patterns": { + "target": "com.amazonaws.shield#ProtectionGroupPatternFilters", + "traits": { + "smithy.api#documentation": "

The pattern specification of the protection groups that you want to retrieve.

" + } + }, + "ResourceTypes": { + "target": "com.amazonaws.shield#ProtectedResourceTypeFilters", + "traits": { + "smithy.api#documentation": "

The resource type configuration of the protection groups that you want to retrieve. In the protection group configuration, you specify the resource type when you set the group's Pattern to BY_RESOURCE_TYPE.

" + } + }, + "Aggregations": { + "target": "com.amazonaws.shield#ProtectionGroupAggregationFilters", + "traits": { + "smithy.api#documentation": "

The aggregation setting of the protection groups that you want to retrieve.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

Narrows the set of protection groups that the call retrieves. You can retrieve a single protection group by its name and you can retrieve all protection groups that are configured with a specific pattern, aggregation, or resource type. You can provide up to one criteria per filter type. Shield Advanced returns the protection groups that exactly match all of the search criteria that you provide.

" + } + }, "com.amazonaws.shield#Integer": { "type": "integer" }, @@ -1954,7 +2014,7 @@ "ResourceArns": { "target": "com.amazonaws.shield#ResourceArnFilterList", "traits": { - "smithy.api#documentation": "

The ARNs (Amazon Resource Names) of the resources that were attacked. If you leave this \n blank, all applicable resources for this account will be included.

" + "smithy.api#documentation": "

The ARNs (Amazon Resource Names) of the resources that were attacked. If you leave this\n blank, all applicable resources for this account will be included.

" } }, "StartTime": { @@ -1972,13 +2032,13 @@ "NextToken": { "target": "com.amazonaws.shield#Token", "traits": { - "smithy.api#documentation": "

When you request a list of objects from Shield Advanced, if the response does not include all of the remaining available objects, \n Shield Advanced includes a NextToken value in the response. You can retrieve the next batch of objects by requesting the list again and \n providing the token that was returned by the prior call in your request.

\n

You can indicate the maximum number of objects that you want Shield Advanced to return for a single call with the MaxResults\n setting. Shield Advanced will not return more than MaxResults objects, but may return fewer, even if more objects are still available.

\n

Whenever more objects remain that Shield Advanced has not yet returned to you, the response will include a NextToken value.

\n

On your first call to a list operation, leave this setting empty.

" + "smithy.api#documentation": "

When you request a list of objects from Shield Advanced, if the response does not include all of the remaining available objects,\n Shield Advanced includes a NextToken value in the response. You can retrieve the next batch of objects by requesting the list again and\n providing the token that was returned by the prior call in your request.

\n

You can indicate the maximum number of objects that you want Shield Advanced to return for a single call with the MaxResults\n setting. Shield Advanced will not return more than MaxResults objects, but may return fewer, even if more objects are still available.

\n

Whenever more objects remain that Shield Advanced has not yet returned to you, the response will include a NextToken value.

\n

On your first call to a list operation, leave this setting empty.

" } }, "MaxResults": { "target": "com.amazonaws.shield#MaxResults", "traits": { - "smithy.api#documentation": "

The greatest number of objects that you want Shield Advanced to return to the list request. Shield Advanced might return fewer objects\n than you indicate in this setting, even if more objects are available. If there are more objects remaining, Shield Advanced will always also return a NextToken value \n in the response.

\n

The default setting is 20.

" + "smithy.api#documentation": "

The greatest number of objects that you want Shield Advanced to return to the list request. Shield Advanced might return fewer objects\n than you indicate in this setting, even if more objects are available. If there are more objects remaining, Shield Advanced will always also return a NextToken value\n in the response.

\n

The default setting is 20.

" } } } @@ -1995,7 +2055,7 @@ "NextToken": { "target": "com.amazonaws.shield#Token", "traits": { - "smithy.api#documentation": "

When you request a list of objects from Shield Advanced, if the response does not include all of the remaining available objects, \n Shield Advanced includes a NextToken value in the response. You can retrieve the next batch of objects by requesting the list again and \n providing the token that was returned by the prior call in your request.

\n

You can indicate the maximum number of objects that you want Shield Advanced to return for a single call with the MaxResults\n setting. Shield Advanced will not return more than MaxResults objects, but may return fewer, even if more objects are still available.

\n

Whenever more objects remain that Shield Advanced has not yet returned to you, the response will include a NextToken value.

" + "smithy.api#documentation": "

When you request a list of objects from Shield Advanced, if the response does not include all of the remaining available objects,\n Shield Advanced includes a NextToken value in the response. You can retrieve the next batch of objects by requesting the list again and\n providing the token that was returned by the prior call in your request.

\n

You can indicate the maximum number of objects that you want Shield Advanced to return for a single call with the MaxResults\n setting. Shield Advanced will not return more than MaxResults objects, but may return fewer, even if more objects are still available.

\n

Whenever more objects remain that Shield Advanced has not yet returned to you, the response will include a NextToken value.

" } } } @@ -2020,7 +2080,7 @@ } ], "traits": { - "smithy.api#documentation": "

Retrieves the ProtectionGroup objects for the account.

", + "smithy.api#documentation": "

Retrieves ProtectionGroup objects for the account. You can retrieve all protection groups or you can provide \n filtering criteria and retrieve just the subset of protection groups that match the criteria.

", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -2034,13 +2094,19 @@ "NextToken": { "target": "com.amazonaws.shield#Token", "traits": { - "smithy.api#documentation": "

When you request a list of objects from Shield Advanced, if the response does not include all of the remaining available objects, \n Shield Advanced includes a NextToken value in the response. You can retrieve the next batch of objects by requesting the list again and \n providing the token that was returned by the prior call in your request.

\n

You can indicate the maximum number of objects that you want Shield Advanced to return for a single call with the MaxResults\n setting. Shield Advanced will not return more than MaxResults objects, but may return fewer, even if more objects are still available.

\n

Whenever more objects remain that Shield Advanced has not yet returned to you, the response will include a NextToken value.

\n

On your first call to a list operation, leave this setting empty.

" + "smithy.api#documentation": "

When you request a list of objects from Shield Advanced, if the response does not include all of the remaining available objects,\n Shield Advanced includes a NextToken value in the response. You can retrieve the next batch of objects by requesting the list again and\n providing the token that was returned by the prior call in your request.

\n

You can indicate the maximum number of objects that you want Shield Advanced to return for a single call with the MaxResults\n setting. Shield Advanced will not return more than MaxResults objects, but may return fewer, even if more objects are still available.

\n

Whenever more objects remain that Shield Advanced has not yet returned to you, the response will include a NextToken value.

\n

On your first call to a list operation, leave this setting empty.

" } }, "MaxResults": { "target": "com.amazonaws.shield#MaxResults", "traits": { - "smithy.api#documentation": "

The greatest number of objects that you want Shield Advanced to return to the list request. Shield Advanced might return fewer objects\n than you indicate in this setting, even if more objects are available. If there are more objects remaining, Shield Advanced will always also return a NextToken value \n in the response.

\n

The default setting is 20.

" + "smithy.api#documentation": "

The greatest number of objects that you want Shield Advanced to return to the list request. Shield Advanced might return fewer objects\n than you indicate in this setting, even if more objects are available. If there are more objects remaining, Shield Advanced will always also return a NextToken value\n in the response.

\n

The default setting is 20.

" + } + }, + "InclusionFilters": { + "target": "com.amazonaws.shield#InclusionProtectionGroupFilters", + "traits": { + "smithy.api#documentation": "

Narrows the set of protection groups that the call retrieves. You can retrieve a single protection group by its name and you can retrieve all protection groups that are configured with specific pattern or aggregation settings. You can provide up to one criteria per filter type. Shield Advanced returns the protection groups that exactly match all of the search criteria that you provide.

" } } } @@ -2058,7 +2124,7 @@ "NextToken": { "target": "com.amazonaws.shield#Token", "traits": { - "smithy.api#documentation": "

When you request a list of objects from Shield Advanced, if the response does not include all of the remaining available objects, \n Shield Advanced includes a NextToken value in the response. You can retrieve the next batch of objects by requesting the list again and \n providing the token that was returned by the prior call in your request.

\n

You can indicate the maximum number of objects that you want Shield Advanced to return for a single call with the MaxResults\n setting. Shield Advanced will not return more than MaxResults objects, but may return fewer, even if more objects are still available.

\n

Whenever more objects remain that Shield Advanced has not yet returned to you, the response will include a NextToken value.

" + "smithy.api#documentation": "

When you request a list of objects from Shield Advanced, if the response does not include all of the remaining available objects,\n Shield Advanced includes a NextToken value in the response. You can retrieve the next batch of objects by requesting the list again and\n providing the token that was returned by the prior call in your request.

\n

You can indicate the maximum number of objects that you want Shield Advanced to return for a single call with the MaxResults\n setting. Shield Advanced will not return more than MaxResults objects, but may return fewer, even if more objects are still available.

\n

Whenever more objects remain that Shield Advanced has not yet returned to you, the response will include a NextToken value.

" } } } @@ -2083,7 +2149,7 @@ } ], "traits": { - "smithy.api#documentation": "

Lists all Protection objects for the account.

", + "smithy.api#documentation": "

Retrieves Protection objects for the account. You can retrieve all protections or you can provide \n filtering criteria and retrieve just the subset of protections that match the criteria.

", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -2098,13 +2164,19 @@ "NextToken": { "target": "com.amazonaws.shield#Token", "traits": { - "smithy.api#documentation": "

When you request a list of objects from Shield Advanced, if the response does not include all of the remaining available objects, \n Shield Advanced includes a NextToken value in the response. You can retrieve the next batch of objects by requesting the list again and \n providing the token that was returned by the prior call in your request.

\n

You can indicate the maximum number of objects that you want Shield Advanced to return for a single call with the MaxResults\n setting. Shield Advanced will not return more than MaxResults objects, but may return fewer, even if more objects are still available.

\n

Whenever more objects remain that Shield Advanced has not yet returned to you, the response will include a NextToken value.

\n

On your first call to a list operation, leave this setting empty.

" + "smithy.api#documentation": "

When you request a list of objects from Shield Advanced, if the response does not include all of the remaining available objects,\n Shield Advanced includes a NextToken value in the response. You can retrieve the next batch of objects by requesting the list again and\n providing the token that was returned by the prior call in your request.

\n

You can indicate the maximum number of objects that you want Shield Advanced to return for a single call with the MaxResults\n setting. Shield Advanced will not return more than MaxResults objects, but may return fewer, even if more objects are still available.

