The key that uniquely identifies the report file in\n\t\t\tyour S3 bucket.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.acmpca#CreateCertificateAuthorityRequest": { @@ -1921,7 +1927,7 @@ "KeyStorageSecurityStandard": { "target": "com.amazonaws.acmpca#KeyStorageSecurityStandard", "traits": { - "smithy.api#documentation": "Specifies a cryptographic key management compliance standard used for handling CA\n\t\t\tkeys.
\nDefault: FIPS_140_2_LEVEL_3_OR_HIGHER
\n\n Note:\n FIPS_140_2_LEVEL_3_OR_HIGHER is not supported in the following\n\t\t\tRegions:
ap-northeast-3
\nap-southeast-3
\nWhen creating a CA in these Regions, you must provide\n\t\t\t\tFIPS_140_2_LEVEL_2_OR_HIGHER as the argument for\n\t\t\t\tKeyStorageSecurityStandard. Failure to do this results in an\n\t\t\t\tInvalidArgsException with the message, \"A certificate authority cannot\n\t\t\tbe created in this region with the specified security standard.\"
Specifies a cryptographic key management compliance standard used for handling CA\n\t\t\tkeys.
\nDefault: FIPS_140_2_LEVEL_3_OR_HIGHER
\nSome Amazon Web Services Regions do not support the default. When creating a CA in these Regions, you\n\t\t\t\tmust provide FIPS_140_2_LEVEL_2_OR_HIGHER as the argument for\n\t\t\t\t\tKeyStorageSecurityStandard. Failure to do this results in an\n\t\t\t\t\tInvalidArgsException with the message, \"A certificate authority\n\t\t\t\tcannot be created in this region with the specified security standard.\"
For information about security standard support in various Regions, see Storage\n\t\t\t\t\tand security compliance of Amazon Web Services Private CA private keys.
\nSpecifies whether the CA issues general-purpose certificates that typically require a\n\t\t\trevocation mechanism, or short-lived certificates that may optionally omit revocation\n\t\t\tbecause they expire quickly. Short-lived certificate validity is limited to seven\n\t\t\tdays.
\nThe default value is GENERAL_PURPOSE.
" } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#CreateCertificateAuthorityResponse": { @@ -1947,6 +1956,9 @@ "smithy.api#documentation": "If successful, the Amazon Resource Name (ARN) of the certificate authority (CA). This\n\t\t\tis of the form:
\n\n arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012\n .\n\t\t
The number of days to make a CA restorable after it has been deleted. This can be\n\t\t\tanywhere from 7 to 30 days, with 30 being the default.
" } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#DeletePermission": { @@ -2263,6 +2281,9 @@ "smithy.api#documentation": "The Amazon Web Services account that calls this action.
" } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#DeletePolicy": { @@ -2307,6 +2328,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#DescribeCertificateAuthority": { @@ -2397,6 +2421,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#DescribeCertificateAuthorityAuditReportResponse": { @@ -2426,6 +2453,9 @@ "smithy.api#documentation": "The date and time at which the report was created.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.acmpca#DescribeCertificateAuthorityRequest": { @@ -2438,6 +2468,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#DescribeCertificateAuthorityResponse": { @@ -2449,6 +2482,9 @@ "smithy.api#documentation": "A CertificateAuthority structure that contains information about your private\n\t\t\tCA.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.acmpca#EdiPartyName": { @@ -2768,6 +2804,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#GetCertificateAuthorityCertificateResponse": { @@ -2785,6 +2824,9 @@ "smithy.api#documentation": "Base64-encoded certificate chain that includes any intermediate certificates and\n\t\t\tchains up to root certificate that you used to sign your private CA certificate. The\n\t\t\tchain does not include your private CA certificate. If this is a root CA, the value will\n\t\t\tbe null.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.acmpca#GetCertificateAuthorityCsr": { @@ -2846,6 +2888,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#GetCertificateAuthorityCsrResponse": { @@ -2857,6 +2902,9 @@ "smithy.api#documentation": "The base64 PEM-encoded certificate signing request (CSR) for your private CA\n\t\t\tcertificate.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.acmpca#GetCertificateRequest": { @@ -2876,6 +2924,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#GetCertificateResponse": { @@ -2893,6 +2944,9 @@ "smithy.api#documentation": "The base64 PEM-encoded certificate chain that chains up to the root CA certificate\n\t\t\tthat you used to sign your private CA certificate.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.acmpca#GetPolicy": { @@ -2931,6 +2985,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#GetPolicyResponse": { @@ -2942,6 +2999,9 @@ "smithy.api#documentation": "The policy attached to the private CA as a JSON document.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.acmpca#IdempotencyToken": { @@ -3018,6 +3078,9 @@ "smithy.api#documentation": "A PEM-encoded file that contains all of your certificates, other than the certificate\n\t\t\tyou're importing, chaining up to your root CA. Your Amazon Web Services Private CA-hosted or on-premises\n\t\t\troot certificate is the last in the chain, and each certificate in the chain signs the\n\t\t\tone preceding.
\nThis parameter must be supplied when you import a subordinate CA. When you import a\n\t\t\troot CA, there is no chain.
" } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#Integer1To5000": { @@ -3172,7 +3235,7 @@ "SigningAlgorithm": { "target": "com.amazonaws.acmpca#SigningAlgorithm", "traits": { - "smithy.api#documentation": "The name of the algorithm that will be used to sign the certificate to be issued.
\nThis parameter should not be confused with the SigningAlgorithm parameter\n\t\t\tused to sign a CSR in the CreateCertificateAuthority action.
The specified signing algorithm family (RSA or ECDSA) much match the algorithm\n\t\t\t\tfamily of the CA's secret key.
\nThe name of the algorithm that will be used to sign the certificate to be issued.
\nThis parameter should not be confused with the SigningAlgorithm parameter\n\t\t\tused to sign a CSR in the CreateCertificateAuthority action.
The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of\n\t\t\t\tthe CA's secret key.
\nInformation describing the start of the validity period of the certificate. This\n\t\t\tparameter sets the “Not Before\" date for the certificate.
\nBy default, when issuing a certificate, Amazon Web Services Private CA sets the \"Not Before\" date to the\n\t\t\tissuance time minus 60 minutes. This compensates for clock inconsistencies across\n\t\t\tcomputer systems. The ValidityNotBefore parameter can be used to customize\n\t\t\tthe “Not Before” value.
Unlike the Validity parameter, the ValidityNotBefore\n\t\t\tparameter is optional.
The ValidityNotBefore value is expressed as an explicit date and time,\n\t\t\tusing the Validity type value ABSOLUTE. For more information,\n\t\t\tsee Validity in this API reference and Validity\n\t\t\tin RFC 5280.
Information describing the start of the validity period of the certificate. This\n\t\t\tparameter sets the “Not Before\" date for the certificate.
\nBy default, when issuing a certificate, Amazon Web Services Private CA sets the \"Not Before\" date to the\n\t\t\tissuance time minus 60 minutes. This compensates for clock inconsistencies across\n\t\t\tcomputer systems. The ValidityNotBefore parameter can be used to customize\n\t\t\tthe “Not Before” value.
Unlike the Validity parameter, the ValidityNotBefore\n\t\t\tparameter is optional.
The ValidityNotBefore value is expressed as an explicit date and time,\n\t\t\tusing the Validity type value ABSOLUTE. For more information,\n\t\t\tsee Validity in\n\t\t\tthis API reference and Validity\n\t\t\tin RFC 5280.
Alphanumeric string that can be used to distinguish between calls to the IssueCertificate action. Idempotency tokens for IssueCertificate time out after one minute. Therefore, if you\n\t\t\tcall IssueCertificate multiple times with the same\n\t\t\tidempotency token within one minute, Amazon Web Services Private CA recognizes that you are requesting only\n\t\t\tone certificate and will issue only one. If you change the idempotency token for each\n\t\t\tcall, Amazon Web Services Private CA recognizes that you are requesting multiple certificates.
" } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#IssueCertificateResponse": { @@ -3212,6 +3278,9 @@ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the issued certificate and the certificate serial\n\t\t\tnumber. This is of the form:
\n\n arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012/certificate/286535153982981100925020015808220737245\n \n
Use this parameter to filter the returned set of certificate authorities based on\n\t\t\ttheir owner. The default is SELF.
" } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#ListCertificateAuthoritiesResponse": { @@ -3404,6 +3476,9 @@ "smithy.api#documentation": "When the list is truncated, this value is present and should be used for the\n\t\t\t\tNextToken parameter in a subsequent pagination request.
When paginating results, use this parameter to specify the maximum number of items to\n\t\t\treturn in the response. If additional items exist beyond the number you specify, the\n\t\t\t\tNextToken element is sent in the response. Use this\n\t\t\t\tNextToken value in a subsequent request to retrieve\n\t\t\tadditional items.
" } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#ListPermissionsResponse": { @@ -3480,6 +3558,9 @@ "smithy.api#documentation": "When the list is truncated, this value is present and should be used for the NextToken parameter in a subsequent pagination request.\n\t\t
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.acmpca#ListTags": { @@ -3533,6 +3614,9 @@ "smithy.api#documentation": "Use this parameter when paginating results to specify the maximum number of items to\n\t\t\treturn in the response. If additional items exist beyond the number you specify, the\n\t\t\t\tNextToken element is sent in the response. Use this\n\t\t\t\tNextToken value in a subsequent request to retrieve\n\t\t\tadditional items.
" } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#ListTagsResponse": { @@ -3550,6 +3634,9 @@ "smithy.api#documentation": "When the list is truncated, this value is present and should be used for the NextToken parameter in a subsequent pagination request.\n\t\t
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.acmpca#LockoutPreventedException": { @@ -3862,6 +3949,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#Qualifier": { @@ -3977,6 +4067,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#RevocationConfiguration": { @@ -4117,6 +4210,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#S3BucketName": { @@ -4368,6 +4464,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#TagKey": { @@ -4457,6 +4556,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#UpdateCertificateAuthority": { @@ -4513,6 +4615,9 @@ "smithy.api#documentation": "Status of your private CA.
" } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.acmpca#Validity": { diff --git a/codegen/sdk/aws-models/amplifyuibuilder.json b/codegen/sdk/aws-models/amplifyuibuilder.json index cd6968b1759..73dd9a65013 100644 --- a/codegen/sdk/aws-models/amplifyuibuilder.json +++ b/codegen/sdk/aws-models/amplifyuibuilder.json @@ -81,6 +81,9 @@ } ], "resources": [ + { + "target": "com.amazonaws.amplifyuibuilder#CodegenJobResource" + }, { "target": "com.amazonaws.amplifyuibuilder#ComponentResource" }, @@ -489,8 +492,8 @@ }, "params": { "Region": "ap-northeast-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -502,8 +505,8 @@ }, "params": { "Region": "ap-northeast-2", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -515,8 +518,8 @@ }, "params": { "Region": "ap-south-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -528,8 +531,8 @@ }, "params": { "Region": "ap-southeast-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -541,8 +544,8 @@ }, "params": { "Region": "ap-southeast-2", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -554,8 +557,8 @@ }, "params": { "Region": "ca-central-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -567,8 +570,8 @@ }, "params": { "Region": "eu-central-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -580,8 +583,8 @@ }, "params": { "Region": "eu-north-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -593,8 +596,8 @@ }, "params": { "Region": "eu-west-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -606,8 +609,8 @@ }, "params": { "Region": "eu-west-2", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -619,8 +622,8 @@ }, "params": { "Region": "eu-west-3", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -632,8 +635,8 @@ }, "params": { "Region": "me-south-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -645,8 +648,8 @@ }, "params": { "Region": "sa-east-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -658,8 +661,8 @@ }, "params": { "Region": "us-east-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -671,8 +674,8 @@ }, "params": { "Region": "us-east-2", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -684,8 +687,8 @@ }, "params": { "Region": "us-west-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -697,8 +700,8 @@ }, "params": { "Region": "us-west-2", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -710,8 +713,8 @@ }, "params": { "Region": "us-east-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -723,8 +726,8 @@ }, "params": { "Region": "us-east-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -736,8 +739,8 @@ }, "params": { "Region": "us-east-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -749,8 +752,8 @@ }, "params": { "Region": "cn-north-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -762,8 +765,8 @@ }, "params": { "Region": "cn-north-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -775,8 +778,8 @@ }, "params": { "Region": "cn-north-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -788,8 +791,8 @@ }, "params": { "Region": "cn-north-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -801,8 +804,8 @@ }, "params": { "Region": "us-gov-east-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -814,8 +817,8 @@ }, "params": { "Region": "us-gov-east-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -827,8 +830,8 @@ }, "params": { "Region": "us-gov-east-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -840,8 +843,8 @@ }, "params": { "Region": "us-gov-east-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -851,8 +854,8 @@ }, "params": { "Region": "us-iso-east-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -864,8 +867,8 @@ }, "params": { "Region": "us-iso-east-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -875,8 +878,8 @@ }, "params": { "Region": "us-iso-east-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -888,8 +891,8 @@ }, "params": { "Region": "us-iso-east-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -899,8 +902,8 @@ }, "params": { "Region": "us-isob-east-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -912,8 +915,8 @@ }, "params": { "Region": "us-isob-east-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -923,8 +926,8 @@ }, "params": { "Region": "us-isob-east-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -936,8 +939,8 @@ }, "params": { "Region": "us-isob-east-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -949,8 +952,8 @@ }, "params": { "Region": "us-east-1", - "UseDualStack": false, "UseFIPS": false, + "UseDualStack": false, "Endpoint": "https://example.com" } }, @@ -962,8 +965,8 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, + "UseDualStack": false, "Endpoint": "https://example.com" } }, @@ -974,8 +977,8 @@ }, "params": { "Region": "us-east-1", - "UseDualStack": false, "UseFIPS": true, + "UseDualStack": false, "Endpoint": "https://example.com" } }, @@ -986,8 +989,8 @@ }, "params": { "Region": "us-east-1", - "UseDualStack": true, "UseFIPS": false, + "UseDualStack": true, "Endpoint": "https://example.com" } }, @@ -1002,6 +1005,666 @@ } } }, + "com.amazonaws.amplifyuibuilder#AppId": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 20 + }, + "smithy.api#pattern": "^d[a-z0-9]+$" + } + }, + "com.amazonaws.amplifyuibuilder#AssociatedFieldsList": { + "type": "list", + "member": { + "target": "smithy.api#String" + } + }, + "com.amazonaws.amplifyuibuilder#CodegenFeatureFlags": { + "type": "structure", + "members": { + "isRelationshipSupported": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "Specifes whether a code generation job supports data relationships.
" + } + }, + "isNonModelSupported": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "Specifies whether a code generation job supports non models.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Describes the feature flags that you can specify for a code generation job.
" + } + }, + "com.amazonaws.amplifyuibuilder#CodegenGenericDataEnum": { + "type": "structure", + "members": { + "values": { + "target": "com.amazonaws.amplifyuibuilder#CodegenGenericDataEnumValuesList", + "traits": { + "smithy.api#documentation": "The list of enum values in the generic data schema.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Describes the enums in a generic data schema.
" + } + }, + "com.amazonaws.amplifyuibuilder#CodegenGenericDataEnumValuesList": { + "type": "list", + "member": { + "target": "smithy.api#String" + } + }, + "com.amazonaws.amplifyuibuilder#CodegenGenericDataEnums": { + "type": "map", + "key": { + "target": "smithy.api#String" + }, + "value": { + "target": "com.amazonaws.amplifyuibuilder#CodegenGenericDataEnum" + } + }, + "com.amazonaws.amplifyuibuilder#CodegenGenericDataField": { + "type": "structure", + "members": { + "dataType": { + "target": "com.amazonaws.amplifyuibuilder#CodegenGenericDataFieldDataType", + "traits": { + "smithy.api#documentation": "The data type for the generic data field.
", + "smithy.api#required": {} + } + }, + "dataTypeValue": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The value of the data type for the generic data field.
", + "smithy.api#required": {} + } + }, + "required": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "Specifies whether the generic data field is required.
", + "smithy.api#required": {} + } + }, + "readOnly": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "Specifies whether the generic data field is read-only.
", + "smithy.api#required": {} + } + }, + "isArray": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "Specifies whether the generic data field is an array.
", + "smithy.api#required": {} + } + }, + "relationship": { + "target": "com.amazonaws.amplifyuibuilder#CodegenGenericDataRelationshipType", + "traits": { + "smithy.api#documentation": "The relationship of the generic data schema.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Describes a field in a generic data schema.
" + } + }, + "com.amazonaws.amplifyuibuilder#CodegenGenericDataFieldDataType": { + "type": "enum", + "members": { + "ID": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ID" + } + }, + "STRING": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "String" + } + }, + "INT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Int" + } + }, + "FLOAT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Float" + } + }, + "AWS_DATE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AWSDate" + } + }, + "AWS_TIME": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AWSTime" + } + }, + "AWS_DATE_TIME": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AWSDateTime" + } + }, + "AWS_TIMESTAMP": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AWSTimestamp" + } + }, + "AWS_EMAIL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AWSEmail" + } + }, + "AWS_URL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AWSURL" + } + }, + "AWS_IP_ADDRESS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AWSIPAddress" + } + }, + "BOOLEAN": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Boolean" + } + }, + "AWS_JSON": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AWSJSON" + } + }, + "AWS_PHONE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AWSPhone" + } + }, + "ENUM": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Enum" + } + }, + "MODEL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Model" + } + }, + "NON_MODEL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NonModel" + } + } + } + }, + "com.amazonaws.amplifyuibuilder#CodegenGenericDataFields": { + "type": "map", + "key": { + "target": "smithy.api#String" + }, + "value": { + "target": "com.amazonaws.amplifyuibuilder#CodegenGenericDataField" + } + }, + "com.amazonaws.amplifyuibuilder#CodegenGenericDataModel": { + "type": "structure", + "members": { + "fields": { + "target": "com.amazonaws.amplifyuibuilder#CodegenGenericDataFields", + "traits": { + "smithy.api#documentation": "The fields in the generic data model.
", + "smithy.api#required": {} + } + }, + "isJoinTable": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "Specifies whether the generic data model is a join table.
" + } + }, + "primaryKeys": { + "target": "com.amazonaws.amplifyuibuilder#CodegenPrimaryKeysList", + "traits": { + "smithy.api#documentation": "The primary keys of the generic data model.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Describes a model in a generic data schema.
" + } + }, + "com.amazonaws.amplifyuibuilder#CodegenGenericDataModels": { + "type": "map", + "key": { + "target": "smithy.api#String" + }, + "value": { + "target": "com.amazonaws.amplifyuibuilder#CodegenGenericDataModel" + } + }, + "com.amazonaws.amplifyuibuilder#CodegenGenericDataNonModel": { + "type": "structure", + "members": { + "fields": { + "target": "com.amazonaws.amplifyuibuilder#CodegenGenericDataNonModelFields", + "traits": { + "smithy.api#documentation": "The fields in a generic data schema non model.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Describes a non-model in a generic data schema.
" + } + }, + "com.amazonaws.amplifyuibuilder#CodegenGenericDataNonModelFields": { + "type": "map", + "key": { + "target": "smithy.api#String" + }, + "value": { + "target": "com.amazonaws.amplifyuibuilder#CodegenGenericDataField" + } + }, + "com.amazonaws.amplifyuibuilder#CodegenGenericDataNonModels": { + "type": "map", + "key": { + "target": "smithy.api#String" + }, + "value": { + "target": "com.amazonaws.amplifyuibuilder#CodegenGenericDataNonModel" + } + }, + "com.amazonaws.amplifyuibuilder#CodegenGenericDataRelationshipType": { + "type": "structure", + "members": { + "type": { + "target": "com.amazonaws.amplifyuibuilder#GenericDataRelationshipType", + "traits": { + "smithy.api#documentation": "The data relationship type.
", + "smithy.api#required": {} + } + }, + "relatedModelName": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The name of the related model in the data relationship.
", + "smithy.api#required": {} + } + }, + "relatedModelFields": { + "target": "com.amazonaws.amplifyuibuilder#RelatedModelFieldsList", + "traits": { + "smithy.api#documentation": "The related model fields in the data relationship.
" + } + }, + "canUnlinkAssociatedModel": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "Specifies whether the relationship can unlink the associated model.
" + } + }, + "relatedJoinFieldName": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The name of the related join field in the data relationship.
" + } + }, + "relatedJoinTableName": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The name of the related join table in the data relationship.
" + } + }, + "belongsToFieldOnRelatedModel": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The value of the belongsTo field on the related data model.
The associated fields of the data relationship.
" + } + }, + "isHasManyIndex": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "Specifies whether the @index directive is supported for a hasMany data relationship.