\n

Whenever more objects remain that Shield Advanced has not yet returned to you, the response will include a NextToken value.

\n

On your first call to a list operation, leave this setting empty.

" } }, "MaxResults": { "target": "com.amazonaws.shield#MaxResults", "traits": { - "smithy.api#documentation": "

The greatest number of objects that you want Shield Advanced to return to the list request. Shield Advanced might return fewer objects\n than you indicate in this setting, even if more objects are available. If there are more objects remaining, Shield Advanced will always also return a NextToken value \n in the response.

\n

The default setting is 20.

" + "smithy.api#documentation": "

The greatest number of objects that you want Shield Advanced to return to the list request. Shield Advanced might return fewer objects\n than you indicate in this setting, even if more objects are available. If there are more objects remaining, Shield Advanced will always also return a NextToken value\n in the response.

\n

The default setting is 20.

" + } + }, + "InclusionFilters": { + "target": "com.amazonaws.shield#InclusionProtectionFilters", + "traits": { + "smithy.api#documentation": "

Narrows the set of protections that the call retrieves. You can retrieve a single protection by providing its name or the ARN (Amazon Resource Name) of its protected resource. You can also retrieve all protections for a specific resource type. You can provide up to one criteria per filter type. Shield Advanced returns protections that exactly match all of the filter criteria that you provide.

" } } } @@ -2121,7 +2193,7 @@ "NextToken": { "target": "com.amazonaws.shield#Token", "traits": { - "smithy.api#documentation": "

When you request a list of objects from Shield Advanced, if the response does not include all of the remaining available objects, \n Shield Advanced includes a NextToken value in the response. You can retrieve the next batch of objects by requesting the list again and \n providing the token that was returned by the prior call in your request.

\n

You can indicate the maximum number of objects that you want Shield Advanced to return for a single call with the MaxResults\n setting. Shield Advanced will not return more than MaxResults objects, but may return fewer, even if more objects are still available.

\n

Whenever more objects remain that Shield Advanced has not yet returned to you, the response will include a NextToken value.

" + "smithy.api#documentation": "

When you request a list of objects from Shield Advanced, if the response does not include all of the remaining available objects,\n Shield Advanced includes a NextToken value in the response. You can retrieve the next batch of objects by requesting the list again and\n providing the token that was returned by the prior call in your request.

\n

You can indicate the maximum number of objects that you want Shield Advanced to return for a single call with the MaxResults\n setting. Shield Advanced will not return more than MaxResults objects, but may return fewer, even if more objects are still available.

\n

Whenever more objects remain that Shield Advanced has not yet returned to you, the response will include a NextToken value.

" } } } @@ -2167,13 +2239,13 @@ "NextToken": { "target": "com.amazonaws.shield#Token", "traits": { - "smithy.api#documentation": "

When you request a list of objects from Shield Advanced, if the response does not include all of the remaining available objects, \n Shield Advanced includes a NextToken value in the response. You can retrieve the next batch of objects by requesting the list again and \n providing the token that was returned by the prior call in your request.

\n

You can indicate the maximum number of objects that you want Shield Advanced to return for a single call with the MaxResults\n setting. Shield Advanced will not return more than MaxResults objects, but may return fewer, even if more objects are still available.

\n

Whenever more objects remain that Shield Advanced has not yet returned to you, the response will include a NextToken value.

\n

On your first call to a list operation, leave this setting empty.

" + "smithy.api#documentation": "

When you request a list of objects from Shield Advanced, if the response does not include all of the remaining available objects,\n Shield Advanced includes a NextToken value in the response. You can retrieve the next batch of objects by requesting the list again and\n providing the token that was returned by the prior call in your request.

\n

You can indicate the maximum number of objects that you want Shield Advanced to return for a single call with the MaxResults\n setting. Shield Advanced will not return more than MaxResults objects, but may return fewer, even if more objects are still available.

\n

Whenever more objects remain that Shield Advanced has not yet returned to you, the response will include a NextToken value.

\n

On your first call to a list operation, leave this setting empty.

" } }, "MaxResults": { "target": "com.amazonaws.shield#MaxResults", "traits": { - "smithy.api#documentation": "

The greatest number of objects that you want Shield Advanced to return to the list request. Shield Advanced might return fewer objects\n than you indicate in this setting, even if more objects are available. If there are more objects remaining, Shield Advanced will always also return a NextToken value \n in the response.

\n

The default setting is 20.

" + "smithy.api#documentation": "

The greatest number of objects that you want Shield Advanced to return to the list request. Shield Advanced might return fewer objects\n than you indicate in this setting, even if more objects are available. If there are more objects remaining, Shield Advanced will always also return a NextToken value\n in the response.

\n

The default setting is 20.

" } } } @@ -2191,7 +2263,7 @@ "NextToken": { "target": "com.amazonaws.shield#Token", "traits": { - "smithy.api#documentation": "

When you request a list of objects from Shield Advanced, if the response does not include all of the remaining available objects, \n Shield Advanced includes a NextToken value in the response. You can retrieve the next batch of objects by requesting the list again and \n providing the token that was returned by the prior call in your request.

\n

You can indicate the maximum number of objects that you want Shield Advanced to return for a single call with the MaxResults\n setting. Shield Advanced will not return more than MaxResults objects, but may return fewer, even if more objects are still available.

\n

Whenever more objects remain that Shield Advanced has not yet returned to you, the response will include a NextToken value.

" + "smithy.api#documentation": "

When you request a list of objects from Shield Advanced, if the response does not include all of the remaining available objects,\n Shield Advanced includes a NextToken value in the response. You can retrieve the next batch of objects by requesting the list again and\n providing the token that was returned by the prior call in your request.

\n

You can indicate the maximum number of objects that you want Shield Advanced to return for a single call with the MaxResults\n setting. Shield Advanced will not return more than MaxResults objects, but may return fewer, even if more objects are still available.

\n

Whenever more objects remain that Shield Advanced has not yet returned to you, the response will include a NextToken value.

" } } } @@ -2317,7 +2389,7 @@ } }, "traits": { - "smithy.api#documentation": "

The ARN of the role that you specifed does not exist.

", + "smithy.api#documentation": "

The ARN of the role that you specified does not exist.

", "smithy.api#error": "client" } }, @@ -2393,6 +2465,18 @@ ] } }, + "com.amazonaws.shield#ProtectedResourceTypeFilters": { + "type": "list", + "member": { + "target": "com.amazonaws.shield#ProtectedResourceType" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1 + } + } + }, "com.amazonaws.shield#Protection": { "type": "structure", "members": { @@ -2429,7 +2513,7 @@ "ApplicationLayerAutomaticResponseConfiguration": { "target": "com.amazonaws.shield#ApplicationLayerAutomaticResponseConfiguration", "traits": { - "smithy.api#documentation": "

The automatic application layer DDoS mitigation settings for the protection. \n This configuration determines whether Shield Advanced automatically \n manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.

" + "smithy.api#documentation": "

The automatic application layer DDoS mitigation settings for the protection.\n This configuration determines whether Shield Advanced automatically\n manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.

" } } }, @@ -2457,20 +2541,20 @@ "Pattern": { "target": "com.amazonaws.shield#ProtectionGroupPattern", "traits": { - "smithy.api#documentation": "

The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource Amazon Resource Names (ARNs), or include all resources of a specified resource type.

", + "smithy.api#documentation": "

The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource ARNs (Amazon Resource Names), or include all resources of a specified resource type.

", "smithy.api#required": {} } }, "ResourceType": { "target": "com.amazonaws.shield#ProtectedResourceType", "traits": { - "smithy.api#documentation": "

The resource type to include in the protection group. All protected resources of this type are included in the protection group. \n You must set this when you set Pattern to BY_RESOURCE_TYPE and you must not set it for any other Pattern setting.

" + "smithy.api#documentation": "

The resource type to include in the protection group. All protected resources of this type are included in the protection group.\n You must set this when you set Pattern to BY_RESOURCE_TYPE and you must not set it for any other Pattern setting.

" } }, "Members": { "target": "com.amazonaws.shield#ProtectionGroupMembers", "traits": { - "smithy.api#documentation": "

The Amazon Resource Names (ARNs) of the resources to include in the protection group. You must set this when you set Pattern to ARBITRARY and you must not set it for any other Pattern setting.

", + "smithy.api#documentation": "

The ARNs (Amazon Resource Names) of the resources to include in the protection group. You must set this when you set Pattern to ARBITRARY and you must not set it for any other Pattern setting.

", "smithy.api#required": {} } }, @@ -2504,6 +2588,18 @@ ] } }, + "com.amazonaws.shield#ProtectionGroupAggregationFilters": { + "type": "list", + "member": { + "target": "com.amazonaws.shield#ProtectionGroupAggregation" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1 + } + } + }, "com.amazonaws.shield#ProtectionGroupArbitraryPatternLimits": { "type": "structure", "members": { @@ -2529,6 +2625,18 @@ "smithy.api#pattern": "^[a-zA-Z0-9\\\\-]*$" } }, + "com.amazonaws.shield#ProtectionGroupIdFilters": { + "type": "list", + "member": { + "target": "com.amazonaws.shield#ProtectionGroupId" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1 + } + } + }, "com.amazonaws.shield#ProtectionGroupLimits": { "type": "structure", "members": { @@ -2582,6 +2690,18 @@ ] } }, + "com.amazonaws.shield#ProtectionGroupPatternFilters": { + "type": "list", + "member": { + "target": "com.amazonaws.shield#ProtectionGroupPattern" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1 + } + } + }, "com.amazonaws.shield#ProtectionGroupPatternTypeLimits": { "type": "structure", "members": { @@ -2638,6 +2758,18 @@ "smithy.api#pattern": "^[ a-zA-Z0-9_\\\\.\\\\-]*$" } }, + "com.amazonaws.shield#ProtectionNameFilters": { + "type": "list", + "member": { + "target": "com.amazonaws.shield#ProtectionName" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1 + } + } + }, "com.amazonaws.shield#Protections": { "type": "list", "member": { @@ -2678,6 +2810,18 @@ "target": "com.amazonaws.shield#ResourceArn" } }, + "com.amazonaws.shield#ResourceArnFilters": { + "type": "list", + "member": { + "target": "com.amazonaws.shield#ResourceArn" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1 + } + } + }, "com.amazonaws.shield#ResourceArnList": { "type": "list", "member": { @@ -2719,7 +2863,7 @@ } }, "traits": { - "smithy.api#documentation": "

Specifies the action setting that Shield Advanced should use in the WAF rules that it creates on behalf of the \n protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, \n when you enable or update automatic mitigation. Shield Advanced creates the WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.