Describes the relationship between generic data models.
" + } + }, + "com.amazonaws.amplifyuibuilder#CodegenJob": { + "type": "structure", + "members": { + "id": { + "target": "com.amazonaws.amplifyuibuilder#Uuid", + "traits": { + "smithy.api#documentation": "The unique ID for the code generation job.
", + "smithy.api#required": {} + } + }, + "appId": { + "target": "com.amazonaws.amplifyuibuilder#AppId", + "traits": { + "smithy.api#documentation": "The ID of the Amplify app associated with the code generation job.
", + "smithy.api#required": {} + } + }, + "environmentName": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The name of the backend environment associated with the code generation job.
", + "smithy.api#required": {} + } + }, + "renderConfig": { + "target": "com.amazonaws.amplifyuibuilder#CodegenJobRenderConfig", + "traits": { + "aws.cloudformation#cfnMutability": "create-and-read" + } + }, + "genericDataSchema": { + "target": "com.amazonaws.amplifyuibuilder#CodegenJobGenericDataSchema", + "traits": { + "aws.cloudformation#cfnMutability": "create-and-read" + } + }, + "autoGenerateForms": { + "target": "smithy.api#Boolean", + "traits": { + "aws.cloudformation#cfnMutability": "create-and-read", + "smithy.api#documentation": "Specifies whether to autogenerate forms in the code generation job.
" + } + }, + "features": { + "target": "com.amazonaws.amplifyuibuilder#CodegenFeatureFlags", + "traits": { + "aws.cloudformation#cfnMutability": "create-and-read" + } + }, + "status": { + "target": "com.amazonaws.amplifyuibuilder#CodegenJobStatus", + "traits": { + "aws.cloudformation#cfnMutability": "read", + "smithy.api#documentation": "The status of the code generation job.
" + } + }, + "statusMessage": { + "target": "smithy.api#String", + "traits": { + "aws.cloudformation#cfnMutability": "read", + "smithy.api#documentation": "The customized status message for the code generation job.
" + } + }, + "asset": { + "target": "com.amazonaws.amplifyuibuilder#CodegenJobAsset", + "traits": { + "aws.cloudformation#cfnMutability": "read", + "smithy.api#documentation": "The CodegenJobAsset to use for the code generation job.
One or more key-value pairs to use when tagging the code generation job.
" + } + }, + "createdAt": { + "target": "smithy.api#Timestamp", + "traits": { + "aws.cloudformation#cfnExcludeProperty": {}, + "smithy.api#documentation": "The time that the code generation job was created.
", + "smithy.api#timestampFormat": "date-time" + } + }, + "modifiedAt": { + "target": "smithy.api#Timestamp", + "traits": { + "aws.cloudformation#cfnExcludeProperty": {}, + "smithy.api#documentation": "The time that the code generation job was modified.
", + "smithy.api#timestampFormat": "date-time" + } + } + }, + "traits": { + "smithy.api#documentation": "Describes the configuration for a code generation job that is associated with an Amplify app.
", + "smithy.api#references": [ + { + "resource": "com.amazonaws.amplifyuibuilder#CodegenJobResource" + } + ] + } + }, + "com.amazonaws.amplifyuibuilder#CodegenJobAsset": { + "type": "structure", + "members": { + "downloadUrl": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The URL to use to access the asset.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Describes an asset for a code generation job.
" + } + }, + "com.amazonaws.amplifyuibuilder#CodegenJobGenericDataSchema": { + "type": "structure", + "members": { + "dataSourceType": { + "target": "com.amazonaws.amplifyuibuilder#CodegenJobGenericDataSourceType", + "traits": { + "smithy.api#documentation": "The type of the data source for the schema. Currently, the only valid value is an Amplify DataStore.
The name of a CodegenGenericDataModel.
The name of a CodegenGenericDataEnum.
The name of a CodegenGenericDataNonModel.
Describes the data schema for a code generation job.
" + } + }, + "com.amazonaws.amplifyuibuilder#CodegenJobGenericDataSourceType": { + "type": "enum", + "members": { + "DATA_STORE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DataStore" + } + } + } + }, + "com.amazonaws.amplifyuibuilder#CodegenJobRenderConfig": { + "type": "union", + "members": { + "react": { + "target": "com.amazonaws.amplifyuibuilder#ReactStartCodegenJobData", + "traits": { + "smithy.api#documentation": "The name of the ReactStartCodegenJobData object.
Describes the configuration information for rendering the UI component associated the code generation job.
" + } + }, + "com.amazonaws.amplifyuibuilder#CodegenJobResource": { + "type": "resource", + "identifiers": { + "id": { + "target": "com.amazonaws.amplifyuibuilder#Uuid" + }, + "appId": { + "target": "com.amazonaws.amplifyuibuilder#AppId" + }, + "environmentName": { + "target": "smithy.api#String" + } + }, + "create": { + "target": "com.amazonaws.amplifyuibuilder#StartCodegenJob" + }, + "read": { + "target": "com.amazonaws.amplifyuibuilder#GetCodegenJob" + }, + "list": { + "target": "com.amazonaws.amplifyuibuilder#ListCodegenJobs" + }, + "traits": { + "aws.api#arn": { + "template": "app/{appId}/environment/{environmentName}/codegen-jobs/{id}" + }, + "aws.cloudformation#cfnResource": { + "name": "CodegenJob", + "additionalSchemas": [ + "com.amazonaws.amplifyuibuilder#CodegenJob" + ] + }, + "aws.iam#conditionKeys": [ + "aws:ResourceTag/${TagKey}" + ] + } + }, + "com.amazonaws.amplifyuibuilder#CodegenJobStatus": { + "type": "enum", + "members": { + "IN_PROGRESS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "in_progress" + } + }, + "FAILED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "failed" + } + }, + "SUCCEEDED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "succeeded" + } + } + } + }, + "com.amazonaws.amplifyuibuilder#CodegenJobSummary": { + "type": "structure", + "members": { + "appId": { + "target": "com.amazonaws.amplifyuibuilder#AppId", + "traits": { + "smithy.api#documentation": "The unique ID of the Amplify app associated with the code generation job.
", + "smithy.api#required": {} + } + }, + "environmentName": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The name of the backend environment associated with the code generation job.
", + "smithy.api#required": {} + } + }, + "id": { + "target": "com.amazonaws.amplifyuibuilder#Uuid", + "traits": { + "smithy.api#documentation": "The unique ID for the code generation job summary.
", + "smithy.api#required": {} + } + }, + "createdAt": { + "target": "smithy.api#Timestamp", + "traits": { + "aws.cloudformation#cfnExcludeProperty": {}, + "smithy.api#documentation": "The time that the code generation job summary was created.
", + "smithy.api#timestampFormat": "date-time" + } + }, + "modifiedAt": { + "target": "smithy.api#Timestamp", + "traits": { + "aws.cloudformation#cfnExcludeProperty": {}, + "smithy.api#documentation": "The time that the code generation job summary was modified.
", + "smithy.api#timestampFormat": "date-time" + } + } + }, + "traits": { + "smithy.api#documentation": "A summary of the basic information about the code generation job.
" + } + }, + "com.amazonaws.amplifyuibuilder#CodegenJobSummaryList": { + "type": "list", + "member": { + "target": "com.amazonaws.amplifyuibuilder#CodegenJobSummary" + } + }, + "com.amazonaws.amplifyuibuilder#CodegenPrimaryKeysList": { + "type": "list", + "member": { + "target": "smithy.api#String" + } + }, "com.amazonaws.amplifyuibuilder#Component": { "type": "structure", "members": { @@ -1916,7 +2579,7 @@ "aws.iam#requiredActions": [ "amplify:GetApp" ], - "smithy.api#documentation": "Creates a new form for an Amplify app.
", + "smithy.api#documentation": "Creates a new form for an Amplify.
", "smithy.api#http": { "uri": "/app/{appId}/environment/{environmentName}/forms", "method": "POST" @@ -3479,6 +4142,111 @@ "target": "com.amazonaws.amplifyuibuilder#FormSummary" } }, + "com.amazonaws.amplifyuibuilder#GenericDataRelationshipType": { + "type": "enum", + "members": { + "HAS_MANY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "HAS_MANY" + } + }, + "HAS_ONE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "HAS_ONE" + } + }, + "BELONGS_TO": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "BELONGS_TO" + } + } + } + }, + "com.amazonaws.amplifyuibuilder#GetCodegenJob": { + "type": "operation", + "input": { + "target": "com.amazonaws.amplifyuibuilder#GetCodegenJobRequest" + }, + "output": { + "target": "com.amazonaws.amplifyuibuilder#GetCodegenJobResponse" + }, + "errors": [ + { + "target": "com.amazonaws.amplifyuibuilder#InternalServerException" + }, + { + "target": "com.amazonaws.amplifyuibuilder#InvalidParameterException" + }, + { + "target": "com.amazonaws.amplifyuibuilder#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.amplifyuibuilder#ThrottlingException" + } + ], + "traits": { + "aws.iam#requiredActions": [ + "amplify:GetApp" + ], + "smithy.api#documentation": "Returns an existing code generation job.
", + "smithy.api#http": { + "uri": "/app/{appId}/environment/{environmentName}/codegen-jobs/{id}", + "method": "GET" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.amplifyuibuilder#GetCodegenJobRequest": { + "type": "structure", + "members": { + "appId": { + "target": "com.amazonaws.amplifyuibuilder#AppId", + "traits": { + "smithy.api#documentation": "The unique ID of the Amplify app associated with the code generation job.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "environmentName": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The name of the backend environment that is a part of the Amplify app associated with the code generation job.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "id": { + "target": "com.amazonaws.amplifyuibuilder#Uuid", + "traits": { + "smithy.api#documentation": "The unique ID of the code generation job.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.amplifyuibuilder#GetCodegenJobResponse": { + "type": "structure", + "members": { + "job": { + "target": "com.amazonaws.amplifyuibuilder#CodegenJob", + "traits": { + "aws.cloudformation#cfnExcludeProperty": {}, + "smithy.api#documentation": "The configuration settings for the code generation job.
", + "smithy.api#httpPayload": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.amplifyuibuilder#GetComponent": { "type": "operation", "input": { @@ -3788,6 +4556,63 @@ "smithy.api#httpError": 400 } }, + "com.amazonaws.amplifyuibuilder#JSModule": { + "type": "enum", + "members": { + "ES2020": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "es2020" + } + }, + "ESNEXT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "esnext" + } + } + } + }, + "com.amazonaws.amplifyuibuilder#JSScript": { + "type": "enum", + "members": { + "JSX": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "jsx" + } + }, + "TSX": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "tsx" + } + }, + "JS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "js" + } + } + } + }, + "com.amazonaws.amplifyuibuilder#JSTarget": { + "type": "enum", + "members": { + "ES2015": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "es2015" + } + }, + "ES2020": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "es2020" + } + } + } + }, "com.amazonaws.amplifyuibuilder#LabelDecorator": { "type": "string", "traits": { @@ -3807,6 +4632,112 @@ ] } }, + "com.amazonaws.amplifyuibuilder#ListCodegenJobs": { + "type": "operation", + "input": { + "target": "com.amazonaws.amplifyuibuilder#ListCodegenJobsRequest" + }, + "output": { + "target": "com.amazonaws.amplifyuibuilder#ListCodegenJobsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.amplifyuibuilder#InternalServerException" + }, + { + "target": "com.amazonaws.amplifyuibuilder#InvalidParameterException" + }, + { + "target": "com.amazonaws.amplifyuibuilder#ThrottlingException" + } + ], + "traits": { + "aws.iam#requiredActions": [ + "amplify:GetApp" + ], + "smithy.api#documentation": "Retrieves a list of code generation jobs for a specified Amplify app and backend environment.
", + "smithy.api#http": { + "uri": "/app/{appId}/environment/{environmentName}/codegen-jobs", + "method": "GET" + }, + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "pageSize": "maxResults", + "items": "entities" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.amplifyuibuilder#ListCodegenJobsLimit": { + "type": "integer", + "traits": { + "smithy.api#range": { + "min": 1, + "max": 100 + } + } + }, + "com.amazonaws.amplifyuibuilder#ListCodegenJobsRequest": { + "type": "structure", + "members": { + "appId": { + "target": "com.amazonaws.amplifyuibuilder#AppId", + "traits": { + "smithy.api#documentation": "The unique ID for the Amplify app.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "environmentName": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The name of the backend environment that is a part of the Amplify app.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "nextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The token to request the next page of results.
", + "smithy.api#httpQuery": "nextToken" + } + }, + "maxResults": { + "target": "com.amazonaws.amplifyuibuilder#ListCodegenJobsLimit", + "traits": { + "smithy.api#default": 100, + "smithy.api#documentation": "The maximum number of jobs to retrieve.
", + "smithy.api#httpQuery": "maxResults" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.amplifyuibuilder#ListCodegenJobsResponse": { + "type": "structure", + "members": { + "entities": { + "target": "com.amazonaws.amplifyuibuilder#CodegenJobSummaryList", + "traits": { + "smithy.api#documentation": "The list of code generation jobs for the Amplify app.
", + "smithy.api#required": {} + } + }, + "nextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The pagination token that's included if more results are available.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.amplifyuibuilder#ListComponents": { "type": "operation", "input": { @@ -4268,6 +5199,46 @@ } } }, + "com.amazonaws.amplifyuibuilder#ReactStartCodegenJobData": { + "type": "structure", + "members": { + "module": { + "target": "com.amazonaws.amplifyuibuilder#JSModule", + "traits": { + "smithy.api#documentation": "The JavaScript module type.
" + } + }, + "target": { + "target": "com.amazonaws.amplifyuibuilder#JSTarget", + "traits": { + "smithy.api#documentation": "The ECMAScript specification to use.
" + } + }, + "script": { + "target": "com.amazonaws.amplifyuibuilder#JSScript", + "traits": { + "smithy.api#documentation": "The file type to use for a JavaScript project.
" + } + }, + "renderTypeDeclarations": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#default": false, + "smithy.api#documentation": "Specifies whether the code generation job should render type declaration files.
" + } + }, + "inlineSourceMap": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#default": false, + "smithy.api#documentation": "Specifies whether the code generation job should render inline source maps.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Describes the code generation job configuration for a React project.
" + } + }, "com.amazonaws.amplifyuibuilder#RefreshToken": { "type": "operation", "input": { @@ -4350,6 +5321,12 @@ } } }, + "com.amazonaws.amplifyuibuilder#RelatedModelFieldsList": { + "type": "list", + "member": { + "target": "smithy.api#String" + } + }, "com.amazonaws.amplifyuibuilder#ResourceConflictException": { "type": "structure", "members": { @@ -4490,6 +5467,132 @@ "target": "com.amazonaws.amplifyuibuilder#SortProperty" } }, + "com.amazonaws.amplifyuibuilder#StartCodegenJob": { + "type": "operation", + "input": { + "target": "com.amazonaws.amplifyuibuilder#StartCodegenJobRequest" + }, + "output": { + "target": "com.amazonaws.amplifyuibuilder#StartCodegenJobResponse" + }, + "errors": [ + { + "target": "com.amazonaws.amplifyuibuilder#InternalServerException" + }, + { + "target": "com.amazonaws.amplifyuibuilder#InvalidParameterException" + }, + { + "target": "com.amazonaws.amplifyuibuilder#ThrottlingException" + } + ], + "traits": { + "aws.iam#requiredActions": [ + "amplify:GetApp" + ], + "smithy.api#documentation": "Starts a code generation job for for a specified Amplify app and backend environment.
", + "smithy.api#http": { + "uri": "/app/{appId}/environment/{environmentName}/codegen-jobs", + "method": "POST" + } + } + }, + "com.amazonaws.amplifyuibuilder#StartCodegenJobData": { + "type": "structure", + "members": { + "renderConfig": { + "target": "com.amazonaws.amplifyuibuilder#CodegenJobRenderConfig", + "traits": { + "smithy.api#documentation": "The code generation configuration for the codegen job.
", + "smithy.api#required": {} + } + }, + "genericDataSchema": { + "target": "com.amazonaws.amplifyuibuilder#CodegenJobGenericDataSchema", + "traits": { + "smithy.api#documentation": "The data schema to use for a code generation job.
" + } + }, + "autoGenerateForms": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "Specifies whether to autogenerate forms in the code generation job.
" + } + }, + "features": { + "target": "com.amazonaws.amplifyuibuilder#CodegenFeatureFlags", + "traits": { + "smithy.api#documentation": "The feature flags for a code generation job.
" + } + }, + "tags": { + "target": "com.amazonaws.amplifyuibuilder#Tags", + "traits": { + "smithy.api#documentation": "One or more key-value pairs to use when tagging the code generation job data.
" + } + } + }, + "traits": { + "smithy.api#documentation": "The code generation job resource configuration.
" + } + }, + "com.amazonaws.amplifyuibuilder#StartCodegenJobRequest": { + "type": "structure", + "members": { + "appId": { + "target": "com.amazonaws.amplifyuibuilder#AppId", + "traits": { + "smithy.api#documentation": "The unique ID for the Amplify app.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "environmentName": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The name of the backend environment that is a part of the Amplify app.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "clientToken": { + "target": "smithy.api#String", + "traits": { + "aws.cloudformation#cfnExcludeProperty": {}, + "smithy.api#documentation": "The idempotency token used to ensure that the code generation job request completes only once.
", + "smithy.api#httpQuery": "clientToken", + "smithy.api#idempotencyToken": {} + } + }, + "codegenJobToCreate": { + "target": "com.amazonaws.amplifyuibuilder#StartCodegenJobData", + "traits": { + "aws.cloudformation#cfnExcludeProperty": {}, + "smithy.api#documentation": "The code generation job resource configuration.
", + "smithy.api#httpPayload": {}, + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.amplifyuibuilder#StartCodegenJobResponse": { + "type": "structure", + "members": { + "entity": { + "target": "com.amazonaws.amplifyuibuilder#CodegenJob", + "traits": { + "smithy.api#documentation": "The code generation job for a UI component that is associated with an Amplify app.
", + "smithy.api#httpPayload": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.amplifyuibuilder#StorageAccessLevel": { "type": "string", "traits": { @@ -4772,6 +5875,19 @@ "target": "com.amazonaws.amplifyuibuilder#ThemeValues" } }, + "com.amazonaws.amplifyuibuilder#ThrottlingException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String" + } + }, + "traits": { + "smithy.api#documentation": "The request was denied due to request throttling.
", + "smithy.api#error": "client", + "smithy.api#httpError": 429 + } + }, "com.amazonaws.amplifyuibuilder#TokenProviders": { "type": "string", "traits": { diff --git a/codegen/sdk/aws-models/application-discovery-service.json b/codegen/sdk/aws-models/application-discovery-service.json index de226719749..f36828d784d 100644 --- a/codegen/sdk/aws-models/application-discovery-service.json +++ b/codegen/sdk/aws-models/application-discovery-service.json @@ -121,7 +121,7 @@ "name": "discovery" }, "aws.protocols#awsJson1_1": {}, - "smithy.api#documentation": "Amazon Web Services Application Discovery Service helps you plan application migration projects. It\n automatically identifies servers, virtual machines (VMs), and network dependencies in your\n on-premises data centers. For more information, see the Amazon Web Services Application Discovery Service FAQ. \n Application Discovery Service offers three ways of performing discovery and\n collecting data about your on-premises servers:
\n\n Agentless discovery is recommended for environments\n that use VMware vCenter Server. This mode doesn't require you to install an agent on each\n host. It does not work in non-VMware environments.
\nAgentless discovery gathers server information regardless of the operating\n systems, which minimizes the time required for initial on-premises infrastructure\n assessment.
\nAgentless discovery doesn't collect information about network dependencies, only\n agent-based discovery collects that information.
\n\n Agent-based discovery collects a richer set of data\n than agentless discovery by using the Amazon Web Services Application Discovery Agent, which you install\n on one or more hosts in your data center.
\nThe agent captures infrastructure and application information, including an\n inventory of running processes, system performance information, resource utilization,\n and network dependencies.
\nThe information collected by agents is secured at rest and in transit to the\n Application Discovery Service database in the cloud.
\n\n Amazon Web Services Partner Network (APN) solutions integrate with\n Application Discovery Service, enabling you to import details of your on-premises\n environment directly into Migration Hub without using the discovery connector or discovery\n agent.
\nThird-party application discovery tools can query Amazon Web Services Application Discovery\n Service, and they can write to the Application Discovery Service database using the\n public API.
\nIn this way, you can import data into Migration Hub and view it, so that you can\n associate applications with servers and track migrations.