" + "smithy.api#documentation": "

Specifies the action setting that Shield Advanced should use in the WAF rules that it creates on behalf of the\n protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature,\n when you enable or update automatic mitigation. Shield Advanced creates the WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.

" } }, "com.amazonaws.shield#RoleArn": { @@ -3223,7 +3367,7 @@ "Action": { "target": "com.amazonaws.shield#ResponseAction", "traits": { - "smithy.api#documentation": "

Specifies the action setting that Shield Advanced should use in the WAF rules that it creates on behalf of the \n protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, \n when you enable or update automatic mitigation. Shield Advanced creates the WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.

", + "smithy.api#documentation": "

Specifies the action setting that Shield Advanced should use in the WAF rules that it creates on behalf of the\n protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature,\n when you enable or update automatic mitigation. Shield Advanced creates the WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.

", "smithy.api#required": {} } } @@ -3327,7 +3471,7 @@ "ResourceType": { "target": "com.amazonaws.shield#ProtectedResourceType", "traits": { - "smithy.api#documentation": "

The resource type to include in the protection group. All protected resources of this type are included in the protection group. \n You must set this when you set Pattern to BY_RESOURCE_TYPE and you must not set it for any other Pattern setting.

" + "smithy.api#documentation": "

The resource type to include in the protection group. All protected resources of this type are included in the protection group.\n You must set this when you set Pattern to BY_RESOURCE_TYPE and you must not set it for any other Pattern setting.

" } }, "Members": { @@ -3368,7 +3512,7 @@ } ], "traits": { - "smithy.api#documentation": "

Updates the details of an existing subscription. Only enter values for parameters you want to change. Empty parameters are not updated.

" + "smithy.api#documentation": "

Updates the details of an existing subscription. Only enter values for parameters you want to change. Empty parameters are not updated.

\n \n

For accounts that are members of an Organizations organization, Shield Advanced subscriptions are billed against the organization's payer account,\n regardless of whether the payer account itself is subscribed.

\n " } }, "com.amazonaws.shield#UpdateSubscriptionRequest": { diff --git a/codegen/sdk/aws-models/wafv2.json b/codegen/sdk/aws-models/wafv2.json index 714c7dc728c..a2bbff3d48d 100644 --- a/codegen/sdk/aws-models/wafv2.json +++ b/codegen/sdk/aws-models/wafv2.json @@ -43,7 +43,7 @@ "name": "wafv2" }, "aws.protocols#awsJson1_1": {}, - "smithy.api#documentation": "WAF\n \n

This is the latest version of the WAF API,\n released in November, 2019. The names of the entities that you use to access this API,\n like endpoints and namespaces, all have the versioning information added, like \"V2\" or\n \"v2\", to distinguish from the prior version. We recommend migrating your resources to\n this version, because it has a number of significant improvements.

\n

If you used WAF prior to this release, you can't use this WAFV2 API to access any\n WAF resources that you created before. You can access your old rules, web ACLs, and\n other WAF resources only through the WAF Classic APIs. The WAF Classic APIs\n have retained the prior names, endpoints, and namespaces.

\n

For information, including how to migrate your WAF resources to this version,\n see the WAF Developer Guide.

\n \n

WAF is a web application firewall that lets you monitor the HTTP and HTTPS\n requests that are forwarded to Amazon CloudFront, an Amazon API Gateway REST API, an Application Load Balancer, or an AppSync\n GraphQL API. WAF also lets you control access to your content. Based on criteria that\n you specify, such as the IP addresses that requests originate from or the values of query\n strings, the Amazon API Gateway REST API, CloudFront distribution, the Application Load Balancer, or the AppSync GraphQL\n API responds to requests either with the requested content or with an HTTP 403 status code\n (Forbidden). You also can configure CloudFront to return a custom error page when a request is\n blocked.

\n

This API guide is for developers who need detailed information about WAF API actions,\n data types, and errors. For detailed information about WAF features and an overview of\n how to use WAF, see the WAF Developer\n Guide.

\n

You can make calls using the endpoints listed in WAF endpoints and quotas.

\n \n

Alternatively, you can use one of the Amazon Web Services SDKs to access an API that's tailored to the\n programming language or platform that you're using. For more information, see Amazon Web Services SDKs.

\n

We currently provide two versions of the WAF API: this API and the prior versions,\n the classic WAF APIs. This new API provides the same functionality as the older versions,\n with the following major improvements:

\n ", + "smithy.api#documentation": "WAF\n \n

This is the latest version of the WAF API,\n released in November, 2019. The names of the entities that you use to access this API,\n like endpoints and namespaces, all have the versioning information added, like \"V2\" or\n \"v2\", to distinguish from the prior version. We recommend migrating your resources to\n this version, because it has a number of significant improvements.

\n

If you used WAF prior to this release, you can't use this WAFV2 API to access any\n WAF resources that you created before. You can access your old rules, web ACLs, and\n other WAF resources only through the WAF Classic APIs. The WAF Classic APIs\n have retained the prior names, endpoints, and namespaces.

\n

For information, including how to migrate your WAF resources to this version,\n see the WAF Developer Guide.

\n \n

WAF is a web application firewall that lets you monitor the HTTP and HTTPS\n requests that are forwarded to Amazon CloudFront, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync\n GraphQL API, or an Amazon Cognito user pool. WAF also lets you control access to your content. Based on conditions that\n you specify, such as the IP addresses that requests originate from or the values of query\n strings, the Amazon API Gateway REST API, CloudFront distribution, the Application Load Balancer, the AppSync GraphQL\n API, or the Amazon Cognito user pool responds to requests either with the requested content or with an HTTP 403 status code\n (Forbidden). You also can configure CloudFront to return a custom error page when a request is\n blocked.

\n

This API guide is for developers who need detailed information about WAF API actions,\n data types, and errors. For detailed information about WAF features and an overview of\n how to use WAF, see the WAF Developer\n Guide.

\n

You can make calls using the endpoints listed in WAF endpoints and quotas.

\n \n

Alternatively, you can use one of the Amazon Web Services SDKs to access an API that's tailored to the\n programming language or platform that you're using. For more information, see Amazon Web Services SDKs.

\n

We currently provide two versions of the WAF API: this API and the prior versions,\n the classic WAF APIs. This new API provides the same functionality as the older versions,\n with the following major improvements:

\n ", "smithy.api#title": "AWS WAFV2", "smithy.api#xmlNamespace": { "uri": "http://waf.amazonaws.com/doc/2019-07-29/" @@ -311,7 +311,7 @@ } ], "traits": { - "smithy.api#documentation": "

Associates a web ACL with a regional application resource, to protect the resource.\n A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

For Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To\n associate a web ACL, in the CloudFront call UpdateDistribution, set the web ACL ID\n to the Amazon Resource Name (ARN) of the web ACL. For information, see UpdateDistribution.

\n \n

When you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.

" + "smithy.api#documentation": "

Associates a web ACL with a regional application resource, to protect the resource.\n A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

For Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To\n associate a web ACL, in the CloudFront call UpdateDistribution, set the web ACL ID\n to the Amazon Resource Name (ARN) of the web ACL. For information, see UpdateDistribution.

\n \n

When you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.

" } }, "com.amazonaws.wafv2#AssociateWebACLRequest": { @@ -327,7 +327,7 @@ "ResourceArn": { "target": "com.amazonaws.wafv2#ResourceArn", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the resource to associate with the web ACL.

\n \n

The ARN must be in one of the following formats:

\n ", + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the resource to associate with the web ACL.

\n \n

The ARN must be in one of the following formats:

\n ", "smithy.api#required": {} } } @@ -500,6 +500,9 @@ { "target": "com.amazonaws.wafv2#WAFInternalErrorException" }, + { + "target": "com.amazonaws.wafv2#WAFInvalidOperationException" + }, { "target": "com.amazonaws.wafv2#WAFInvalidParameterException" }, @@ -529,7 +532,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -1776,7 +1779,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -1870,7 +1873,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -1966,7 +1969,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -2071,7 +2074,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates a WebACL per the specifications provided.

\n

A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, or an AppSync GraphQL API.

" + "smithy.api#documentation": "

Creates a WebACL per the specifications provided.

\n

A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API, or an Amazon Cognito user pool.

" } }, "com.amazonaws.wafv2#CreateWebACLRequest": { @@ -2087,7 +2090,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -2409,7 +2412,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -2568,7 +2571,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -2643,7 +2646,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -2718,7 +2721,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -2794,7 +2797,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -2876,7 +2879,7 @@ } ], "traits": { - "smithy.api#documentation": "

Disassociates the specified regional application resource from any existing web ACL\n association. A resource can have at most one web ACL association. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

For Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To\n disassociate a web ACL, provide an empty web ACL ID in the CloudFront call\n UpdateDistribution. For information, see UpdateDistribution.

" + "smithy.api#documentation": "

Disassociates the specified regional application resource from any existing web ACL\n association. A resource can have at most one web ACL association. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

For Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To\n disassociate a web ACL, provide an empty web ACL ID in the CloudFront call\n UpdateDistribution. For information, see UpdateDistribution.

" } }, "com.amazonaws.wafv2#DisassociateWebACLRequest": { @@ -2885,7 +2888,7 @@ "ResourceArn": { "target": "com.amazonaws.wafv2#ResourceArn", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the resource to disassociate from the web ACL.

\n \n

The ARN must be in one of the following formats:

\n ", + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the resource to disassociate from the web ACL.

\n \n

The ARN must be in one of the following formats:

\n ", "smithy.api#required": {} } } @@ -3384,7 +3387,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -3502,7 +3505,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -3666,7 +3669,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -3755,7 +3758,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -3823,7 +3826,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n " + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n " } }, "Id": { @@ -3900,7 +3903,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -4004,7 +4007,7 @@ "ResourceArn": { "target": "com.amazonaws.wafv2#ResourceArn", "traits": { - "smithy.api#documentation": "

The ARN (Amazon Resource Name) of the resource.

", + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the resource whose web ACL you want to retrieve.