\n\n Recommendations\n
\nWe recommend that you use agent-based discovery for non-VMware environments, and\n whenever you want to collect information about network dependencies. You can run agent-based\n and agentless discovery simultaneously. Use agentless discovery to complete the initial\n infrastructure assessment quickly, and then install agents on select hosts to collect\n additional information.
\n\n Working With This Guide\n
\nThis API reference provides descriptions, syntax, and usage examples for each of the\n actions and data types for Application Discovery Service. The topic for each action shows the\n API request parameters and the response. Alternatively, you can use one of the Amazon Web Services SDKs to\n access an API that is tailored to the programming language or platform that you're using. For\n more information, see Amazon Web Services\n SDKs.
\nRemember that you must set your Migration Hub home region before you call any of\n these APIs.
\nYou must make API calls for write actions (create, notify, associate, disassociate,\n import, or put) while in your home region, or a HomeRegionNotSetException\n error is returned.
API calls for read actions (list, describe, stop, and delete) are permitted outside\n of your home region.
\nAlthough it is unlikely, the Migration Hub home region could change. If you call\n APIs outside the home region, an InvalidInputException is returned.
You must call GetHomeRegion to obtain the latest Migration Hub home\n region.
This guide is intended for use with the Amazon Web Services Application\n Discovery Service User Guide.
\nAll data is handled according to the Amazon Web Services \n Privacy Policy. You can operate Application Discovery Service offline to inspect\n collected data before it is shared with the service.
\nAmazon Web Services Application Discovery Service (Application Discovery Service) helps you plan application migration projects. It automatically\n identifies servers, virtual machines (VMs), and network dependencies in your on-premises data\n centers. For more information, see the Amazon Web Services Application Discovery Service FAQ.
\nApplication Discovery Service offers three ways of performing discovery and collecting\n data about your on-premises servers:
\n\n Agentless discovery using\n Amazon Web Services Application Discovery Service Agentless Collector (Agentless Collector), which doesn't require you\n to install an agent on each host.
\nAgentless Collector gathers server information regardless of the\n operating systems, which minimizes the time required for initial on-premises\n infrastructure assessment.
\nAgentless Collector doesn't collect information about network\n dependencies, only agent-based discovery collects that information.\n
\n\n Agent-based discovery using the Amazon Web Services Application\n Discovery Agent (Application Discovery Agent) collects a richer set of data than agentless\n discovery, which you install on one or more hosts in your data center.
\nThe agent captures infrastructure and application information, including an\n inventory of running processes, system performance information, resource utilization,\n and network dependencies.
\nThe information collected by agents is secured at rest and in transit to the\n Application Discovery Service database in the Amazon Web Services cloud. For more information, see\n Amazon Web Services Application\n Discovery Agent.
\n\n Amazon Web Services Partner Network (APN) solutions integrate with\n Application Discovery Service, enabling you to import details of your on-premises\n environment directly into Amazon Web Services Migration Hub (Migration Hub) without using\n Agentless Collector or Application Discovery Agent.
\nThird-party application discovery tools can query Amazon Web Services Application Discovery\n Service, and they can write to the Application Discovery Service database using the\n public API.
\nIn this way, you can import data into Migration Hub and view it, so that you can\n associate applications with servers and track migrations.
\n\n Working With This Guide\n
\nThis API reference provides descriptions, syntax, and usage examples for each of the\n actions and data types for Application Discovery Service. The topic for each action shows the\n API request parameters and the response. Alternatively, you can use one of the Amazon Web Services SDKs to\n access an API that is tailored to the programming language or platform that you're using. For\n more information, see Amazon Web Services SDKs.
\nRemember that you must set your Migration Hub home Region before you call any of\n these APIs.
\nYou must make API calls for write actions (create, notify, associate, disassociate,\n import, or put) while in your home Region, or a HomeRegionNotSetException\n error is returned.
API calls for read actions (list, describe, stop, and delete) are permitted outside\n of your home Region.
\nAlthough it is unlikely, the Migration Hub home Region could change. If you call\n APIs outside the home Region, an InvalidInputException is returned.
You must call GetHomeRegion to obtain the latest Migration Hub home\n Region.
This guide is intended for use with the Amazon Web Services Application Discovery Service User\n Guide.
\nAll data is handled according to the Amazon Web Services Privacy Policy. You can operate Application Discovery Service offline to\n inspect collected data before it is shared with the service.
\nThe agent/connector ID.
" + "smithy.api#documentation": "The agent ID.
" } }, "operationSucceeded": { "target": "com.amazonaws.applicationdiscoveryservice#Boolean", "traits": { "smithy.api#default": false, - "smithy.api#documentation": "Information about the status of the StartDataCollection and\n StopDataCollection operations. The system has recorded the data collection\n operation. The agent/connector receives this command the next time it polls for a new command.\n
Information about the status of the StartDataCollection and\n StopDataCollection operations. The system has recorded the data collection\n operation. The agent receives this command the next time it polls for a new command.\n
Information about agents or connectors that were instructed to start collecting data.\n Information includes the agent/connector ID, a description of the operation, and whether the\n agent/connector configuration was updated.
" + "smithy.api#documentation": "Information about agents that were instructed to start collecting data.\n Information includes the agent ID, a description of the operation, and whether the\n agent configuration was updated.
" } }, "com.amazonaws.applicationdiscoveryservice#AgentConfigurationStatusList": { @@ -925,19 +925,19 @@ "agentId": { "target": "com.amazonaws.applicationdiscoveryservice#AgentId", "traits": { - "smithy.api#documentation": "The agent or connector ID.
" + "smithy.api#documentation": "The agent or collector ID.
" } }, "hostName": { "target": "com.amazonaws.applicationdiscoveryservice#String", "traits": { - "smithy.api#documentation": "The name of the host where the agent or connector resides. The host can be a server or\n virtual machine.
" + "smithy.api#documentation": "The name of the host where the agent or collector resides. The host can be a server or\n virtual machine.
" } }, "agentNetworkInfoList": { "target": "com.amazonaws.applicationdiscoveryservice#AgentNetworkInfoList", "traits": { - "smithy.api#documentation": "Network details about the host where the agent or connector resides.
" + "smithy.api#documentation": "Network details about the host where the agent or collector resides.
" } }, "connectorId": { @@ -949,25 +949,25 @@ "version": { "target": "com.amazonaws.applicationdiscoveryservice#String", "traits": { - "smithy.api#documentation": "The agent or connector version.
" + "smithy.api#documentation": "The agent or collector version.
" } }, "health": { "target": "com.amazonaws.applicationdiscoveryservice#AgentStatus", "traits": { - "smithy.api#documentation": "The health of the agent or connector.
" + "smithy.api#documentation": "The health of the agent.
" } }, "lastHealthPingTime": { "target": "com.amazonaws.applicationdiscoveryservice#String", "traits": { - "smithy.api#documentation": "Time since agent or connector health was reported.
" + "smithy.api#documentation": "Time since agent health was reported.
" } }, "collectionStatus": { "target": "com.amazonaws.applicationdiscoveryservice#String", "traits": { - "smithy.api#documentation": "Status of the collection process for an agent or connector.
" + "smithy.api#documentation": "Status of the collection process for an agent.
" } }, "agentType": { @@ -984,7 +984,7 @@ } }, "traits": { - "smithy.api#documentation": "Information about agents or connectors associated with the user’s Amazon Web Services account.\n Information includes agent or connector IDs, IP addresses, media access control (MAC)\n addresses, agent or connector health, hostname where the agent or connector resides, and agent\n version for each agent.
" + "smithy.api#documentation": "Information about agents associated with the user’s Amazon Web Services account.\n Information includes agent IDs, IP addresses, media access control (MAC)\n addresses, agent or collector status, hostname where the agent resides, and agent\n version for each agent.
" } }, "com.amazonaws.applicationdiscoveryservice#AgentNetworkInfo": { @@ -993,18 +993,18 @@ "ipAddress": { "target": "com.amazonaws.applicationdiscoveryservice#String", "traits": { - "smithy.api#documentation": "The IP address for the host where the agent/connector resides.
" + "smithy.api#documentation": "The IP address for the host where the agent/collector resides.
" } }, "macAddress": { "target": "com.amazonaws.applicationdiscoveryservice#String", "traits": { - "smithy.api#documentation": "The MAC address for the host where the agent/connector resides.
" + "smithy.api#documentation": "The MAC address for the host where the agent/collector resides.
" } } }, "traits": { - "smithy.api#documentation": "Network details about the host where the agent/connector resides.
" + "smithy.api#documentation": "Network details about the host where the agent/collector resides.
" } }, "com.amazonaws.applicationdiscoveryservice#AgentNetworkInfoList": { @@ -1162,7 +1162,7 @@ } }, "traits": { - "smithy.api#documentation": "The Amazon Web Services user account does not have permission to perform the action. Check the IAM\n policy associated with this account.
", + "smithy.api#documentation": "The user does not have permission to perform the action. Check the IAM\n policy associated with this user.
", "smithy.api#error": "client", "smithy.api#httpError": 403 } @@ -1462,7 +1462,7 @@ "statusDetail": { "target": "com.amazonaws.applicationdiscoveryservice#StringMax255", "traits": { - "smithy.api#documentation": "Contains information about any errors that have occurred. This data type can have the\n following values:
\nACCESS_DENIED - You don’t have permission to start Data Exploration in Amazon\n Athena. Contact your Amazon Web Services administrator for help. For more information, see Setting Up Amazon Web Services Application Discovery Service in the Application Discovery\n Service User Guide.
\nDELIVERY_STREAM_LIMIT_FAILURE - You reached the limit for Amazon Kinesis Data\n Firehose delivery streams. Reduce the number of streams or request a limit increase and\n try again. For more information, see Kinesis Data Streams Limits in the Amazon Kinesis Data Streams Developer\n Guide.
\nFIREHOSE_ROLE_MISSING - The Data Exploration feature is in an error state because\n your IAM User is missing the AWSApplicationDiscoveryServiceFirehose role. Turn on Data\n Exploration in Amazon Athena and try again. For more information, see Step 3: Provide Application Discovery Service Access to Non-Administrator Users by\n Attaching Policies in the Application Discovery Service User Guide.
\nFIREHOSE_STREAM_DOES_NOT_EXIST - The Data Exploration feature is in an error state\n because your IAM User is missing one or more of the Kinesis data delivery\n streams.
\nINTERNAL_FAILURE - The Data Exploration feature is in an error state because of an\n internal failure. Try again later. If this problem persists, contact Amazon Web Services\n Support.
\nLAKE_FORMATION_ACCESS_DENIED - You don't have sufficient lake formation permissions\n to start continuous export. For more information, see \n Upgrading Amazon Web Services Glue Data Permissions to the Amazon Web Services Lake Formation Model in the\n Amazon Web Services Lake Formation Developer Guide.
\nYou can use one of the following two ways to resolve this issue.
\nIf you don’t want to use the Lake Formation permission model, you can change\n the default Data Catalog settings to use only Amazon Web Services Identity and Access Management\n (IAM) access control for new databases. For more information, see Change Data Catalog Settings in the Lake Formation\n Developer Guide.
\nYou can give the service-linked IAM roles\n AWSServiceRoleForApplicationDiscoveryServiceContinuousExport and\n AWSApplicationDiscoveryServiceFirehose the required Lake Formation permissions. For\n more information, see \n Granting Database Permissions in the Lake Formation\n Developer Guide.
\nAWSServiceRoleForApplicationDiscoveryServiceContinuousExport - Grant\n database creator permissions, which gives the role database creation ability and\n implicit permissions for any created tables. For more information, see \n Implicit Lake Formation Permissions in the Lake\n Formation Developer Guide.
\nAWSApplicationDiscoveryServiceFirehose - Grant describe permissions for all\n tables in the database.
\nS3_BUCKET_LIMIT_FAILURE - You reached the limit for Amazon S3 buckets. Reduce the\n number of S3 buckets or request a limit increase and try again. For more\n information, see Bucket\n Restrictions and Limitations in the Amazon Simple Storage Service Developer\n Guide.
\nS3_NOT_SIGNED_UP - Your account is not signed up for the Amazon S3 service. You\n must sign up before you can use Amazon S3. You can sign up at the following URL: https://aws.amazon.com/s3.
\nContains information about any errors that have occurred. This data type can have the\n following values:
\nACCESS_DENIED - You don’t have permission to start Data Exploration in Amazon\n Athena. Contact your Amazon Web Services administrator for help. For more information, see Setting Up Amazon Web Services Application Discovery Service in the Application Discovery\n Service User Guide.
\nDELIVERY_STREAM_LIMIT_FAILURE - You reached the limit for Amazon Kinesis Data\n Firehose delivery streams. Reduce the number of streams or request a limit increase and\n try again. For more information, see Kinesis Data Streams Limits in the Amazon Kinesis Data Streams Developer\n Guide.
\nFIREHOSE_ROLE_MISSING - The Data Exploration feature is in an error state because\n your user is missing the Amazon Web ServicesApplicationDiscoveryServiceFirehose role. Turn on Data\n Exploration in Amazon Athena and try again. For more information, see Creating the Amazon Web ServicesApplicationDiscoveryServiceFirehose Role in the Application Discovery Service User Guide.
\nFIREHOSE_STREAM_DOES_NOT_EXIST - The Data Exploration feature is in an error state\n because your user is missing one or more of the Kinesis data delivery\n streams.
\nINTERNAL_FAILURE - The Data Exploration feature is in an error state because of an\n internal failure. Try again later. If this problem persists, contact Amazon Web Services\n Support.
\nLAKE_FORMATION_ACCESS_DENIED - You don't have sufficient lake formation permissions\n to start continuous export. For more information, see \n Upgrading Amazon Web Services Glue Data Permissions to the Amazon Web Services Lake Formation Model in the\n Amazon Web Services Lake Formation Developer Guide.
\nYou can use one of the following two ways to resolve this issue.
\nIf you don’t want to use the Lake Formation permission model, you can change\n the default Data Catalog settings to use only Amazon Web Services Identity and Access Management\n (IAM) access control for new databases. For more information, see Change Data Catalog Settings in the Lake Formation Developer\n Guide.
\nYou can give the service-linked IAM roles\n AWSServiceRoleForApplicationDiscoveryServiceContinuousExport and\n AWSApplicationDiscoveryServiceFirehose the required Lake Formation permissions. For\n more information, see \n Granting Database Permissions in the Lake Formation Developer\n Guide.
\nAWSServiceRoleForApplicationDiscoveryServiceContinuousExport - Grant\n database creator permissions, which gives the role database creation ability and\n implicit permissions for any created tables. For more information, see \n Implicit Lake Formation Permissions in the Lake Formation\n Developer Guide.
\nAWSApplicationDiscoveryServiceFirehose - Grant describe permissions for all\n tables in the database.
\nS3_BUCKET_LIMIT_FAILURE - You reached the limit for Amazon S3 buckets. Reduce the\n number of S3 buckets or request a limit increase and try again. For more information, see\n Bucket Restrictions and Limitations in the Amazon Simple Storage Service\n Developer Guide.
\nS3_NOT_SIGNED_UP - Your account is not signed up for the Amazon S3 service. You\n must sign up before you can use Amazon S3. You can sign up at the following URL: https://aws.amazon.com/s3.
\nThe number of active Agentless Collector collectors.
", "smithy.api#required": {} } }, @@ -1762,6 +1763,7 @@ "target": "com.amazonaws.applicationdiscoveryservice#Integer", "traits": { "smithy.api#default": 0, + "smithy.api#documentation": "The number of healthy Agentless Collector collectors.
", "smithy.api#required": {} } }, @@ -1769,6 +1771,7 @@ "target": "com.amazonaws.applicationdiscoveryservice#Integer", "traits": { "smithy.api#default": 0, + "smithy.api#documentation": "The number of deny-listed Agentless Collector collectors.
", "smithy.api#required": {} } }, @@ -1776,6 +1779,7 @@ "target": "com.amazonaws.applicationdiscoveryservice#Integer", "traits": { "smithy.api#default": 0, + "smithy.api#documentation": "The number of Agentless Collector collectors with SHUTDOWN status.\n
The number of unhealthy Agentless Collector collectors.
", "smithy.api#required": {} } }, @@ -1790,6 +1795,7 @@ "target": "com.amazonaws.applicationdiscoveryservice#Integer", "traits": { "smithy.api#default": 0, + "smithy.api#documentation": "The total number of Agentless Collector collectors.
", "smithy.api#required": {} } }, @@ -1797,9 +1803,13 @@ "target": "com.amazonaws.applicationdiscoveryservice#Integer", "traits": { "smithy.api#default": 0, + "smithy.api#documentation": "The number of unknown Agentless Collector collectors.
", "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#documentation": "The inventory data for installed Agentless Collector collectors.
" } }, "com.amazonaws.applicationdiscoveryservice#CustomerConnectorInfo": { @@ -1873,7 +1883,7 @@ "target": "com.amazonaws.applicationdiscoveryservice#Integer", "traits": { "smithy.api#default": 0, - "smithy.api#documentation": "\n The number of active Migration Evaluator collectors.\n
", + "smithy.api#documentation": "The number of active Migration Evaluator collectors.
", "smithy.api#required": {} } }, @@ -1881,7 +1891,7 @@ "target": "com.amazonaws.applicationdiscoveryservice#Integer", "traits": { "smithy.api#default": 0, - "smithy.api#documentation": "\n The number of healthy Migration Evaluator collectors.\n
", + "smithy.api#documentation": "The number of healthy Migration Evaluator collectors.
", "smithy.api#required": {} } }, @@ -1889,7 +1899,7 @@ "target": "com.amazonaws.applicationdiscoveryservice#Integer", "traits": { "smithy.api#default": 0, - "smithy.api#documentation": "\n The number of deny-listed Migration Evaluator collectors.\n
", + "smithy.api#documentation": "The number of deny-listed Migration Evaluator collectors.
", "smithy.api#required": {} } }, @@ -1897,7 +1907,7 @@ "target": "com.amazonaws.applicationdiscoveryservice#Integer", "traits": { "smithy.api#default": 0, - "smithy.api#documentation": "\n The number of Migration Evaluator collectors with SHUTDOWN status.\n
The number of Migration Evaluator collectors with SHUTDOWN status.
\n The number of unhealthy Migration Evaluator collectors.\n
", + "smithy.api#documentation": "The number of unhealthy Migration Evaluator collectors.
", "smithy.api#required": {} } }, @@ -1913,7 +1923,7 @@ "target": "com.amazonaws.applicationdiscoveryservice#Integer", "traits": { "smithy.api#default": 0, - "smithy.api#documentation": "\n The total number of Migration Evaluator collectors.\n
", + "smithy.api#documentation": "The total number of Migration Evaluator collectors.
", "smithy.api#required": {} } }, @@ -1921,13 +1931,13 @@ "target": "com.amazonaws.applicationdiscoveryservice#Integer", "traits": { "smithy.api#default": 0, - "smithy.api#documentation": "\n The number of unknown Migration Evaluator collectors.\n
", + "smithy.api#documentation": "The number of unknown Migration Evaluator collectors.
", "smithy.api#required": {} } } }, "traits": { - "smithy.api#documentation": "\n The inventory data for installed Migration Evaluator collectors.\n
" + "smithy.api#documentation": "The inventory data for installed Migration Evaluator collectors.
" } }, "com.amazonaws.applicationdiscoveryservice#DataSource": { @@ -2087,7 +2097,7 @@ } ], "traits": { - "smithy.api#documentation": "Lists agents or connectors as specified by ID or other filters. All agents/connectors\n associated with your user account can be listed if you call DescribeAgents as is\n without passing any parameters.
Lists agents or collectors as specified by ID or other filters. All agents/collectors\n associated with your user can be listed if you call DescribeAgents as is\n without passing any parameters.
The agent or the Connector IDs for which you want information. If you specify no IDs,\n the system returns information about all agents/Connectors associated with your Amazon Web Services user\n account.
" + "smithy.api#documentation": "The agent or the collector IDs for which you want information. If you specify no IDs,\n the system returns information about all agents/collectors associated with your user.
" } }, "filters": { @@ -2109,7 +2119,7 @@ "target": "com.amazonaws.applicationdiscoveryservice#Integer", "traits": { "smithy.api#default": 0, - "smithy.api#documentation": "The total number of agents/Connectors to return in a single page of output. The maximum\n value is 100.
" + "smithy.api#documentation": "The total number of agents/collectors to return in a single page of output. The maximum\n value is 100.
" } }, "nextToken": { @@ -2129,7 +2139,7 @@ "agentsInfo": { "target": "com.amazonaws.applicationdiscoveryservice#AgentsInfo", "traits": { - "smithy.api#documentation": "Lists agents or the Connector by ID or lists all agents/Connectors associated with your\n user account if you did not specify an agent/Connector ID. The output includes agent/Connector\n IDs, IP addresses, media access control (MAC) addresses, agent/Connector health, host name\n where the agent/Connector resides, and the version number of each agent/Connector.