\n \n

The ARN must be in one of the following formats:

\n ", "smithy.api#required": {} } } @@ -4034,7 +4037,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -4664,7 +4667,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -4734,7 +4737,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -4798,7 +4801,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -4862,7 +4865,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -4926,7 +4929,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -5063,7 +5066,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -5137,7 +5140,7 @@ "ResourceType": { "target": "com.amazonaws.wafv2#ResourceType", "traits": { - "smithy.api#documentation": "

Used for web ACLs that are scoped for regional applications.\n A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

" + "smithy.api#documentation": "

Used for web ACLs that are scoped for regional applications.\n A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

" } } } @@ -5182,7 +5185,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -5319,7 +5322,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -5483,7 +5486,7 @@ } }, "traits": { - "smithy.api#documentation": "

Additional information that's used by a managed rule group. Most managed rule groups don't require this.

\n

Use this for the account takeover prevention managed rule group \n AWSManagedRulesATPRuleSet, to provide information about the sign-in page of your application.

\n

You can provide multiple individual ManagedRuleGroupConfig objects for any rule group configuration, for example UsernameField and PasswordField. The configuration that you provide depends on the needs of the managed rule group. For the ATP managed rule group, you provide the following individual configuration objects: LoginPath, PasswordField, PayloadType and UsernameField.

" + "smithy.api#documentation": "

Additional information that's used by a managed rule group. Most managed rule groups don't require this.

\n

Use this for the account takeover prevention managed rule group \n AWSManagedRulesATPRuleSet, to provide information about the sign-in page of your application.

\n

You can provide multiple individual ManagedRuleGroupConfig objects for any rule group configuration, for example UsernameField and PasswordField. The configuration that you provide depends on the needs of the managed rule group. For the ATP managed rule group, you provide the following individual configuration objects: LoginPath, PasswordField, PayloadType and UsernameField.

\n

For example specifications, see the examples section of CreateWebACL.

" } }, "com.amazonaws.wafv2#ManagedRuleGroupConfigs": { @@ -6385,7 +6388,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -6804,6 +6807,10 @@ { "value": "APPSYNC", "name": "APPSYNC" + }, + { + "value": "COGNITO_USER_POOL", + "name": "COGNITIO_USER_POOL" } ] } @@ -7454,7 +7461,7 @@ } }, "traits": { - "smithy.api#documentation": "

The processing guidance for a Rule, used by WAF to determine whether\n a web request matches the rule.

" + "smithy.api#documentation": "

The processing guidance for a Rule, used by WAF to determine whether\n a web request matches the rule.

\n

For example specifications, see the examples section of CreateWebACL.

" } }, "com.amazonaws.wafv2#Statements": { @@ -7887,7 +7894,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -7973,7 +7980,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -8078,7 +8085,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -8179,7 +8186,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -8282,7 +8289,7 @@ } ], "traits": { - "smithy.api#documentation": "

Updates the specified WebACL. While updating a web ACL, WAF provides\n continuous coverage to the resources that you have associated with the web ACL.

\n \n

When you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.

\n \n

This operation completely replaces the mutable specifications that you already have for the web ACL with the ones that you provide to this call. To modify the web ACL, retrieve it by calling GetWebACL, update the settings as needed, and then provide the complete web ACL specification to this call.

\n \n

A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, or an AppSync GraphQL API.

" + "smithy.api#documentation": "

Updates the specified WebACL. While updating a web ACL, WAF provides\n continuous coverage to the resources that you have associated with the web ACL.

\n \n

When you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.

\n \n

This operation completely replaces the mutable specifications that you already have for the web ACL with the ones that you provide to this call. To modify the web ACL, retrieve it by calling GetWebACL, update the settings as needed, and then provide the complete web ACL specification to this call.

\n \n

A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API, or an Amazon Cognito user pool.

" } }, "com.amazonaws.wafv2#UpdateWebACLRequest": { @@ -8298,7 +8305,7 @@ "Scope": { "target": "com.amazonaws.wafv2#Scope", "traits": { - "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", + "smithy.api#documentation": "

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.

\n

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

\n ", "smithy.api#required": {} } }, @@ -8475,7 +8482,7 @@ } }, "traits": { - "smithy.api#documentation": "

WAF couldn’t perform the operation because your resource is being used by another\n resource or it’s associated with another resource.

\n

For DeleteWebACL, you will only get this exception if the web ACL is still\n associated with a regional resource. Deleting a web ACL that is still associated with an\n Amazon CloudFront distribution won't get this exception.

", + "smithy.api#documentation": "

WAF couldn’t perform the operation because your resource is being used by another\n resource or it’s associated with another resource.

", "smithy.api#error": "client" } }, @@ -8795,7 +8802,7 @@ } }, "traits": { - "smithy.api#documentation": "

A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, or an AppSync GraphQL API.

" + "smithy.api#documentation": "

A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API, or an Amazon Cognito user pool.

" } }, "com.amazonaws.wafv2#WebACLSummaries": { diff --git a/codegen/sdk/aws-models/workspaces.json b/codegen/sdk/aws-models/workspaces.json index bda916ff64c..ba507e06cc2 100644 --- a/codegen/sdk/aws-models/workspaces.json +++ b/codegen/sdk/aws-models/workspaces.json @@ -1686,6 +1686,27 @@ "smithy.api#documentation": "

Describes the default values that are used to create WorkSpaces. For more information,\n see Update Directory\n Details for Your WorkSpaces.