" + "smithy.api#documentation": "Lists agents or the collector by ID or lists all agents/collectors associated with your\n user, if you did not specify an agent/collector ID. The output includes agent/collector\n IDs, IP addresses, media access control (MAC) addresses, agent/collector health, host name\n where the agent/collector resides, and the version number of each agent/collector.
" } }, "nextToken": { @@ -2248,7 +2258,7 @@ } ], "traits": { - "smithy.api#documentation": "Lists exports as specified by ID. All continuous exports associated with your user\n account can be listed if you call DescribeContinuousExports as is without passing\n any parameters.
Lists exports as specified by ID. All continuous exports associated with your user\n can be listed if you call DescribeContinuousExports as is without passing\n any parameters.
Retrieves a list of configuration items that have tags as specified by the key-value\n pairs, name and value, passed to the optional parameter filters.
There are three valid tag filter names:
\ntagKey
\ntagValue
\nconfigurationId
\nAlso, all configuration items associated with your user account that have tags can be\n listed if you call DescribeTags as is without passing any parameters.
Retrieves a list of configuration items that have tags as specified by the key-value\n pairs, name and value, passed to the optional parameter filters.
There are three valid tag filter names:
\ntagKey
\ntagValue
\nconfigurationId
\nAlso, all configuration items associated with your user that have tags can be\n listed if you call DescribeTags as is without passing any parameters.
\n If set to true, the export \n preferences\n is set to Ec2RecommendationsExportPreferences.\n
\n The recommended EC2 instance type that matches the CPU usage metric of server performance data.\n
" + } + }, + "ramPerformanceMetricBasis": { + "target": "com.amazonaws.applicationdiscoveryservice#UsageMetricBasis", + "traits": { + "smithy.api#documentation": "\n The recommended EC2 instance type that matches the Memory usage metric of server performance data.\n
" + } + }, + "tenancy": { + "target": "com.amazonaws.applicationdiscoveryservice#Tenancy", + "traits": { + "smithy.api#documentation": "\n The target tenancy to use for your recommended EC2 instances.\n
" + } + }, + "excludedInstanceTypes": { + "target": "com.amazonaws.applicationdiscoveryservice#ExcludedInstanceTypes", + "traits": { + "smithy.api#documentation": "\n An array of instance types to exclude from recommendations.\n
" + } + }, + "preferredRegion": { + "target": "com.amazonaws.applicationdiscoveryservice#UserPreferredRegion", + "traits": { + "smithy.api#documentation": "\n The target Amazon Web Services Region for the recommendations. \n You can use any of the Region codes available for the chosen service, \n as listed in Amazon Web Services service endpoints in the Amazon Web Services General Reference.\n
" + } + }, + "reservedInstanceOptions": { + "target": "com.amazonaws.applicationdiscoveryservice#ReservedInstanceOptions", + "traits": { + "smithy.api#documentation": "\n The contract type for a reserved instance. \n If blank, we assume an On-Demand instance is preferred.\n
" + } + } + }, + "traits": { + "smithy.api#documentation": "\n Indicates that the exported data must include EC2 instance type matches for on-premises servers \n that are discovered through Amazon Web Services Application Discovery Service.\n
" + } + }, + "com.amazonaws.applicationdiscoveryservice#ExcludedInstanceTypes": { + "type": "list", + "member": { + "target": "com.amazonaws.applicationdiscoveryservice#EC2InstanceType" + } + }, "com.amazonaws.applicationdiscoveryservice#ExportConfigurations": { "type": "operation", "input": { @@ -2760,12 +2837,6 @@ "traits": { "smithy.api#enumValue": "CSV" } - }, - "GRAPHML": { - "target": "smithy.api#Unit", - "traits": { - "smithy.api#enumValue": "GRAPHML" - } } } }, @@ -2775,6 +2846,12 @@ "target": "com.amazonaws.applicationdiscoveryservice#ExportDataFormat" } }, + "com.amazonaws.applicationdiscoveryservice#ExportEnabled": { + "type": "boolean", + "traits": { + "smithy.api#default": false + } + }, "com.amazonaws.applicationdiscoveryservice#ExportFilter": { "type": "structure", "members": { @@ -2877,6 +2954,20 @@ "smithy.api#documentation": "Information regarding the export status of discovered data. The value is an array of\n objects.
" } }, + "com.amazonaws.applicationdiscoveryservice#ExportPreferences": { + "type": "union", + "members": { + "ec2RecommendationsPreferences": { + "target": "com.amazonaws.applicationdiscoveryservice#Ec2RecommendationsExportPreferences", + "traits": { + "smithy.api#documentation": "\n If enabled, exported data includes EC2 instance type matches for on-premises servers \n discovered through Amazon Web Services Application Discovery Service.\n
" + } + } + }, + "traits": { + "smithy.api#documentation": "\n Indicates the type of data that is being exported. Only one \n ExportPreferences can be enabled for a \n StartExportTask action. \n
\n Details about Migration Evaluator collectors, including collector status and health.\n
" + "smithy.api#documentation": "Details about Migration Evaluator collectors, including collector status and health.
" } }, "agentlessCollectorSummary": { - "target": "com.amazonaws.applicationdiscoveryservice#CustomerAgentlessCollectorInfo" + "target": "com.amazonaws.applicationdiscoveryservice#CustomerAgentlessCollectorInfo", + "traits": { + "smithy.api#documentation": "Details about Agentless Collector collectors, including status.
" + } } }, "traits": { @@ -3077,7 +3171,7 @@ } }, "traits": { - "smithy.api#documentation": "The home region is not set. Set the home region to continue.
", + "smithy.api#documentation": "The home Region is not set. Set the home Region to continue.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -3625,6 +3719,23 @@ "com.amazonaws.applicationdiscoveryservice#NextToken": { "type": "string" }, + "com.amazonaws.applicationdiscoveryservice#OfferingClass": { + "type": "enum", + "members": { + "STANDARD": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "STANDARD" + } + }, + "CONVERTIBLE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "CONVERTIBLE" + } + } + } + }, "com.amazonaws.applicationdiscoveryservice#OperationNotPermittedException": { "type": "structure", "members": { @@ -3675,6 +3786,58 @@ "target": "com.amazonaws.applicationdiscoveryservice#OrderByElement" } }, + "com.amazonaws.applicationdiscoveryservice#PurchasingOption": { + "type": "enum", + "members": { + "ALL_UPFRONT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ALL_UPFRONT" + } + }, + "PARTIAL_UPFRONT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "PARTIAL_UPFRONT" + } + }, + "NO_UPFRONT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NO_UPFRONT" + } + } + } + }, + "com.amazonaws.applicationdiscoveryservice#ReservedInstanceOptions": { + "type": "structure", + "members": { + "purchasingOption": { + "target": "com.amazonaws.applicationdiscoveryservice#PurchasingOption", + "traits": { + "smithy.api#documentation": "\n The payment plan to use for your Reserved Instance.\n
", + "smithy.api#required": {} + } + }, + "offeringClass": { + "target": "com.amazonaws.applicationdiscoveryservice#OfferingClass", + "traits": { + "smithy.api#documentation": "\n The flexibility to change the instance types needed for your Reserved Instance.\n
", + "smithy.api#required": {} + } + }, + "termLength": { + "target": "com.amazonaws.applicationdiscoveryservice#TermLength", + "traits": { + "smithy.api#documentation": "\n The preferred duration of the Reserved Instance term.\n
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "\n Used to provide Reserved Instance preferences for the recommendation.\n
" + } + }, "com.amazonaws.applicationdiscoveryservice#ResourceInUseException": { "type": "structure", "members": { @@ -3838,7 +4001,7 @@ } ], "traits": { - "smithy.api#documentation": "Instructs the specified agents or connectors to start collecting data.
" + "smithy.api#documentation": "Instructs the specified agents to start collecting data.
" } }, "com.amazonaws.applicationdiscoveryservice#StartDataCollectionByAgentIdsRequest": { @@ -3847,7 +4010,7 @@ "agentIds": { "target": "com.amazonaws.applicationdiscoveryservice#AgentIds", "traits": { - "smithy.api#documentation": "The IDs of the agents or connectors from which to start collecting data. If you send a\n request to an agent/connector ID that you do not have permission to contact, according to your\n Amazon Web Services account, the service does not throw an exception. Instead, it returns the error in the\n Description field. If you send a request to multiple agents/connectors\n and you do not have permission to contact some of those agents/connectors, the system does not\n throw an exception. Instead, the system shows Failed in the\n Description field.
The IDs of the agents from which to start collecting data. If you send a request to an\n agent ID that you do not have permission to contact, according to your Amazon Web Services account, the\n service does not throw an exception. Instead, it returns the error in the\n Description field. If you send a request to multiple agents and you do\n not have permission to contact some of those agents, the system does not throw an exception.\n Instead, the system shows Failed in the Description\n field.
Information about agents or the connector that were instructed to start collecting\n data. Information includes the agent/connector ID, a description of the operation performed,\n and whether the agent/connector configuration was updated.
" + "smithy.api#documentation": "Information about agents that were instructed to start collecting data. Information\n includes the agent ID, a description of the operation performed, and whether the agent\n configuration was updated.
" } } }, @@ -3899,7 +4062,7 @@ } ], "traits": { - "smithy.api#documentation": "Begins the export of discovered data to an S3 bucket.
\n If you specify agentIds in a filter, the task exports up to 72 hours of\n detailed data collected by the identified Application Discovery Agent, including network,\n process, and performance details. A time range for exported agent data may be set by using\n startTime and endTime. Export of detailed agent data is limited to\n five concurrently running exports.
If you do not include an agentIds filter, summary data is exported that\n includes both Amazon Web Services Agentless Discovery Connector data and summary data from Amazon Web Services Discovery\n Agents. Export of summary data is limited to two exports per day.
Begins the export of a discovered data report to an Amazon S3 bucket managed by Amazon Web Services.
\nExports might provide an estimate of fees and savings based on certain information \n that you provide. Fee estimates do not include any taxes that might apply. \n Your actual fees and savings depend on a variety of factors, including your actual usage of Amazon Web Services \n services, which might vary from the estimates provided in this report.
\nIf you do not specify preferences or agentIds in the filter, a\n summary of all servers, applications, tags, and performance is generated. This data is an\n aggregation of all server data collected through on-premises tooling, file import, application\n grouping and applying tags.
If you specify agentIds in a filter, the task exports up to 72 hours of\n detailed data collected by the identified Application Discovery Agent, including network,\n process, and performance details. A time range for exported agent data may be set by using\n startTime and endTime. Export of detailed agent data is limited to\n five concurrently running exports. \n Export of detailed agent data is limited to two exports per day.
If you enable ec2RecommendationsPreferences in preferences \n , an\n Amazon EC2 instance matching the characteristics of each server in Application Discovery Service is generated. \n Changing the attributes of the ec2RecommendationsPreferences changes the\n criteria of the recommendation.
If a filter is present, it selects the single agentId of the Application\n Discovery Agent for which data is exported. The agentId can be found in the\n results of the DescribeAgents API or CLI. If no filter is present,\n startTime and endTime are ignored and exported data includes both\n Agentless Discovery Connector data and summary data from Application Discovery agents.\n
If a filter is present, it selects the single agentId of the Application\n Discovery Agent for which data is exported. The agentId can be found in the\n results of the DescribeAgents API or CLI. If no filter is present,\n startTime and endTime are ignored and exported data includes both\n Amazon Web Services Application Discovery Service Agentless Collector collectors data and summary data from Application Discovery\n Agent agents.
The end timestamp for exported data from the single Application Discovery Agent\n selected in the filters. If no value is specified, exported data includes the most recent data\n collected by the agent.
" } + }, + "preferences": { + "target": "com.amazonaws.applicationdiscoveryservice#ExportPreferences", + "traits": { + "smithy.api#documentation": "\n Indicates the type of data that needs to be exported. Only one \n ExportPreferences can be enabled at any time.\n
" + } } }, "traits": { @@ -3977,7 +4146,7 @@ } ], "traits": { - "smithy.api#documentation": "Starts an import task, which allows you to import details of your on-premises environment\n directly into Amazon Web Services Migration Hub without having to use the Application Discovery Service (ADS)\n tools such as the Discovery Connector or Discovery Agent. This gives you the option to perform\n migration assessment and planning directly from your imported data, including the ability to\n group your devices as applications and track their migration status.
\nTo start an import request, do this:
\nDownload the specially formatted comma separated value (CSV) import template, which\n you can find here: https://s3.us-west-2.amazonaws.com/templates-7cffcf56-bd96-4b1c-b45b-a5b42f282e46/import_template.csv.
\nFill out the template with your server and application data.
\nUpload your import file to an Amazon S3 bucket, and make a note of it's Object URL.\n Your import file must be in the CSV format.
\nUse the console or the StartImportTask command with the Amazon Web Services CLI or one of\n the Amazon Web Services SDKs to import the records from your file.
For more information, including step-by-step procedures, see Migration Hub\n Import in the Amazon Web Services Application Discovery Service User\n Guide.
\nThere are limits to the number of import tasks you can create (and delete) in an Amazon Web Services\n account. For more information, see Amazon Web Services Application\n Discovery Service Limits in the Amazon Web Services Application Discovery Service User\n Guide.
\nStarts an import task, which allows you to import details of your on-premises environment\n directly into Amazon Web Services Migration Hub without having to use the Amazon Web Services Application Discovery\n Service (Application Discovery Service) tools such as the Amazon Web Services Application Discovery Service Agentless Collector\n or Application Discovery Agent. This gives you the option to\n perform migration assessment and planning directly from your imported data, including the\n ability to group your devices as applications and track their migration status.
\nTo start an import request, do this:
\nDownload the specially formatted comma separated value (CSV) import template, which\n you can find here: https://s3.us-west-2.amazonaws.com/templates-7cffcf56-bd96-4b1c-b45b-a5b42f282e46/import_template.csv.
\nFill out the template with your server and application data.
\nUpload your import file to an Amazon S3 bucket, and make a note of it's Object URL.\n Your import file must be in the CSV format.
\nUse the console or the StartImportTask command with the Amazon Web Services CLI or one\n of the Amazon Web Services SDKs to import the records from your file.
For more information, including step-by-step procedures, see Migration Hub\n Import in the Amazon Web Services Application Discovery Service User\n Guide.
\nThere are limits to the number of import tasks you can create (and delete) in an Amazon Web Services\n account. For more information, see Amazon Web Services Application\n Discovery Service Limits in the Amazon Web Services Application Discovery Service User\n Guide.
\nInstructs the specified agents or connectors to stop collecting data.
" + "smithy.api#documentation": "Instructs the specified agents to stop collecting data.
" } }, "com.amazonaws.applicationdiscoveryservice#StopDataCollectionByAgentIdsRequest": { @@ -4131,7 +4300,7 @@ "agentIds": { "target": "com.amazonaws.applicationdiscoveryservice#AgentIds", "traits": { - "smithy.api#documentation": "The IDs of the agents or connectors from which to stop collecting data.
", + "smithy.api#documentation": "The IDs of the agents from which to stop collecting data.
", "smithy.api#required": {} } } @@ -4146,7 +4315,7 @@ "agentsConfigurationStatus": { "target": "com.amazonaws.applicationdiscoveryservice#AgentConfigurationStatusList", "traits": { - "smithy.api#documentation": "Information about the agents or connector that were instructed to stop collecting data.\n Information includes the agent/connector ID, a description of the operation performed, and\n whether the agent/connector configuration was updated.
" + "smithy.api#documentation": "Information about the agents that were instructed to stop collecting data. Information\n includes the agent ID, a description of the operation performed, and whether the agent\n configuration was updated.
" } } }, @@ -4239,6 +4408,40 @@ "com.amazonaws.applicationdiscoveryservice#TagValue": { "type": "string" }, + "com.amazonaws.applicationdiscoveryservice#Tenancy": { + "type": "enum", + "members": { + "DEDICATED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DEDICATED" + } + }, + "SHARED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SHARED" + } + } + } + }, + "com.amazonaws.applicationdiscoveryservice#TermLength": { + "type": "enum", + "members": { + "ONE_YEAR": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ONE_YEAR" + } + }, + "THREE_YEAR": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "THREE_YEAR" + } + } + } + }, "com.amazonaws.applicationdiscoveryservice#TimeStamp": { "type": "timestamp" }, @@ -4317,6 +4520,51 @@ "smithy.api#output": {} } }, + "com.amazonaws.applicationdiscoveryservice#UsageMetricBasis": { + "type": "structure", + "members": { + "name": { + "target": "com.amazonaws.applicationdiscoveryservice#UsageMetricBasisName", + "traits": { + "smithy.api#documentation": "\n A utilization metric that is used by the recommendations.\n
" + } + }, + "percentageAdjust": { + "target": "com.amazonaws.applicationdiscoveryservice#UsageMetricPercentageAdjust", + "traits": { + "smithy.api#documentation": "\n Specifies the percentage of the specified utilization metric that is used by the recommendations.\n
" + } + } + }, + "traits": { + "smithy.api#documentation": "\n Specifies the performance metrics to use for the server that is used for recommendations.\n
" + } + }, + "com.amazonaws.applicationdiscoveryservice#UsageMetricBasisName": { + "type": "string", + "traits": { + "smithy.api#pattern": "^(p(\\d{1,2}|100)|AVG|SPEC|MAX)$" + } + }, + "com.amazonaws.applicationdiscoveryservice#UsageMetricPercentageAdjust": { + "type": "double", + "traits": { + "smithy.api#range": { + "min": 0.0, + "max": 100.0 + } + } + }, + "com.amazonaws.applicationdiscoveryservice#UserPreferredRegion": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 30 + }, + "smithy.api#pattern": "^[a-z]{2}-[a-z\\-]+-[0-9]+$" + } + }, "com.amazonaws.applicationdiscoveryservice#orderString": { "type": "enum", "members": { diff --git a/codegen/sdk/aws-models/auditmanager.json b/codegen/sdk/aws-models/auditmanager.json index f29c0f576dd..8a355823644 100644 --- a/codegen/sdk/aws-models/auditmanager.json +++ b/codegen/sdk/aws-models/auditmanager.json @@ -1121,7 +1121,7 @@ "destination": { "target": "com.amazonaws.auditmanager#S3Url", "traits": { - "smithy.api#documentation": "The destination of the assessment report.
" + "smithy.api#documentation": "The destination bucket where Audit Manager stores assessment reports.
" } } }, @@ -1609,12 +1609,15 @@ { "target": "com.amazonaws.auditmanager#ResourceNotFoundException" }, + { + "target": "com.amazonaws.auditmanager#ThrottlingException" + }, { "target": "com.amazonaws.auditmanager#ValidationException" } ], "traits": { - "smithy.api#documentation": "Uploads one or more pieces of evidence to a control in an Audit Manager assessment.\n You can upload manual evidence from any Amazon Simple Storage Service (Amazon S3) bucket by\n specifying the S3 URI of the evidence.
\nYou must upload manual evidence to your S3 bucket before you can upload it to your\n assessment. For instructions, see CreateBucket and PutObject in\n the Amazon Simple Storage Service API Reference.\n
\nThe following restrictions apply to this action:
\nMaximum size of an individual evidence file: 100 MB
\nNumber of daily manual evidence uploads per control: 100
\nSupported file formats: See Supported file types for manual evidence in the Audit Manager User Guide\n
\nFor more information about Audit Manager service restrictions, see Quotas and\n restrictions for Audit Manager.
", + "smithy.api#documentation": "Adds one or more pieces of evidence to a control in an Audit Manager assessment.
\nYou can import manual evidence from any S3 bucket by specifying the S3 URI of the\n object. You can also upload a file from your browser, or enter plain text in response to a\n risk assessment question.
\nThe following restrictions apply to this action:
\n\n manualEvidence can be only one of the following:\n evidenceFileName, s3ResourcePath, or\n textResponse\n
Maximum size of an individual evidence file: 100 MB
\nNumber of daily manual evidence uploads per control: 100
\nSupported file formats: See Supported file types for manual evidence in the Audit Manager User Guide\n
\nFor more information about Audit Manager service restrictions, see Quotas and\n restrictions for Audit Manager.
", "smithy.api#http": { "method": "POST", "uri": "/assessments/{assessmentId}/controlSets/{controlSetId}/controls/{controlId}/evidence", @@ -1792,6 +1795,9 @@ { "target": "com.amazonaws.auditmanager#GetEvidenceByEvidenceFolder" }, + { + "target": "com.amazonaws.auditmanager#GetEvidenceFileUploadUrl" + }, { "target": "com.amazonaws.auditmanager#GetEvidenceFolder" }, @@ -2803,7 +2809,7 @@ "type": { "target": "com.amazonaws.auditmanager#ControlType", "traits": { - "smithy.api#documentation": "The type of control, such as a custom control or a standard control.
" + "smithy.api#documentation": "Specifies whether the control is a standard control or a custom control.
" } }, "name": { @@ -3106,7 +3112,7 @@ "sourceFrequency": { "target": "com.amazonaws.auditmanager#SourceFrequency", "traits": { - "smithy.api#documentation": "The frequency of evidence collection for the control mapping source.
" + "smithy.api#documentation": "Specifies how often evidence is collected from the control mapping source.
" } }, "troubleshootingText": { @@ -3765,7 +3771,7 @@ "sourceFrequency": { "target": "com.amazonaws.auditmanager#SourceFrequency", "traits": { - "smithy.api#documentation": "The frequency of evidence collection for the control mapping source.
" + "smithy.api#documentation": "Specifies how often evidence is collected from the control mapping source.
" } }, "troubleshootingText": { @@ -3910,6 +3916,26 @@ "smithy.api#pattern": "^[a-zA-Z0-9\\s-_()\\[\\]]+$" } }, + "com.amazonaws.auditmanager#DefaultExportDestination": { + "type": "structure", + "members": { + "destinationType": { + "target": "com.amazonaws.auditmanager#ExportDestinationType", + "traits": { + "smithy.api#documentation": "The destination type, such as Amazon S3.
" + } + }, + "destination": { + "target": "com.amazonaws.auditmanager#S3Url", + "traits": { + "smithy.api#documentation": "The destination bucket where Audit Manager stores exported files.
" + } + } + }, + "traits": { + "smithy.api#documentation": "The default s3 bucket where Audit Manager saves the files that you export from evidence finder.
" + } + }, "com.amazonaws.auditmanager#Delegation": { "type": "structure", "members": { @@ -4346,7 +4372,7 @@ } ], "traits": { - "smithy.api#documentation": "Deletes a custom control in Audit Manager.
", + "smithy.api#documentation": "Deletes a custom control in Audit Manager.
\nWhen you invoke this operation, the custom control is deleted from any frameworks or\n assessments that it’s currently part of. As a result, Audit Manager will stop\n collecting evidence for that custom control in all of your assessments. This includes\n assessments that you previously created before you deleted the custom control.
\nThe framework type, such as a custom framework or a standard framework.
" + "smithy.api#documentation": "Specifies whether the framework is a standard framework or a custom framework.
" } }, "complianceType": { "target": "com.amazonaws.auditmanager#ComplianceType", "traits": { - "smithy.api#documentation": "The compliance type that the new custom framework supports, such as CIS or HIPAA.\n
" + "smithy.api#documentation": "The compliance type that the framework supports, such as CIS or HIPAA.
" } }, "description": { @@ -4932,7 +4969,7 @@ "controlSources": { "target": "com.amazonaws.auditmanager#ControlSources", "traits": { - "smithy.api#documentation": "The sources that Audit Manager collects evidence from for the control.
" + "smithy.api#documentation": "The control data sources where Audit Manager collects evidence from.
" } }, "controlSets": { @@ -5075,7 +5112,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns the registration status of an account in Audit Manager.
", + "smithy.api#documentation": "Gets the registration status of an account in Audit Manager.
", "smithy.api#http": { "method": "GET", "uri": "/account/status", @@ -5127,7 +5164,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns an assessment from Audit Manager.
", + "smithy.api#documentation": "Gets information about a specified assessment.
", "smithy.api#http": { "method": "GET", "uri": "/assessments/{assessmentId}", @@ -5158,7 +5195,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns a framework from Audit Manager.
", + "smithy.api#documentation": "Gets information about a specified framework.
", "smithy.api#http": { "method": "GET", "uri": "/assessmentFrameworks/{frameworkId}", @@ -5219,7 +5256,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns the URL of an assessment report in Audit Manager.
", + "smithy.api#documentation": "Gets the URL of an assessment report in Audit Manager.
", "smithy.api#http": { "method": "GET", "uri": "/assessments/{assessmentId}/reports/{assessmentReportId}/url", @@ -5315,7 +5352,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns a list of changelogs from Audit Manager.
", + "smithy.api#documentation": "Gets a list of changelogs from Audit Manager.
", "smithy.api#http": { "method": "GET", "uri": "/assessments/{assessmentId}/changelogs", @@ -5415,7 +5452,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns a control from Audit Manager.
", + "smithy.api#documentation": "Gets information about a specified control.
", "smithy.api#http": { "method": "GET", "uri": "/controls/{controlId}", @@ -5445,7 +5482,7 @@ "control": { "target": "com.amazonaws.auditmanager#Control", "traits": { - "smithy.api#documentation": " The name of the control that the GetControl API returned.
The details of the control that the GetControl API returned.
Returns a list of delegations from an audit owner to a delegate.
", + "smithy.api#documentation": "Gets a list of delegations from an audit owner to a delegate.
", "smithy.api#http": { "method": "GET", "uri": "/delegations", @@ -5551,7 +5588,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns evidence from Audit Manager.
", + "smithy.api#documentation": "Gets information about a specified evidence item.
", "smithy.api#http": { "method": "GET", "uri": "/assessments/{assessmentId}/controlSets/{controlSetId}/evidenceFolders/{evidenceFolderId}/evidence/{evidenceId}", @@ -5582,7 +5619,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns all evidence from a specified evidence folder in Audit Manager.
", + "smithy.api#documentation": "Gets all evidence from a specified evidence folder in Audit Manager.
", "smithy.api#http": { "method": "GET", "uri": "/assessments/{assessmentId}/controlSets/{controlSetId}/evidenceFolders/{evidenceFolderId}/evidence", @@ -5661,6 +5698,73 @@ "smithy.api#output": {} } }, + "com.amazonaws.auditmanager#GetEvidenceFileUploadUrl": { + "type": "operation", + "input": { + "target": "com.amazonaws.auditmanager#GetEvidenceFileUploadUrlRequest" + }, + "output": { + "target": "com.amazonaws.auditmanager#GetEvidenceFileUploadUrlResponse" + }, + "errors": [ + { + "target": "com.amazonaws.auditmanager#AccessDeniedException" + }, + { + "target": "com.amazonaws.auditmanager#InternalServerException" + }, + { + "target": "com.amazonaws.auditmanager#ThrottlingException" + }, + { + "target": "com.amazonaws.auditmanager#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Creates a presigned Amazon S3 URL that can be used to upload a file as manual\n evidence. For instructions on how to use this operation, see Upload a file from your browser in the Audit Manager User\n Guide.
\nThe following restrictions apply to this operation:
\nMaximum size of an individual evidence file: 100 MB
\nNumber of daily manual evidence uploads per control: 100
\nSupported file formats: See Supported file types for manual evidence in the Audit Manager User Guide\n
\nFor more information about Audit Manager service restrictions, see Quotas and\n restrictions for Audit Manager.
", + "smithy.api#http": { + "method": "GET", + "uri": "/evidenceFileUploadUrl", + "code": 200 + } + } + }, + "com.amazonaws.auditmanager#GetEvidenceFileUploadUrlRequest": { + "type": "structure", + "members": { + "fileName": { + "target": "com.amazonaws.auditmanager#ManualEvidenceLocalFileName", + "traits": { + "smithy.api#documentation": "The file that you want to upload. For a list of supported file formats, see Supported file types for manual evidence in the Audit Manager\n User Guide.
", + "smithy.api#httpQuery": "fileName", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.auditmanager#GetEvidenceFileUploadUrlResponse": { + "type": "structure", + "members": { + "evidenceFileName": { + "target": "com.amazonaws.auditmanager#NonEmptyString", + "traits": { + "smithy.api#documentation": "The name of the uploaded manual evidence file that the presigned URL was generated\n for.
" + } + }, + "uploadUrl": { + "target": "com.amazonaws.auditmanager#NonEmptyString", + "traits": { + "smithy.api#documentation": "The presigned URL that was generated.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.auditmanager#GetEvidenceFolder": { "type": "operation", "input": { @@ -5684,7 +5788,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns an evidence folder from the specified assessment in Audit Manager.\n
", + "smithy.api#documentation": "Gets an evidence folder from a specified assessment in Audit Manager.
", "smithy.api#http": { "method": "GET", "uri": "/assessments/{assessmentId}/controlSets/{controlSetId}/evidenceFolders/{evidenceFolderId}", @@ -5761,7 +5865,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns the evidence folders from a specified assessment in Audit Manager.\n
", + "smithy.api#documentation": "Gets the evidence folders from a specified assessment in Audit Manager.
", "smithy.api#http": { "method": "GET", "uri": "/assessments/{assessmentId}/evidenceFolders", @@ -5797,7 +5901,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns a list of evidence folders that are associated with a specified control in an\n Audit Manager assessment.
", + "smithy.api#documentation": "Gets a list of evidence folders that are associated with a specified control in an\n Audit Manager assessment.
", "smithy.api#http": { "method": "GET", "uri": "/assessments/{assessmentId}/evidenceFolders-by-assessment-control/{controlSetId}/{controlId}", @@ -6110,7 +6214,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns the name of the delegated Amazon Web Services administrator account for the\n organization.
", + "smithy.api#documentation": "Gets the name of the delegated Amazon Web Services administrator account for a specified\n organization.
", "smithy.api#http": { "method": "GET", "uri": "/account/organizationAdminAccount", @@ -6165,7 +6269,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns a list of all of the Amazon Web Services that you can choose to include\n in your assessment. When you create an assessment, specify which of these services you want to include to\n narrow the assessment's scope.
", + "smithy.api#documentation": "Gets a list of all of the Amazon Web Services that you can choose to include in\n your assessment. When you create an assessment, specify which of these services you want to include to\n narrow the assessment's scope.
", "smithy.api#http": { "method": "GET", "uri": "/services", @@ -6211,7 +6315,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns the settings for the specified Amazon Web Services account.
", + "smithy.api#documentation": "Gets the settings for a specified Amazon Web Services account.
", "smithy.api#http": { "method": "GET", "uri": "/settings/{attribute}", @@ -6393,6 +6497,18 @@ "traits": { "smithy.api#enumValue": "SELECT_FROM_LIST" } + }, + "UPLOAD_FILE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "UPLOAD_FILE" + } + }, + "INPUT_TEXT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INPUT_TEXT" + } } } }, @@ -6678,7 +6794,7 @@ "frameworkMetadataList": { "target": "com.amazonaws.auditmanager#FrameworkMetadataList", "traits": { - "smithy.api#documentation": "The list of metadata objects for the framework.
" + "smithy.api#documentation": " A list of metadata that the ListAssessmentFrameworks API returns for each\n framework.
The metadata that's associated with the assessment.
" + "smithy.api#documentation": "The metadata that the ListAssessments API returns for each\n assessment.
The list of control metadata objects that the ListControls API returned.\n
A list of metadata that the ListControls API returns for each\n control.
The Amazon S3 URL that points to a manual evidence object.
" + "smithy.api#documentation": "The S3 URL of the object that's imported as manual evidence.
" + } + }, + "textResponse": { + "target": "com.amazonaws.auditmanager#ManualEvidenceTextResponse", + "traits": { + "smithy.api#documentation": "The plain text response that's entered and saved as manual evidence.
" + } + }, + "evidenceFileName": { + "target": "com.amazonaws.auditmanager#ManualEvidenceLocalFileName", + "traits": { + "smithy.api#documentation": "The name of the file that's uploaded as manual evidence. This name is populated using\n the evidenceFileName value from the \n GetEvidenceFileUploadUrl\n API response.
Evidence that's uploaded to Audit Manager manually.
" + "smithy.api#documentation": " Evidence that's manually added to a control in Audit Manager.\n manualEvidence can be one of the following: evidenceFileName,\n s3ResourcePath, or textResponse.
The default storage destination for assessment reports.
" + "smithy.api#documentation": "The default S3 destination bucket for storing assessment reports.
" } }, "defaultProcessOwners": { @@ -7992,6 +8146,12 @@ "traits": { "smithy.api#documentation": "The deregistration policy for your Audit Manager data. You can\n use this attribute to determine how your data is handled when you deregister Audit Manager.
" } + }, + "defaultExportDestination": { + "target": "com.amazonaws.auditmanager#DefaultExportDestination", + "traits": { + "smithy.api#documentation": "The default S3 destination bucket for storing evidence finder exports.
" + } } }, "traits": { @@ -8150,18 +8310,18 @@ "keywordInputType": { "target": "com.amazonaws.auditmanager#KeywordInputType", "traits": { - "smithy.api#documentation": "The input method for the keyword.
" + "smithy.api#documentation": "The input method for the keyword.
\n\n SELECT_FROM_LIST is used when mapping a data source for automated\n evidence.
When keywordInputType is SELECT_FROM_LIST, a\n keyword must be selected to collect automated evidence. For example, this\n keyword can be a CloudTrail event name, a rule name for Config, a Security Hub control, or the name of an Amazon Web Services API call.
\n UPLOAD_FILE and INPUT_TEXT are only used when mapping a\n data source for manual evidence.
When keywordInputType is UPLOAD_FILE, a file must\n be uploaded as manual evidence.
When keywordInputType is INPUT_TEXT, text must be\n entered as manual evidence.
The value of the keyword that's used when mapping a control data source. For example,\n this can be a CloudTrail event name, a rule name for Config, a\n Security Hub control, or the name of an Amazon Web Services API call.
\nIf you’re mapping a data source to a rule in Config, the\n keywordValue that you specify depends on the type of rule:
For managed rules, you can use the rule identifier as the\n keywordValue. You can find the rule identifier from the list of Config managed rules.
Managed rule name: s3-bucket-acl-prohibited\n
\n\n keywordValue: S3_BUCKET_ACL_PROHIBITED\n
For custom rules, you form the keywordValue\n by adding the Custom_ prefix to the rule name. This prefix distinguishes\n the rule from a managed rule.
Custom rule name: my-custom-config-rule
\n\n keywordValue: Custom_my-custom-config-rule\n
For service-linked rules, you form the\n keywordValue by adding the Custom_ prefix to the rule\n name. In addition, you remove the suffix ID that appears at the end of the rule\n name.
Service-linked rule name:\n CustomRuleForAccount-conformance-pack-szsm1uv0w
\n\n keywordValue:\n Custom_CustomRuleForAccount-conformance-pack\n
Service-linked rule name:\n OrgConfigRule-s3-bucket-versioning-enabled-dbgzf8ba
\n\n keywordValue:\n Custom_OrgConfigRule-s3-bucket-versioning-enabled\n
The value of the keyword that's used when mapping a control data source. For example,\n this can be a CloudTrail event name, a rule name for Config, a\n Security Hub control, or the name of an Amazon Web Services API call.
\nIf you’re mapping a data source to a rule in Config, the\n keywordValue that you specify depends on the type of rule:
For managed rules, you can use the rule identifier as the\n keywordValue. You can find the rule identifier from the list of Config managed rules. For some\n rules, the rule identifier is different from the rule name. For example, the rule\n name restricted-ssh has the following rule identifier:\n INCOMING_SSH_DISABLED. Make sure to use the rule identifier, not the\n rule name.
Keyword example for managed rules:
\nManaged rule name: s3-bucket-acl-prohibited\n
\n\n keywordValue: S3_BUCKET_ACL_PROHIBITED\n
For custom rules, you form the keywordValue\n by adding the Custom_ prefix to the rule name. This prefix distinguishes\n the custom rule from a managed rule.
Keyword example for custom rules:
\nCustom rule name: my-custom-config-rule
\n\n keywordValue: Custom_my-custom-config-rule\n
For service-linked rules, you form the\n keywordValue by adding the Custom_ prefix to the rule\n name. In addition, you remove the suffix ID that appears at the end of the rule name.
Keyword examples for service-linked rules:
\nService-linked rule name:\n CustomRuleForAccount-conformance-pack-szsm1uv0w
\n\n keywordValue:\n Custom_CustomRuleForAccount-conformance-pack\n
Service-linked rule name:\n OrgConfigRule-s3-bucket-versioning-enabled-dbgzf8ba
\n\n keywordValue:\n Custom_OrgConfigRule-s3-bucket-versioning-enabled\n
The keywordValue is case sensitive. If you enter a value incorrectly, Audit Manager might not recognize the data source mapping. As a result, you might not\n successfully collect evidence from that data source as intended.
Keep in mind the following requirements, depending on the data source type that\n you're using.
\nFor Config:
\nFor managed rules, make sure that the keywordValue is the rule identifier in\n ALL_CAPS_WITH_UNDERSCORES. For example,\n CLOUDWATCH_LOG_GROUP_ENCRYPTED. For accuracy, we recommend\n that you reference the list of supported Config managed rules.
For custom rules, make sure that the keywordValue has the Custom_\n prefix followed by the custom rule name. The format of the custom rule name\n itself may vary. For accuracy, we recommend that you visit the Config console to\n verify your custom rule name.
For Security Hub: The format varies for Security Hub control names.\n For accuracy, we recommend that you reference the list of supported\n Security Hub controls.
\nFor Amazon Web Services API calls: Make sure that the keywordValue\n is written as serviceprefix_ActionName. For example,\n iam_ListGroups. For accuracy, we recommend that you reference the\n list of supported\n API calls.
For CloudTrail: Make sure that the keywordValue is written\n as serviceprefix_ActionName. For example,\n cloudtrail_StartLogging. For accuracy, we recommend that you\n review the Amazon Web Service prefix and action names in the Service Authorization Reference.
The keyword to search for in CloudTrail logs, Config rules,\n Security Hub checks, and Amazon Web Services API names.
\nTo learn more about the supported keywords that you can use when mapping a control data\n source, see the following pages in the Audit Manager User\n Guide:
\nA keyword that relates to the control data source.
\nFor manual evidence, this keyword indicates if the manual evidence is a file or\n text.
\nFor automated evidence, this keyword identifies a specific CloudTrail event,\n Config rule, Security Hub control, or Amazon Web Services API name.
\nTo learn more about the supported keywords that you can use when mapping a control data\n source, see the following pages in the Audit Manager User\n Guide:
\nThe default storage destination for assessment reports.
" + "smithy.api#documentation": "The default S3 destination bucket for storing assessment reports.
" } }, "defaultProcessOwners": { @@ -9273,6 +9433,12 @@ "traits": { "smithy.api#documentation": "The deregistration policy for your Audit Manager data. You can\n use this attribute to determine how your data is handled when you deregister Audit Manager.
" } + }, + "defaultExportDestination": { + "target": "com.amazonaws.auditmanager#DefaultExportDestination", + "traits": { + "smithy.api#documentation": "The default S3 destination bucket for storing evidence finder exports.
" + } } }, "traits": { diff --git a/codegen/sdk/aws-models/cloudtrail.json b/codegen/sdk/aws-models/cloudtrail.json index afbd9702a81..a2cd6425b2a 100644 --- a/codegen/sdk/aws-models/cloudtrail.json +++ b/codegen/sdk/aws-models/cloudtrail.json @@ -246,7 +246,7 @@ "Field": { "target": "com.amazonaws.cloudtrail#SelectorField", "traits": { - "smithy.api#documentation": "A field in a CloudTrail event record on which to filter events to be logged. For\n event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services events, the field is used only for\n selecting events as filtering is not supported.
\n For CloudTrail event records, supported fields include readOnly,\n eventCategory, eventSource (for management events),\n eventName, resources.type, and resources.ARN.
For event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services events, the only supported field is\n eventCategory.
\n \n readOnly\n - Optional. Can be set to\n Equals a value of true or false. If you do\n not add this field, CloudTrail logs both read and\n write events. A value of true logs only\n read events. A value of false logs only\n write events.
\n \n eventSource\n - For filtering\n management events only. This can be set only to NotEquals\n kms.amazonaws.com.
\n \n eventName\n - Can use any operator.\n You can use it to filter in or filter out any data event logged to CloudTrail,\n such as PutBucket or GetSnapshotBlock. You can have\n multiple values for this field, separated by commas.