" } }, + "com.amazonaws.workspaces#DeletableSamlPropertiesList": { + "type": "list", + "member": { + "target": "com.amazonaws.workspaces#DeletableSamlProperty" + } + }, + "com.amazonaws.workspaces#DeletableSamlProperty": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "SAML_PROPERTIES_USER_ACCESS_URL", + "name": "SAML_PROPERTIES_USER_ACCESS_URL" + }, + { + "value": "SAML_PROPERTIES_RELAY_STATE_PARAMETER_NAME", + "name": "SAML_PROPERTIES_RELAY_STATE_PARAMETER_NAME" + } + ] + } + }, "com.amazonaws.workspaces#DeleteClientBranding": { "type": "operation", "input": { @@ -3999,6 +4020,60 @@ "type": "structure", "members": {} }, + "com.amazonaws.workspaces#ModifySamlProperties": { + "type": "operation", + "input": { + "target": "com.amazonaws.workspaces#ModifySamlPropertiesRequest" + }, + "output": { + "target": "com.amazonaws.workspaces#ModifySamlPropertiesResult" + }, + "errors": [ + { + "target": "com.amazonaws.workspaces#AccessDeniedException" + }, + { + "target": "com.amazonaws.workspaces#InvalidParameterValuesException" + }, + { + "target": "com.amazonaws.workspaces#OperationNotSupportedException" + }, + { + "target": "com.amazonaws.workspaces#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "

Modifies multiple properties related to SAML 2.0 authentication, including the enablement status, \n user access URL, and relay state parameter name that are used for configuring federation with an \n SAML 2.0 identity provider.

" + } + }, + "com.amazonaws.workspaces#ModifySamlPropertiesRequest": { + "type": "structure", + "members": { + "ResourceId": { + "target": "com.amazonaws.workspaces#DirectoryId", + "traits": { + "smithy.api#documentation": "

The directory identifier for which you want to configure SAML properties.

", + "smithy.api#required": {} + } + }, + "SamlProperties": { + "target": "com.amazonaws.workspaces#SamlProperties", + "traits": { + "smithy.api#documentation": "

The properties for configuring SAML 2.0 authentication.

" + } + }, + "PropertiesToDelete": { + "target": "com.amazonaws.workspaces#DeletableSamlPropertiesList", + "traits": { + "smithy.api#documentation": "

The SAML properties to delete as part of your request.

\n

Specify one of the following options:

\n " + } + } + } + }, + "com.amazonaws.workspaces#ModifySamlPropertiesResult": { + "type": "structure", + "members": {} + }, "com.amazonaws.workspaces#ModifySelfservicePermissions": { "type": "operation", "input": { @@ -4797,6 +4872,61 @@ "smithy.api#box": {} } }, + "com.amazonaws.workspaces#SamlProperties": { + "type": "structure", + "members": { + "Status": { + "target": "com.amazonaws.workspaces#SamlStatusEnum", + "traits": { + "smithy.api#documentation": "

Indicates the status of SAML 2.0 authentication. These statuses include the following.

\n " + } + }, + "UserAccessUrl": { + "target": "com.amazonaws.workspaces#SamlUserAccessUrl", + "traits": { + "smithy.api#documentation": "

The SAML 2.0 identity provider (IdP) user access URL is the URL a user would navigate to in their web browser in \n order to federate from the IdP and directly access the application, without any SAML 2.0 service provider (SP) \n bindings.

" + } + }, + "RelayStateParameterName": { + "target": "com.amazonaws.workspaces#NonEmptyString", + "traits": { + "smithy.api#documentation": "

The relay state parameter name supported by the SAML 2.0 identity provider (IdP). When the end user is redirected to \n the user access URL from the WorkSpaces client application, this relay state parameter name is appended as a query \n parameter to the URL along with the relay state endpoint to return the user to the client application session.

\n \n

To use SAML 2.0 authentication with WorkSpaces, the IdP must support IdP-initiated deep linking for the relay state \n URL. Consult your IdP documentation for more information.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

Describes the enablement status, user access URL, and relay state parameter name that \n are used for configuring federation with an SAML 2.0 identity provider.

" + } + }, + "com.amazonaws.workspaces#SamlStatusEnum": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "DISABLED", + "name": "DISABLED" + }, + { + "value": "ENABLED", + "name": "ENABLED" + }, + { + "value": "ENABLED_WITH_DIRECTORY_LOGIN_FALLBACK", + "name": "ENABLED_WITH_DIRECTORY_LOGIN_FALLBACK" + } + ] + } + }, + "com.amazonaws.workspaces#SamlUserAccessUrl": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 8, + "max": 200 + }, + "smithy.api#pattern": "^(http|https)\\://\\S+$" + } + }, "com.amazonaws.workspaces#SecurityGroupId": { "type": "string", "traits": { @@ -5937,6 +6067,12 @@ "traits": { "smithy.api#documentation": "

The default self-service permissions for WorkSpaces in the directory.

" } + }, + "SamlProperties": { + "target": "com.amazonaws.workspaces#SamlProperties", + "traits": { + "smithy.api#documentation": "

Describes the enablement status, user access URL, and relay state parameter name that are used for configuring \n federation with an SAML 2.0 identity provider.

" + } } }, "traits": { @@ -6582,6 +6718,9 @@ { "target": "com.amazonaws.workspaces#ModifyClientProperties" }, + { + "target": "com.amazonaws.workspaces#ModifySamlProperties" + }, { "target": "com.amazonaws.workspaces#ModifySelfservicePermissions" },