\n \n eventCategory\n - This is required and\n must be set to Equals. \n
\n For CloudTrail event records, the value\n must be Management or Data. \n
\n For Config\n configuration items, the value must be ConfigurationItem.\n
\n For Audit Manager evidence, the value must be Evidence.\n
\n For non-Amazon Web Services events, the value must be ActivityAuditLog.\n
\n \n resources.type\n - This field is\n required for CloudTrail data events. resources.type can only\n use the Equals operator, and the value can be one of the\n following:
\n AWS::DynamoDB::Table\n
\n AWS::Lambda::Function\n
\n AWS::S3::Object\n
\n AWS::CloudTrail::Channel\n
\n AWS::Cognito::IdentityPool\n
\n AWS::DynamoDB::Stream\n
\n AWS::EC2::Snapshot\n
\n AWS::FinSpace::Environment\n
\n AWS::Glue::Table\n
\n AWS::GuardDuty::Detector\n
\n AWS::KendraRanking::ExecutionPlan\n
\n AWS::ManagedBlockchain::Node\n
\n AWS::SageMaker::ExperimentTrialComponent\n
\n AWS::SageMaker::FeatureGroup\n
\n AWS::S3::AccessPoint\n
\n AWS::S3ObjectLambda::AccessPoint\n
\n AWS::S3Outposts::Object\n
You can have only one resources.type field per selector. To log data\n events on more than one resource type, add another selector.
\n \n resources.ARN\n - You can use any\n operator with resources.ARN, but if you use Equals or\n NotEquals, the value must exactly match the ARN of a valid resource\n of the type you've specified in the template as the value of resources.type. For\n example, if resources.type equals AWS::S3::Object, the ARN must be in\n one of the following formats. To log all data events for all objects in a specific S3\n bucket, use the StartsWith operator, and include only the bucket ARN as\n the matching value.
The trailing slash is intentional; do not exclude it. Replace the text between\n less than and greater than symbols (<>) with resource-specific information.
\n\n arn:\n
\n arn:\n
When resources.type equals AWS::DynamoDB::Table, and the operator is\n set to Equals or NotEquals, the ARN must be in the\n following format:
\n arn:\n
When resources.type equals AWS::Lambda::Function, and the operator is\n set to Equals or NotEquals, the ARN must be in the\n following format:
\n arn:\n
When resources.type equals AWS::CloudTrail::Channel, and the operator is\n set to Equals or NotEquals, the ARN must be in the\n following format:
\n arn:\n
When resources.type equals AWS::Cognito::IdentityPool, and the operator is\n set to Equals or NotEquals, the ARN must be in the\n following format:
\n arn:\n
When resources.type equals AWS::DynamoDB::Stream, and\n the operator is set to Equals or NotEquals, the ARN must be\n in the following format:
\n arn:\n
When resources.type equals AWS::EC2::Snapshot, and the\n operator is set to Equals or NotEquals, the ARN must be in\n the following format:
\n arn:\n
When resources.type equals AWS::FinSpace::Environment,\n and the operator is set to Equals or NotEquals, the ARN\n must be in the following format:
\n arn:\n
When resources.type equals AWS::Glue::Table, and the\n operator is set to Equals or NotEquals, the ARN must be in\n the following format:
\n arn:\n
When resources.type equals AWS::GuardDuty::Detector, and the\n operator is set to Equals or NotEquals, the ARN must be in\n the following format:
\n arn:\n
When resources.type equals AWS::KendraRanking::ExecutionPlan, and the\n operator is set to Equals or NotEquals, the ARN must be in\n the following format:
\n arn:\n
When resources.type equals AWS::ManagedBlockchain::Node,\n and the operator is set to Equals or NotEquals, the ARN\n must be in the following format:
\n arn:\n
When resources.type equals AWS::SageMaker::ExperimentTrialComponent, and the operator is set to\n Equals or NotEquals, the ARN must be in the following format:
\n arn:\n
When resources.type equals AWS::SageMaker::FeatureGroup, and the operator is set to\n Equals or NotEquals, the ARN must be in the following format:
\n arn:\n
When resources.type equals AWS::S3::AccessPoint, and the\n operator is set to Equals or NotEquals, the ARN must be in\n one of the following formats. To log events on all objects in an S3 access point, we\n recommend that you use only the access point ARN, don’t include the object path, and\n use the StartsWith or NotStartsWith operators.
\n arn:\n
\n arn:\n
When resources.type equals\n AWS::S3ObjectLambda::AccessPoint, and the operator is set to\n Equals or NotEquals, the ARN must be in the following\n format:
\n arn:\n
When resources.type equals AWS::S3Outposts::Object, and\n the operator is set to Equals or NotEquals, the ARN must be\n in the following format:
\n arn:\n
A field in a CloudTrail event record on which to filter events to be logged. For\n event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services events, the field is used only for\n selecting events as filtering is not supported.
\n For CloudTrail event records, supported fields include readOnly,\n eventCategory, eventSource (for management events),\n eventName, resources.type, and resources.ARN.
For event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services events, the only supported field is\n eventCategory.
\n \n readOnly\n - Optional. Can be set to\n Equals a value of true or false. If you do\n not add this field, CloudTrail logs both read and\n write events. A value of true logs only\n read events. A value of false logs only\n write events.
\n \n eventSource\n - For filtering\n management events only. This can be set only to NotEquals\n kms.amazonaws.com.
\n \n eventName\n - Can use any operator.\n You can use it to filter in or filter out any data event logged to CloudTrail,\n such as PutBucket or GetSnapshotBlock. You can have\n multiple values for this field, separated by commas.
\n \n eventCategory\n - This is required and\n must be set to Equals. \n
\n For CloudTrail event records, the value\n must be Management or Data. \n
\n For Config\n configuration items, the value must be ConfigurationItem.\n
\n For Audit Manager evidence, the value must be Evidence.\n
\n For non-Amazon Web Services events, the value must be ActivityAuditLog.\n
\n \n resources.type\n - This field is\n required for CloudTrail data events. resources.type can only\n use the Equals operator, and the value can be one of the\n following:
\n AWS::DynamoDB::Table\n
\n AWS::Lambda::Function\n
\n AWS::S3::Object\n
\n AWS::CloudTrail::Channel\n
\n AWS::CodeWhisperer::Profile\n
\n AWS::Cognito::IdentityPool\n
\n AWS::DynamoDB::Stream\n
\n AWS::EC2::Snapshot\n
\n AWS::EMRWAL::Workspace\n
\n AWS::FinSpace::Environment\n
\n AWS::Glue::Table\n
\n AWS::GuardDuty::Detector\n
\n AWS::KendraRanking::ExecutionPlan\n
\n AWS::ManagedBlockchain::Node\n
\n AWS::SageMaker::ExperimentTrialComponent\n
\n AWS::SageMaker::FeatureGroup\n
\n AWS::S3::AccessPoint\n
\n AWS::S3ObjectLambda::AccessPoint\n
\n AWS::S3Outposts::Object\n
You can have only one resources.type field per selector. To log data\n events on more than one resource type, add another selector.
\n \n resources.ARN\n - You can use any\n operator with resources.ARN, but if you use Equals or\n NotEquals, the value must exactly match the ARN of a valid resource\n of the type you've specified in the template as the value of resources.type. For\n example, if resources.type equals AWS::S3::Object, the ARN must be in\n one of the following formats. To log all data events for all objects in a specific S3\n bucket, use the StartsWith operator, and include only the bucket ARN as\n the matching value.
The trailing slash is intentional; do not exclude it. Replace the text between\n less than and greater than symbols (<>) with resource-specific information.
\n\n arn:\n
\n arn:\n
When resources.type equals AWS::DynamoDB::Table, and the operator is\n set to Equals or NotEquals, the ARN must be in the\n following format:
\n arn:\n
When resources.type equals AWS::Lambda::Function, and the operator is\n set to Equals or NotEquals, the ARN must be in the\n following format:
\n arn:\n
When resources.type equals AWS::CloudTrail::Channel, and the operator is\n set to Equals or NotEquals, the ARN must be in the\n following format:
\n arn:\n
When resources.type equals AWS::CodeWhisperer::Profile, and the operator is\n set to Equals or NotEquals, the ARN must be in the\n following format:
\n arn:\n
When resources.type equals AWS::Cognito::IdentityPool, and the operator is\n set to Equals or NotEquals, the ARN must be in the\n following format:
\n arn:\n
When resources.type equals AWS::DynamoDB::Stream, and\n the operator is set to Equals or NotEquals, the ARN must be\n in the following format:
\n arn:\n
When resources.type equals AWS::EC2::Snapshot, and the\n operator is set to Equals or NotEquals, the ARN must be in\n the following format:
\n arn:\n
When resources.type equals AWS::EMRWAL::Workspace, and the\n operator is set to Equals or NotEquals, the ARN must be in\n the following format:
\n arn:\n
When resources.type equals AWS::FinSpace::Environment,\n and the operator is set to Equals or NotEquals, the ARN\n must be in the following format:
\n arn:\n
When resources.type equals AWS::Glue::Table, and the\n operator is set to Equals or NotEquals, the ARN must be in\n the following format:
\n arn:\n
When resources.type equals AWS::GuardDuty::Detector, and the\n operator is set to Equals or NotEquals, the ARN must be in\n the following format:
\n arn:\n
When resources.type equals AWS::KendraRanking::ExecutionPlan, and the\n operator is set to Equals or NotEquals, the ARN must be in\n the following format:
\n arn:\n
When resources.type equals AWS::ManagedBlockchain::Node,\n and the operator is set to Equals or NotEquals, the ARN\n must be in the following format:
\n arn:\n
When resources.type equals AWS::SageMaker::ExperimentTrialComponent, and the operator is set to\n Equals or NotEquals, the ARN must be in the following format:
\n arn:\n
When resources.type equals AWS::SageMaker::FeatureGroup, and the operator is set to\n Equals or NotEquals, the ARN must be in the following format:
\n arn:\n
When resources.type equals AWS::S3::AccessPoint, and the\n operator is set to Equals or NotEquals, the ARN must be in\n one of the following formats. To log events on all objects in an S3 access point, we\n recommend that you use only the access point ARN, don’t include the object path, and\n use the StartsWith or NotStartsWith operators.
\n arn:\n
\n arn:\n
When resources.type equals\n AWS::S3ObjectLambda::AccessPoint, and the operator is set to\n Equals or NotEquals, the ARN must be in the following\n format:
\n arn:\n
When resources.type equals AWS::S3Outposts::Object, and\n the operator is set to Equals or NotEquals, the ARN must be\n in the following format:
\n arn:\n
This is the CloudTrail API Reference. It provides descriptions of actions, data\n types, common parameters, and common errors for CloudTrail.
\nCloudTrail is a web service that records Amazon Web Services API calls for your\n Amazon Web Services account and delivers log files to an Amazon S3 bucket. The\n recorded information includes the identity of the user, the start time of the Amazon Web Services API call, the source IP address, the request parameters, and the response\n elements returned by the service.
\nAs an alternative to the API, you can use one of the Amazon Web Services SDKs, which\n consist of libraries and sample code for various programming languages and platforms\n (Java, Ruby, .NET, iOS, Android, etc.). The SDKs provide programmatic access to CloudTrail. For example, the SDKs handle cryptographically signing requests,\n managing errors, and retrying requests automatically. For more information about the\n Amazon Web Services SDKs, including how to download and install them, see Tools to Build on Amazon Web Services.
\nSee the CloudTrail\n User Guide for information about the data that is included with each Amazon Web Services API call listed in the log files.
\n\n Actions available for CloudTrail trails\n
\nThe following actions are available for CloudTrail trails.
\n\n AddTags\n
\n\n CreateTrail\n
\n\n DeleteTrail\n
\n\n DescribeTrails\n
\n\n GetEventSelectors\n
\n\n GetInsightSelectors\n
\n\n GetTrail\n
\n\n GetTrailStatus\n
\n\n ListTags\n
\n\n ListTrails\n
\n\n PutEventSelectors\n
\n\n PutInsightSelectors\n
\n\n RemoveTags\n
\n\n StartLogging\n
\n\n StopLogging\n
\n\n UpdateTrail\n
\n\n Actions available for CloudTrail event data stores\n
\nThe following actions are available for CloudTrail event data stores.
\n\n AddTags\n
\n\n CancelQuery\n
\n\n CreateEventDataStore\n
\n\n DeleteEventDataStore\n
\n\n DescribeQuery\n
\n\n GetEventDataStore\n
\n\n GetQueryResults\n
\n\n ListEventDataStores\n
\n\n ListTags\n
\n\n ListQueries\n
\n\n RemoveTags\n
\n\n StartImport\n
\nThe following additional actions are available for imports.
\n\n GetImport\n
\n\n ListImportFailures\n
\n\n ListImports\n
\n\n StopImport\n
\n\n StartQuery\n
\n\n UpdateEventDataStore\n
\n\n Actions available for CloudTrail channels\n
\nThe following actions are available for CloudTrail channels.
\n\n AddTags\n
\n\n CreateChannel\n
\n\n DeleteChannel\n
\n\n DeleteResourcePolicy\n
\n\n GetChannel\n
\n\n GetResourcePolicy\n
\n\n ListChannels\n
\n\n ListTags\n
\n\n PutResourcePolicy\n
\n\n RemoveTags\n
\n\n UpdateChannel\n
\n\n Actions available for managing delegated administrators\n
\nThe following actions are available for adding or a removing a delegated administrator to manage an Organizations organization’s CloudTrail resources.
\nThis is the CloudTrail API Reference. It provides descriptions of actions, data\n types, common parameters, and common errors for CloudTrail.
\nCloudTrail is a web service that records Amazon Web Services API calls for your\n Amazon Web Services account and delivers log files to an Amazon S3 bucket. The\n recorded information includes the identity of the user, the start time of the Amazon Web Services API call, the source IP address, the request parameters, and the response\n elements returned by the service.
\nAs an alternative to the API, you can use one of the Amazon Web Services SDKs, which\n consist of libraries and sample code for various programming languages and platforms\n (Java, Ruby, .NET, iOS, Android, etc.). The SDKs provide programmatic access to CloudTrail. For example, the SDKs handle cryptographically signing requests,\n managing errors, and retrying requests automatically. For more information about the\n Amazon Web Services SDKs, including how to download and install them, see Tools to Build on Amazon Web Services.
\nSee the CloudTrail\n User Guide for information about the data that is included with each Amazon Web Services API call listed in the log files.
", "smithy.api#title": "AWS CloudTrail", "smithy.api#xmlNamespace": { "uri": "http://cloudtrail.amazonaws.com/doc/2013-11-01/" @@ -2428,7 +2428,7 @@ "target": "com.amazonaws.cloudtrail#String", "traits": { "smithy.api#deprecated": {}, - "smithy.api#documentation": "This field is no longer in use. Use SnsTopicARN.
" + "smithy.api#documentation": "This field is no longer in use. Use SnsTopicARN.
The resource type in which you want to log data events. You can specify the following\n basic event selector resource types:
\n\n AWS::DynamoDB::Table\n
\n AWS::Lambda::Function\n
\n AWS::S3::Object\n
The following resource types are also available through advanced\n event selectors. Basic event selector resource types are valid in advanced event selectors,\n but advanced event selector resource types are not valid in basic event selectors. For more\n information, see AdvancedFieldSelector$Field.
\n\n AWS::CloudTrail::Channel\n
\n AWS::Cognito::IdentityPool\n
\n AWS::DynamoDB::Stream\n
\n AWS::EC2::Snapshot\n
\n AWS::FinSpace::Environment\n
\n AWS::Glue::Table\n
\n AWS::GuardDuty::Detector\n
\n AWS::KendraRanking::ExecutionPlan\n
\n AWS::ManagedBlockchain::Node\n
\n AWS::SageMaker::ExperimentTrialComponent\n
\n AWS::SageMaker::FeatureGroup\n
\n AWS::S3::AccessPoint\n
\n AWS::S3ObjectLambda::AccessPoint\n
\n AWS::S3Outposts::Object\n
The resource type in which you want to log data events. You can specify the following\n basic event selector resource types:
\n\n AWS::DynamoDB::Table\n
\n AWS::Lambda::Function\n
\n AWS::S3::Object\n
The following resource types are also available through advanced\n event selectors. Basic event selector resource types are valid in advanced event selectors,\n but advanced event selector resource types are not valid in basic event selectors. For more\n information, see AdvancedFieldSelector.
\n\n AWS::CloudTrail::Channel\n
\n AWS::CodeWhisperer::Profile\n
\n AWS::Cognito::IdentityPool\n
\n AWS::DynamoDB::Stream\n
\n AWS::EC2::Snapshot\n
\n AWS::EMRWAL::Workspace\n
\n AWS::FinSpace::Environment\n
\n AWS::Glue::Table\n
\n AWS::GuardDuty::Detector\n
\n AWS::KendraRanking::ExecutionPlan\n
\n AWS::ManagedBlockchain::Node\n
\n AWS::SageMaker::ExperimentTrialComponent\n
\n AWS::SageMaker::FeatureGroup\n
\n AWS::S3::AccessPoint\n
\n AWS::S3ObjectLambda::AccessPoint\n
\n AWS::S3Outposts::Object\n
Returns metadata about a query, including query run time in milliseconds, number of\n events scanned and matched, and query status. You must specify an ARN for\n EventDataStore, and a value for QueryID.
Returns metadata about a query, including query run time in milliseconds, number of\n events scanned and matched, and query status. If the query results were delivered to an S3 bucket, \n the response also provides the S3 URI and the delivery status.
\nYou must specify either a QueryID or a QueryAlias. Specifying\n the QueryAlias parameter returns information about the last query run for the\n alias.
The query ID.
", - "smithy.api#required": {} + "smithy.api#documentation": "The query ID.
" + } + }, + "QueryAlias": { + "target": "com.amazonaws.cloudtrail#QueryAlias", + "traits": { + "smithy.api#documentation": "\n The alias that identifies a query template.\n
" } } }, @@ -4080,7 +4085,7 @@ } ], "traits": { - "smithy.api#documentation": "Gets event data results of a query. You must specify the QueryID value\n returned by the StartQuery operation, and an ARN for\n EventDataStore.
Gets event data results of a query. You must specify the QueryID value\n returned by the StartQuery operation.
A SQL string of criteria about events that you want to collect in an event data\n store.
" } }, + "com.amazonaws.cloudtrail#QueryAlias": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 256 + }, + "smithy.api#pattern": "^[a-zA-Z][a-zA-Z0-9._\\-]*$" + } + }, "com.amazonaws.cloudtrail#QueryIdNotFoundException": { "type": "structure", "members": { @@ -6968,6 +6983,28 @@ "smithy.api#httpError": 404 } }, + "com.amazonaws.cloudtrail#QueryParameter": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1024 + }, + "smithy.api#pattern": ".*" + } + }, + "com.amazonaws.cloudtrail#QueryParameters": { + "type": "list", + "member": { + "target": "com.amazonaws.cloudtrail#QueryParameter" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 10 + } + } + }, "com.amazonaws.cloudtrail#QueryResultColumn": { "type": "map", "key": { @@ -8061,7 +8098,7 @@ } ], "traits": { - "smithy.api#documentation": "Starts a CloudTrail Lake query. The required QueryStatement\n parameter provides your SQL query, enclosed in single quotation marks. Use the optional\n DeliveryS3Uri parameter to deliver the query results to an S3\n bucket.
Starts a CloudTrail Lake query. Use the QueryStatement\n parameter to provide your SQL query, enclosed in single quotation marks. Use the optional\n DeliveryS3Uri parameter to deliver the query results to an S3\n bucket.
\n StartQuery requires you specify either the QueryStatement parameter, or a QueryAlias and any QueryParameters. In the current release, \n the QueryAlias and QueryParameters parameters are used only for the queries that populate the CloudTrail Lake dashboards.
The SQL code of your query.
", - "smithy.api#required": {} + "smithy.api#documentation": "The SQL code of your query.
" } }, "DeliveryS3Uri": { @@ -8080,6 +8116,18 @@ "traits": { "smithy.api#documentation": "The URI for the S3 bucket where CloudTrail delivers the query results.
" } + }, + "QueryAlias": { + "target": "com.amazonaws.cloudtrail#QueryAlias", + "traits": { + "smithy.api#documentation": "\n The alias that identifies a query template.\n
" + } + }, + "QueryParameters": { + "target": "com.amazonaws.cloudtrail#QueryParameters", + "traits": { + "smithy.api#documentation": "\n The query parameters for the specified QueryAlias.\n
This field is no longer in use. Use SnsTopicARN.
" + "smithy.api#documentation": "This field is no longer in use. Use SnsTopicARN.
Updates an event data store. The required EventDataStore value is an ARN or\n the ID portion of the ARN. Other parameters are optional, but at least one optional\n parameter must be specified, or CloudTrail throws an error.\n RetentionPeriod is in days, and valid values are integers between 90 and\n 2557. By default, TerminationProtection is enabled.
For event data stores for CloudTrail events, AdvancedEventSelectors\n includes or excludes management and data events in your event data store. For more\n information about AdvancedEventSelectors, see PutEventSelectorsRequest$AdvancedEventSelectors.
For event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services events,\n AdvancedEventSelectors includes events of that type in your event data store.
Updates an event data store. The required EventDataStore value is an ARN or\n the ID portion of the ARN. Other parameters are optional, but at least one optional\n parameter must be specified, or CloudTrail throws an error.\n RetentionPeriod is in days, and valid values are integers between 90 and\n 2557. By default, TerminationProtection is enabled.
For event data stores for CloudTrail events, AdvancedEventSelectors\n includes or excludes management and data events in your event data store. For more\n information about AdvancedEventSelectors, see \n AdvancedEventSelectors.
For event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services events,\n AdvancedEventSelectors includes events of that type in your event data store.
This field is no longer in use. Use UpdateTrailResponse$SnsTopicARN.
" + "smithy.api#documentation": "This field is no longer in use. Use SnsTopicARN.
The identifier for the error.
", + "smithy.api#required": {} + } + }, + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Description of the error.
", + "smithy.api#required": {} + } + }, + "resourceId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The identifier for the resource you don't have access to.
" + } + }, + "resourceType": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The type of resource you don't have access to.
" + } + } + }, + "traits": { + "smithy.api#documentation": "You do not have sufficient access to perform this action.
", + "smithy.api#error": "client", + "smithy.api#httpError": 403 + } + }, + "com.amazonaws.codegurusecurity#AccountFindingsMetric": { + "type": "structure", + "members": { + "date": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "The date from which the finding metrics were retrieved.
" + } + }, + "newFindings": { + "target": "com.amazonaws.codegurusecurity#FindingMetricsValuePerSeverity", + "traits": { + "smithy.api#documentation": "The number of new findings of each severity in account on the specified date.
" + } + }, + "closedFindings": { + "target": "com.amazonaws.codegurusecurity#FindingMetricsValuePerSeverity", + "traits": { + "smithy.api#documentation": "The number of closed findings of each severity in an account on the specified date.
" + } + }, + "openFindings": { + "target": "com.amazonaws.codegurusecurity#FindingMetricsValuePerSeverity", + "traits": { + "smithy.api#documentation": "The number of open findings of each severity in an account as of the specified date.
" + } + }, + "meanTimeToClose": { + "target": "com.amazonaws.codegurusecurity#FindingMetricsValuePerSeverity", + "traits": { + "smithy.api#documentation": "The average time it takes to close findings of each severity in days.
" + } + } + }, + "traits": { + "smithy.api#documentation": "A summary of findings metrics in an account.
" + } + }, + "com.amazonaws.codegurusecurity#AnalysisType": { + "type": "enum", + "members": { + "SECURITY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Security" + } + }, + "ALL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "All" + } + } + } + }, + "com.amazonaws.codegurusecurity#AwsCodeGuruSecurity": { + "type": "service", + "version": "2018-05-10", + "operations": [ + { + "target": "com.amazonaws.codegurusecurity#BatchGetFindings" + }, + { + "target": "com.amazonaws.codegurusecurity#CreateScan" + }, + { + "target": "com.amazonaws.codegurusecurity#CreateUploadUrl" + }, + { + "target": "com.amazonaws.codegurusecurity#GetAccountConfiguration" + }, + { + "target": "com.amazonaws.codegurusecurity#GetFindings" + }, + { + "target": "com.amazonaws.codegurusecurity#GetMetricsSummary" + }, + { + "target": "com.amazonaws.codegurusecurity#GetScan" + }, + { + "target": "com.amazonaws.codegurusecurity#ListFindingsMetrics" + }, + { + "target": "com.amazonaws.codegurusecurity#ListScans" + }, + { + "target": "com.amazonaws.codegurusecurity#ListTagsForResource" + }, + { + "target": "com.amazonaws.codegurusecurity#TagResource" + }, + { + "target": "com.amazonaws.codegurusecurity#UntagResource" + }, + { + "target": "com.amazonaws.codegurusecurity#UpdateAccountConfiguration" + } + ], + "traits": { + "aws.api#service": { + "sdkId": "CodeGuru Security", + "arnNamespace": "codeguru-security", + "cloudTrailEventSource": "codeguru-security.amazonaws.com" + }, + "aws.auth#sigv4": { + "name": "codeguru-security" + }, + "aws.protocols#restJson1": {}, + "smithy.api#cors": { + "additionalAllowedHeaders": [ + "Authorization", + "Content-Type", + "Credentials", + "X-Amz-Date", + "X-Api-Key", + "X-Amz-Security-Token", + "x-amz-content-sha256", + "X-Amz-User-Agent" + ], + "additionalExposedHeaders": [ + "x-amzn-errortype", + "x-amzn-requestid", + "x-amzn-errormessage", + "x-amzn-trace-id", + "x-amz-apigw-id", + "date" + ], + "origin": "*" + }, + "smithy.api#documentation": "This section provides documentation for the Amazon CodeGuru Security API operations.\n CodeGuru Security is a service that uses program analysis and machine learning to detect\n security policy violations and vulnerabilities, and recommends ways to address these security\n risks.
\nBy proactively detecting and providing recommendations for addressing security risks,\n CodeGuru Security improves the overall security of your application code. For more information\n about CodeGuru Security, see the \n Amazon CodeGuru Security User Guide.
", + "smithy.api#title": "Amazon CodeGuru Security", + "smithy.rules#endpointRuleSet": { + "version": "1.0", + "parameters": { + "Region": { + "builtIn": "AWS::Region", + "required": false, + "documentation": "The AWS region used to dispatch the request.", + "type": "String" + }, + "UseDualStack": { + "builtIn": "AWS::UseDualStack", + "required": true, + "default": false, + "documentation": "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.", + "type": "Boolean" + }, + "UseFIPS": { + "builtIn": "AWS::UseFIPS", + "required": true, + "default": false, + "documentation": "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.", + "type": "Boolean" + }, + "Endpoint": { + "builtIn": "SDK::Endpoint", + "required": false, + "documentation": "Override the endpoint used to send this request", + "type": "String" + } + }, + "rules": [ + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Endpoint" + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "endpoint": { + "url": { + "ref": "Endpoint" + }, + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Region" + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "aws.partition", + "argv": [ + { + "ref": "Region" + } + ], + "assign": "PartitionResult" + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + }, + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://codeguru-security-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://codeguru-security-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://codeguru-security.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" + } + ] + }, + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://codeguru-security.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + } + ] + }, + { + "conditions": [], + "error": "Invalid Configuration: Missing Region", + "type": "error" + } + ] + } + ] + }, + "smithy.rules#endpointTests": { + "testCases": [ + { + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security-fips.us-gov-east-1.api.aws" + } + }, + "params": { + "UseDualStack": true, + "UseFIPS": true, + "Region": "us-gov-east-1" + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security-fips.us-gov-east-1.amazonaws.com" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": true, + "Region": "us-gov-east-1" + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security.us-gov-east-1.api.aws" + } + }, + "params": { + "UseDualStack": true, + "UseFIPS": false, + "Region": "us-gov-east-1" + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security.us-gov-east-1.amazonaws.com" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": false, + "Region": "us-gov-east-1" + } + }, + { + "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security-fips.cn-north-1.api.amazonwebservices.com.cn" + } + }, + "params": { + "UseDualStack": true, + "UseFIPS": true, + "Region": "cn-north-1" + } + }, + { + "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security-fips.cn-north-1.amazonaws.com.cn" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": true, + "Region": "cn-north-1" + } + }, + { + "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security.cn-north-1.api.amazonwebservices.com.cn" + } + }, + "params": { + "UseDualStack": true, + "UseFIPS": false, + "Region": "cn-north-1" + } + }, + { + "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security.cn-north-1.amazonaws.com.cn" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": false, + "Region": "cn-north-1" + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "UseDualStack": true, + "UseFIPS": true, + "Region": "us-iso-east-1" + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security-fips.us-iso-east-1.c2s.ic.gov" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": true, + "Region": "us-iso-east-1" + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "UseDualStack": true, + "UseFIPS": false, + "Region": "us-iso-east-1" + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security.us-iso-east-1.c2s.ic.gov" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": false, + "Region": "us-iso-east-1" + } + }, + { + "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security-fips.us-east-1.api.aws" + } + }, + "params": { + "UseDualStack": true, + "UseFIPS": true, + "Region": "us-east-1" + } + }, + { + "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security-fips.us-east-1.amazonaws.com" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": true, + "Region": "us-east-1" + } + }, + { + "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security.us-east-1.api.aws" + } + }, + "params": { + "UseDualStack": true, + "UseFIPS": false, + "Region": "us-east-1" + } + }, + { + "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security.us-east-1.amazonaws.com" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": false, + "Region": "us-east-1" + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "UseDualStack": true, + "UseFIPS": true, + "Region": "us-isob-east-1" + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security-fips.us-isob-east-1.sc2s.sgov.gov" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": true, + "Region": "us-isob-east-1" + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "UseDualStack": true, + "UseFIPS": false, + "Region": "us-isob-east-1" + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security.us-isob-east-1.sc2s.sgov.gov" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": false, + "Region": "us-isob-east-1" + } + }, + { + "documentation": "For custom endpoint with fips disabled and dualstack disabled", + "expect": { + "endpoint": { + "url": "https://example.com" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": false, + "Region": "us-east-1", + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with fips enabled and dualstack disabled", + "expect": { + "error": "Invalid Configuration: FIPS and custom endpoint are not supported" + }, + "params": { + "UseDualStack": false, + "UseFIPS": true, + "Region": "us-east-1", + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with fips disabled and dualstack enabled", + "expect": { + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" + }, + "params": { + "UseDualStack": true, + "UseFIPS": false, + "Region": "us-east-1", + "Endpoint": "https://example.com" + } + } + ], + "version": "1.0" + } + } + }, + "com.amazonaws.codegurusecurity#BatchGetFindings": { + "type": "operation", + "input": { + "target": "com.amazonaws.codegurusecurity#BatchGetFindingsRequest" + }, + "output": { + "target": "com.amazonaws.codegurusecurity#BatchGetFindingsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.codegurusecurity#AccessDeniedException" + }, + { + "target": "com.amazonaws.codegurusecurity#InternalServerException" + }, + { + "target": "com.amazonaws.codegurusecurity#ThrottlingException" + }, + { + "target": "com.amazonaws.codegurusecurity#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Returns a list of all requested findings.
", + "smithy.api#http": { + "code": 200, + "method": "POST", + "uri": "/batchGetFindings" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.codegurusecurity#BatchGetFindingsError": { + "type": "structure", + "members": { + "scanName": { + "target": "com.amazonaws.codegurusecurity#ScanName", + "traits": { + "smithy.api#documentation": "The name of the scan that generated the finding.
", + "smithy.api#required": {} + } + }, + "findingId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The finding ID of the finding that was not fetched.
", + "smithy.api#required": {} + } + }, + "errorCode": { + "target": "com.amazonaws.codegurusecurity#ErrorCode", + "traits": { + "smithy.api#documentation": "A code associated with the type of error.
", + "smithy.api#required": {} + } + }, + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Describes the error.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information about the error that caused a finding to fail to be retrieved.
" + } + }, + "com.amazonaws.codegurusecurity#BatchGetFindingsErrors": { + "type": "list", + "member": { + "target": "com.amazonaws.codegurusecurity#BatchGetFindingsError" + } + }, + "com.amazonaws.codegurusecurity#BatchGetFindingsRequest": { + "type": "structure", + "members": { + "findingIdentifiers": { + "target": "com.amazonaws.codegurusecurity#FindingIdentifiers", + "traits": { + "smithy.api#documentation": "A list of finding identifiers. Each identifier consists of a scanName and a\n findingId. You retrieve the findingId when you call\n GetFindings.
A list of all requested findings.
", + "smithy.api#required": {} + } + }, + "failedFindings": { + "target": "com.amazonaws.codegurusecurity#BatchGetFindingsErrors", + "traits": { + "smithy.api#documentation": "A list of errors for individual findings which were not fetched. Each\n BatchGetFindingsError contains the scanName, findingId,\n errorCode and error message.
The name of the finding category. A finding category is determined by the detector that\n detected the finding.
" + } + }, + "findingNumber": { + "target": "smithy.api#Integer", + "traits": { + "smithy.api#documentation": "The number of open findings in the category.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about a finding category with open findings.
" + } + }, + "com.amazonaws.codegurusecurity#ClientToken": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 64 + }, + "smithy.api#pattern": "^[\\S]+$" + } + }, + "com.amazonaws.codegurusecurity#CodeLine": { + "type": "structure", + "members": { + "number": { + "target": "smithy.api#Integer", + "traits": { + "smithy.api#documentation": "The code line number.
" + } + }, + "content": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The code that contains a vulnerability.
" + } + } + }, + "traits": { + "smithy.api#documentation": "The line of code where a finding was detected.
" + } + }, + "com.amazonaws.codegurusecurity#CodeSnippet": { + "type": "list", + "member": { + "target": "com.amazonaws.codegurusecurity#CodeLine" + } + }, + "com.amazonaws.codegurusecurity#ConflictException": { + "type": "structure", + "members": { + "errorCode": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The identifier for the error.
", + "smithy.api#required": {} + } + }, + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Description of the error.
", + "smithy.api#required": {} + } + }, + "resourceId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The identifier for the service resource associated with the request.
", + "smithy.api#required": {} + } + }, + "resourceType": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The type of resource associated with the request.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "The requested operation would cause a conflict with the current state of a service\n resource associated with the request. Resolve the conflict before retrying this\n request.
", + "smithy.api#error": "client", + "smithy.api#httpError": 409 + } + }, + "com.amazonaws.codegurusecurity#CreateScan": { + "type": "operation", + "input": { + "target": "com.amazonaws.codegurusecurity#CreateScanRequest" + }, + "output": { + "target": "com.amazonaws.codegurusecurity#CreateScanResponse" + }, + "errors": [ + { + "target": "com.amazonaws.codegurusecurity#AccessDeniedException" + }, + { + "target": "com.amazonaws.codegurusecurity#ConflictException" + }, + { + "target": "com.amazonaws.codegurusecurity#InternalServerException" + }, + { + "target": "com.amazonaws.codegurusecurity#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.codegurusecurity#ThrottlingException" + }, + { + "target": "com.amazonaws.codegurusecurity#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Use to create a scan using code uploaded to an S3 bucket.
", + "smithy.api#http": { + "code": 200, + "method": "POST", + "uri": "/scans" + } + } + }, + "com.amazonaws.codegurusecurity#CreateScanRequest": { + "type": "structure", + "members": { + "clientToken": { + "target": "com.amazonaws.codegurusecurity#ClientToken", + "traits": { + "smithy.api#documentation": "The idempotency token for the request. Amazon CodeGuru Security uses this value to prevent\n the accidental creation of duplicate scans if there are failures and retries.
", + "smithy.api#idempotencyToken": {} + } + }, + "resourceId": { + "target": "com.amazonaws.codegurusecurity#ResourceId", + "traits": { + "smithy.api#documentation": "The identifier for an input resource used to create a scan.
", + "smithy.api#required": {} + } + }, + "scanName": { + "target": "com.amazonaws.codegurusecurity#ScanName", + "traits": { + "smithy.api#documentation": "The unique name that CodeGuru Security uses to track revisions across multiple\n scans of the same resource. Only allowed for a STANDARD scan type. If not\n specified, it will be auto generated.
The type of scan, either Standard or Express. Defaults to\n Standard type if missing.
\n Express scans run on limited resources and use a limited set of detectors to\n analyze your code in near-real time. Standard scans have standard resource limits\n and use the full set of detectors to analyze your code.
The type of analysis you want CodeGuru Security to perform in the scan, either\n Security or All. The Secuirty type only generates\n findings related to security. The All type generates both security findings and\n quality findings. Defaults to Security type if missing.
An array of key-value pairs used to tag a scan. A tag is a custom attribute\n label with two parts:
\nA tag key. For example, CostCenter, Environment, or\n Secret. Tag keys are case sensitive.
An optional tag value field. For example, 111122223333,\n Production, or a team name. Omitting the tag value is the same as using an\n empty string. Tag values are case sensitive.
The name of the scan.
", + "smithy.api#required": {} + } + }, + "runId": { + "target": "com.amazonaws.codegurusecurity#Uuid", + "traits": { + "smithy.api#documentation": "UUID that identifies the individual scan run.
", + "smithy.api#required": {} + } + }, + "resourceId": { + "target": "com.amazonaws.codegurusecurity#ResourceId", + "traits": { + "smithy.api#documentation": "The identifier for the resource object that contains resources that were scanned.
", + "smithy.api#required": {} + } + }, + "scanState": { + "target": "com.amazonaws.codegurusecurity#ScanState", + "traits": { + "smithy.api#documentation": "The current state of the scan. Returns either InProgress,\n Successful, or Failed.
The ARN for the scan name.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.codegurusecurity#CreateUploadUrl": { + "type": "operation", + "input": { + "target": "com.amazonaws.codegurusecurity#CreateUploadUrlRequest" + }, + "output": { + "target": "com.amazonaws.codegurusecurity#CreateUploadUrlResponse" + }, + "errors": [ + { + "target": "com.amazonaws.codegurusecurity#AccessDeniedException" + }, + { + "target": "com.amazonaws.codegurusecurity#InternalServerException" + }, + { + "target": "com.amazonaws.codegurusecurity#ThrottlingException" + }, + { + "target": "com.amazonaws.codegurusecurity#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Generates a pre-signed URL and request headers used to upload a code resource.
\nYou can upload your code resource to the URL and add the request headers using any HTTP\n client.
", + "smithy.api#http": { + "code": 200, + "method": "POST", + "uri": "/uploadUrl" + } + } + }, + "com.amazonaws.codegurusecurity#CreateUploadUrlRequest": { + "type": "structure", + "members": { + "scanName": { + "target": "com.amazonaws.codegurusecurity#ScanName", + "traits": { + "smithy.api#documentation": "The name of the scan that will use the uploaded resource. CodeGuru Security uses the\n unique scan name to track revisions across multiple scans of the same resource. Use this \n scanName when you call CreateScan on the code resource you upload to this URL.
A pre-signed S3 URL. You can upload the code file you want to scan and add the required\n requestHeaders using any HTTP client.
A set of key-value pairs that contain the required headers when uploading your\n resource.
", + "smithy.api#required": {} + } + }, + "codeArtifactId": { + "target": "com.amazonaws.codegurusecurity#Uuid", + "traits": { + "smithy.api#documentation": "The identifier for the uploaded code resource.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.codegurusecurity#DetectorTags": { + "type": "list", + "member": { + "target": "smithy.api#String" + } + }, + "com.amazonaws.codegurusecurity#EncryptionConfig": { + "type": "structure", + "members": { + "kmsKeyArn": { + "target": "com.amazonaws.codegurusecurity#KmsKeyArn", + "traits": { + "smithy.api#documentation": "The KMS key ARN to use for encryption. This must be provided as a header when uploading\n your code resource.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about account-level configuration.
" + } + }, + "com.amazonaws.codegurusecurity#ErrorCode": { + "type": "enum", + "members": { + "DUPLICATE_IDENTIFIER": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DUPLICATE_IDENTIFIER" + } + }, + "ITEM_DOES_NOT_EXIST": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ITEM_DOES_NOT_EXIST" + } + }, + "INTERNAL_ERROR": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INTERNAL_ERROR" + } + }, + "INVALID_FINDING_ID": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INVALID_FINDING_ID" + } + }, + "INVALID_SCAN_NAME": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INVALID_SCAN_NAME" + } + } + } + }, + "com.amazonaws.codegurusecurity#FilePath": { + "type": "structure", + "members": { + "name": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The name of the file.
" + } + }, + "path": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The path to the resource with the security vulnerability.
" + } + }, + "startLine": { + "target": "smithy.api#Integer", + "traits": { + "smithy.api#documentation": "The first line number of the code snippet where the security vulnerability appears in your code.
" + } + }, + "endLine": { + "target": "smithy.api#Integer", + "traits": { + "smithy.api#documentation": "The last line number of the code snippet where the security vulnerability appears in your\n code.
" + } + }, + "codeSnippet": { + "target": "com.amazonaws.codegurusecurity#CodeSnippet", + "traits": { + "smithy.api#documentation": "A list of CodeLine objects that describe where the security vulnerability\n appears in your code.
Information about the location of security vulnerabilities that Amazon CodeGuru Security\n detected in your code.
" + } + }, + "com.amazonaws.codegurusecurity#Finding": { + "type": "structure", + "members": { + "createdAt": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "The time when the finding was created.
" + } + }, + "description": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "A description of the finding.
" + } + }, + "generatorId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The identifier for the component that generated a finding such as AWSCodeGuruSecurity or\n AWSInspector.
" + } + }, + "id": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The identifier for a finding.
" + } + }, + "updatedAt": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "The time when the finding was last updated. Findings are updated when you remediate them\n or when the finding code location changes.
" + } + }, + "type": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The type of finding.
" + } + }, + "status": { + "target": "com.amazonaws.codegurusecurity#Status", + "traits": { + "smithy.api#documentation": "The status of the finding. A finding status can be open or closed.
" + } + }, + "resource": { + "target": "com.amazonaws.codegurusecurity#Resource", + "traits": { + "smithy.api#documentation": "The resource where Amazon CodeGuru Security detected a finding.
" + } + }, + "vulnerability": { + "target": "com.amazonaws.codegurusecurity#Vulnerability", + "traits": { + "smithy.api#documentation": "An object that describes the detected security vulnerability.
" + } + }, + "severity": { + "target": "com.amazonaws.codegurusecurity#Severity", + "traits": { + "smithy.api#documentation": "The severity of the finding.
" + } + }, + "remediation": { + "target": "com.amazonaws.codegurusecurity#Remediation", + "traits": { + "smithy.api#documentation": "An object that contains the details about how to remediate a finding.
" + } + }, + "title": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The title of the finding.
" + } + }, + "detectorTags": { + "target": "com.amazonaws.codegurusecurity#DetectorTags", + "traits": { + "smithy.api#documentation": "One or more tags or categorizations that are associated with a detector. These tags are\n defined by type, programming language, or other classification such as maintainability or\n consistency.
" + } + }, + "detectorId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The identifier for the detector that detected the finding in your code. A detector is a\n defined rule based on industry standards and AWS best practices.
" + } + }, + "detectorName": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The name of the detector that identified the security vulnerability in your code.
" + } + }, + "ruleId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The identifier for the rule that generated the finding.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about a finding that was detected in your code.
" + } + }, + "com.amazonaws.codegurusecurity#FindingIdentifier": { + "type": "structure", + "members": { + "scanName": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The name of the scan that generated the finding.
", + "smithy.api#required": {} + } + }, + "findingId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The identifier for a finding.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "An object that contains information about a finding and the scan that generated it.
" + } + }, + "com.amazonaws.codegurusecurity#FindingIdentifiers": { + "type": "list", + "member": { + "target": "com.amazonaws.codegurusecurity#FindingIdentifier" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 25 + } + } + }, + "com.amazonaws.codegurusecurity#FindingMetricsValuePerSeverity": { + "type": "structure", + "members": { + "info": { + "target": "smithy.api#Double", + "traits": { + "smithy.api#documentation": "The finding is related to quality or readability improvements and not considered\n actionable.
" + } + }, + "low": { + "target": "smithy.api#Double", + "traits": { + "smithy.api#documentation": "The severity of the finding is low and does require action on its own.
" + } + }, + "medium": { + "target": "smithy.api#Double", + "traits": { + "smithy.api#documentation": "The severity of the finding is medium and should be addressed as a mid-term priority.
" + } + }, + "high": { + "target": "smithy.api#Double", + "traits": { + "smithy.api#documentation": "The severity of the finding is high and should be addressed as a near-term priority.
" + } + }, + "critical": { + "target": "smithy.api#Double", + "traits": { + "smithy.api#documentation": "The severity of the finding is critical and should be addressed immediately.
" + } + } + }, + "traits": { + "smithy.api#documentation": "The severity of the issue in the code that generated a finding.
" + } + }, + "com.amazonaws.codegurusecurity#Findings": { + "type": "list", + "member": { + "target": "com.amazonaws.codegurusecurity#Finding" + } + }, + "com.amazonaws.codegurusecurity#FindingsMetricList": { + "type": "list", + "member": { + "target": "com.amazonaws.codegurusecurity#AccountFindingsMetric" + } + }, + "com.amazonaws.codegurusecurity#GetAccountConfiguration": { + "type": "operation", + "input": { + "target": "com.amazonaws.codegurusecurity#GetAccountConfigurationRequest" + }, + "output": { + "target": "com.amazonaws.codegurusecurity#GetAccountConfigurationResponse" + }, + "errors": [ + { + "target": "com.amazonaws.codegurusecurity#AccessDeniedException" + }, + { + "target": "com.amazonaws.codegurusecurity#InternalServerException" + }, + { + "target": "com.amazonaws.codegurusecurity#ThrottlingException" + }, + { + "target": "com.amazonaws.codegurusecurity#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Use to get account level configuration.
", + "smithy.api#http": { + "code": 200, + "method": "GET", + "uri": "/accountConfiguration/get" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.codegurusecurity#GetAccountConfigurationRequest": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.codegurusecurity#GetAccountConfigurationResponse": { + "type": "structure", + "members": { + "encryptionConfig": { + "target": "com.amazonaws.codegurusecurity#EncryptionConfig", + "traits": { + "smithy.api#documentation": "An EncryptionConfig object that contains the KMS key ARN to use for\n encryption. By default, CodeGuru Security uses an AWS-managed key for encryption. To specify\n your own key, call UpdateAccountConfiguration.
Returns a list of all findings generated by a particular scan.
", + "smithy.api#http": { + "code": 200, + "method": "GET", + "uri": "/findings/{scanName}" + }, + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "pageSize": "maxResults", + "items": "findings" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.codegurusecurity#GetFindingsRequest": { + "type": "structure", + "members": { + "scanName": { + "target": "com.amazonaws.codegurusecurity#ScanName", + "traits": { + "smithy.api#documentation": "The name of the scan you want to retrieve findings from.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "nextToken": { + "target": "com.amazonaws.codegurusecurity#NextToken", + "traits": { + "smithy.api#documentation": "A token to use for paginating results that are returned in the response. Set the value of\n this parameter to null for the first request. For subsequent calls, use the nextToken value\n returned from the previous request to continue listing results after the first page.
The maximum number of results to return in the response. Use this parameter when\n paginating results. If additional results exist beyond the number you specify, the nextToken\n element is returned in the response. Use nextToken in a subsequent request to retrieve\n additional results.
The status of the findings you want to get. Pass either Open,\n Closed, or All.
A list of findings generated by the specified scan.
" + } + }, + "nextToken": { + "target": "com.amazonaws.codegurusecurity#NextToken", + "traits": { + "smithy.api#documentation": "A pagination token. You can use this in future calls to GetFindings to continue listing\n results after the current page.
Returns top level metrics about an account from a specified date, including number of open\n findings, the categories with most findings, the scans with most open findings, and scans with\n most open critical findings.
", + "smithy.api#http": { + "code": 200, + "method": "GET", + "uri": "/metrics/summary" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.codegurusecurity#GetMetricsSummaryRequest": { + "type": "structure", + "members": { + "date": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "The date you want to retrieve summary metrics from, rounded to the nearest day. The date\n must be within the past two years since metrics data is only stored for two years. If a date\n outside of this range is passed, the response will be empty.
", + "smithy.api#httpQuery": "date", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.codegurusecurity#GetMetricsSummaryResponse": { + "type": "structure", + "members": { + "metricsSummary": { + "target": "com.amazonaws.codegurusecurity#MetricsSummary", + "traits": { + "smithy.api#documentation": "The summary metrics from the specified date.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.codegurusecurity#GetScan": { + "type": "operation", + "input": { + "target": "com.amazonaws.codegurusecurity#GetScanRequest" + }, + "output": { + "target": "com.amazonaws.codegurusecurity#GetScanResponse" + }, + "errors": [ + { + "target": "com.amazonaws.codegurusecurity#AccessDeniedException" + }, + { + "target": "com.amazonaws.codegurusecurity#InternalServerException" + }, + { + "target": "com.amazonaws.codegurusecurity#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.codegurusecurity#ThrottlingException" + } + ], + "traits": { + "smithy.api#documentation": "Returns details about a scan, including whether or not a scan has completed.
", + "smithy.api#http": { + "code": 200, + "method": "GET", + "uri": "/scans/{scanName}" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.codegurusecurity#GetScanRequest": { + "type": "structure", + "members": { + "scanName": { + "target": "com.amazonaws.codegurusecurity#ScanName", + "traits": { + "smithy.api#documentation": "The name of the scan you want to view details about.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "runId": { + "target": "com.amazonaws.codegurusecurity#Uuid", + "traits": { + "smithy.api#documentation": "UUID that identifies the individual scan run you want to view details about. You retrieve\n this when you call the CreateScan operation. Defaults to the latest scan run if missing.
The name of the scan.
", + "smithy.api#required": {} + } + }, + "runId": { + "target": "com.amazonaws.codegurusecurity#Uuid", + "traits": { + "smithy.api#documentation": "UUID that identifies the individual scan run.
", + "smithy.api#required": {} + } + }, + "scanState": { + "target": "com.amazonaws.codegurusecurity#ScanState", + "traits": { + "smithy.api#documentation": "The current state of the scan. Pass either InProgress,\n Successful, or Failed.
The time the scan was created.
", + "smithy.api#required": {} + } + }, + "analysisType": { + "target": "com.amazonaws.codegurusecurity#AnalysisType", + "traits": { + "smithy.api#documentation": "The type of analysis CodeGuru Security performed in the scan, either\n Security or All. The Security type only generates\n findings related to security. The All type generates both security findings and\n quality findings.
The time when the scan was last updated. Only available for STANDARD scan types.
The number of times a scan has been re-run on a revised resource.
" + } + }, + "scanNameArn": { + "target": "com.amazonaws.codegurusecurity#ScanNameArn", + "traits": { + "smithy.api#documentation": "The ARN for the scan name.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.codegurusecurity#HeaderKey": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1 + } + } + }, + "com.amazonaws.codegurusecurity#HeaderValue": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1 + } + } + }, + "com.amazonaws.codegurusecurity#InternalServerException": { + "type": "structure", + "members": { + "error": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The internal error encountered by the server.
" + } + }, + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Description of the error.
" + } + } + }, + "traits": { + "smithy.api#documentation": "The server encountered an internal error and is unable to complete the request.
", + "smithy.api#error": "server", + "smithy.api#httpError": 500, + "smithy.api#retryable": {} + } + }, + "com.amazonaws.codegurusecurity#KmsKeyArn": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 2048 + }, + "smithy.api#pattern": "^arn:aws:kms:[\\S]+:[\\d]{12}:key\\/(([a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})|(mrk-[0-9a-zA-Z]{32}))$" + } + }, + "com.amazonaws.codegurusecurity#ListFindingsMetrics": { + "type": "operation", + "input": { + "target": "com.amazonaws.codegurusecurity#ListFindingsMetricsRequest" + }, + "output": { + "target": "com.amazonaws.codegurusecurity#ListFindingsMetricsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.codegurusecurity#AccessDeniedException" + }, + { + "target": "com.amazonaws.codegurusecurity#InternalServerException" + }, + { + "target": "com.amazonaws.codegurusecurity#ThrottlingException" + }, + { + "target": "com.amazonaws.codegurusecurity#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Returns metrics about all findings in an account within a specified time range.
", + "smithy.api#http": { + "code": 200, + "method": "GET", + "uri": "/metrics/findings" + }, + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "pageSize": "maxResults", + "items": "findingsMetrics" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.codegurusecurity#ListFindingsMetricsRequest": { + "type": "structure", + "members": { + "nextToken": { + "target": "com.amazonaws.codegurusecurity#NextToken", + "traits": { + "smithy.api#documentation": "A token to use for paginating results that are returned in the response. Set the\n value of this parameter to null for the first request. For subsequent calls, use the nextToken\n value returned from the previous request to continue listing results after the first\n page.
The maximum number of results to return in the response. Use this parameter when\n paginating results. If additional results exist beyond the number you specify, the nextToken\n element is returned in the response. Use nextToken in a subsequent request to retrieve\n additional results.
The start date of the interval which you want to retrieve metrics from.
", + "smithy.api#httpQuery": "startDate", + "smithy.api#required": {} + } + }, + "endDate": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "The end date of the interval which you want to retrieve metrics from.
", + "smithy.api#httpQuery": "endDate", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.codegurusecurity#ListFindingsMetricsResponse": { + "type": "structure", + "members": { + "findingsMetrics": { + "target": "com.amazonaws.codegurusecurity#FindingsMetricList", + "traits": { + "smithy.api#documentation": "A list of AccountFindingsMetric objects retrieved from the specified time interval.
A pagination token. You can use this in future calls to ListFindingMetrics to continue\n listing results after the current page.
Returns a list of all the scans in an account.
", + "smithy.api#http": { + "code": 200, + "method": "GET", + "uri": "/scans" + }, + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "pageSize": "maxResults", + "items": "summaries" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.codegurusecurity#ListScansRequest": { + "type": "structure", + "members": { + "nextToken": { + "target": "com.amazonaws.codegurusecurity#NextToken", + "traits": { + "smithy.api#documentation": "A token to use for paginating results that are returned in the response. Set the value of\n this parameter to null for the first request. For subsequent calls, use the nextToken value\n returned from the previous request to continue listing results after the first page.
The maximum number of results to return in the response. Use this parameter when\n paginating results. If additional results exist beyond the number you specify, the nextToken\n element is returned in the response. Use nextToken in a subsequent request to retrieve\n additional results.
A list of ScanSummary objects with information about all scans in an account.
A pagination token. You can use this in future calls to ListScans to continue listing\n results after the current page.
Returns a list of all tags associated with a scan.
", + "smithy.api#http": { + "method": "GET", + "uri": "/tags/{resourceArn}", + "code": 200 + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.codegurusecurity#ListTagsForResourceRequest": { + "type": "structure", + "members": { + "resourceArn": { + "target": "com.amazonaws.codegurusecurity#ScanNameArn", + "traits": { + "smithy.api#documentation": "The ARN of the ScanName object. You can retrieve this ARN by calling\n ListScans or GetScan.
An array of key-value pairs used to tag an existing scan. A tag is a custom attribute\n label with two parts:
\nA tag key. For example, CostCenter, Environment, or\n Secret. Tag keys are case sensitive.
An optional tag value field. For example, 111122223333,\n Production, or a team name. Omitting the tag value is the same as using an\n empty string. Tag values are case sensitive.
The date from which the metrics summary information was retrieved.
" + } + }, + "openFindings": { + "target": "com.amazonaws.codegurusecurity#FindingMetricsValuePerSeverity", + "traits": { + "smithy.api#documentation": "The number of open findings of each severity in an account.
" + } + }, + "categoriesWithMostFindings": { + "target": "com.amazonaws.codegurusecurity#CategoriesWithMostFindings", + "traits": { + "smithy.api#documentation": "A list of CategoryWithFindingNum objects for the top 5 finding categories\n with the most open findings in an account.
A list of ScanNameWithFindingNum objects for the top 3 scans with the most\n number of open critical findings in an account.
A list of ScanNameWithFindingNum objects for the top 3 scans with the most\n number of open findings in an account.
Information about summary metrics in an account.
" + } + }, + "com.amazonaws.codegurusecurity#NextToken": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 2048 + }, + "smithy.api#pattern": "^[\\S]+$" + } + }, + "com.amazonaws.codegurusecurity#Recommendation": { + "type": "structure", + "members": { + "text": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The recommended course of action to remediate the finding.
" + } + }, + "url": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The URL address to the recommendation for remediating the finding.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about the recommended course of action to remediate a finding.
" + } + }, + "com.amazonaws.codegurusecurity#ReferenceUrls": { + "type": "list", + "member": { + "target": "smithy.api#String" + } + }, + "com.amazonaws.codegurusecurity#RelatedVulnerabilities": { + "type": "list", + "member": { + "target": "smithy.api#String" + } + }, + "com.amazonaws.codegurusecurity#Remediation": { + "type": "structure", + "members": { + "recommendation": { + "target": "com.amazonaws.codegurusecurity#Recommendation", + "traits": { + "smithy.api#documentation": "An object that contains information about the recommended course of action to remediate a finding.
" + } + }, + "suggestedFixes": { + "target": "com.amazonaws.codegurusecurity#SuggestedFixes", + "traits": { + "smithy.api#documentation": "A list of SuggestedFix objects. Each object contains information about a suggested code\n fix to remediate the finding.
Information about how to remediate a finding.
" + } + }, + "com.amazonaws.codegurusecurity#RequestHeaderMap": { + "type": "map", + "key": { + "target": "com.amazonaws.codegurusecurity#HeaderKey" + }, + "value": { + "target": "com.amazonaws.codegurusecurity#HeaderValue" + }, + "traits": { + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.codegurusecurity#Resource": { + "type": "structure", + "members": { + "id": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The identifier for the resource.
" + } + }, + "subResourceId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The identifier for a section of the resource, such as an AWS Lambda layer.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about a resource, such as an Amazon S3 bucket or AWS Lambda function, that\n contains a finding.
" + } + }, + "com.amazonaws.codegurusecurity#ResourceId": { + "type": "union", + "members": { + "codeArtifactId": { + "target": "com.amazonaws.codegurusecurity#Uuid", + "traits": { + "smithy.api#documentation": "The identifier for the code file uploaded to the resource where a finding was detected.
" + } + } + }, + "traits": { + "smithy.api#documentation": "The identifier for a resource object that contains resources where a finding was detected.
" + } + }, + "com.amazonaws.codegurusecurity#ResourceNotFoundException": { + "type": "structure", + "members": { + "errorCode": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The identifier for the error.
", + "smithy.api#required": {} + } + }, + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Description of the error.
", + "smithy.api#required": {} + } + }, + "resourceId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The identifier for the resource that was not found.
", + "smithy.api#required": {} + } + }, + "resourceType": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The type of resource that was not found.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "The resource specified in the request was not found.
", + "smithy.api#error": "client", + "smithy.api#httpError": 404 + } + }, + "com.amazonaws.codegurusecurity#S3Url": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1 + }, + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.codegurusecurity#ScanName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 140 + }, + "smithy.api#pattern": "^[a-zA-Z0-9-_$:.]*$" + } + }, + "com.amazonaws.codegurusecurity#ScanNameArn": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 300 + }, + "smithy.api#pattern": "^arn:aws:codeguru-security:[\\S]+:[\\d]{12}:scans\\/[a-zA-Z0-9-_$:.]*$" + } + }, + "com.amazonaws.codegurusecurity#ScanNameWithFindingNum": { + "type": "structure", + "members": { + "scanName": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The name of the scan.
" + } + }, + "findingNumber": { + "target": "smithy.api#Integer", + "traits": { + "smithy.api#documentation": "The number of open findings generated by a scan.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about a scan with open findings.
" + } + }, + "com.amazonaws.codegurusecurity#ScanState": { + "type": "enum", + "members": { + "IN_PROGRESS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "InProgress" + } + }, + "SUCCESSFUL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Successful" + } + }, + "FAILED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Failed" + } + } + } + }, + "com.amazonaws.codegurusecurity#ScanSummaries": { + "type": "list", + "member": { + "target": "com.amazonaws.codegurusecurity#ScanSummary" + } + }, + "com.amazonaws.codegurusecurity#ScanSummary": { + "type": "structure", + "members": { + "scanState": { + "target": "com.amazonaws.codegurusecurity#ScanState", + "traits": { + "smithy.api#documentation": "The state of the scan. A scan can be In Progress, \n Complete, or Failed.
The time when the scan was created.
", + "smithy.api#required": {} + } + }, + "updatedAt": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "The time the scan was last updated. A scan is updated when it is re-run.
" + } + }, + "scanName": { + "target": "com.amazonaws.codegurusecurity#ScanName", + "traits": { + "smithy.api#documentation": "The name of the scan.
", + "smithy.api#required": {} + } + }, + "runId": { + "target": "com.amazonaws.codegurusecurity#Uuid", + "traits": { + "smithy.api#documentation": "The identifier for the scan run.
", + "smithy.api#required": {} + } + }, + "scanNameArn": { + "target": "com.amazonaws.codegurusecurity#ScanNameArn", + "traits": { + "smithy.api#documentation": "The ARN for the scan name.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about a scan.
" + } + }, + "com.amazonaws.codegurusecurity#ScanType": { + "type": "enum", + "members": { + "STANDARD": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Standard" + } + }, + "EXPRESS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Express" + } + } + } + }, + "com.amazonaws.codegurusecurity#ScansWithMostOpenCriticalFindings": { + "type": "list", + "member": { + "target": "com.amazonaws.codegurusecurity#ScanNameWithFindingNum" + }, + "traits": { + "smithy.api#length": { + "max": 3 + } + } + }, + "com.amazonaws.codegurusecurity#ScansWithMostOpenFindings": { + "type": "list", + "member": { + "target": "com.amazonaws.codegurusecurity#ScanNameWithFindingNum" + }, + "traits": { + "smithy.api#length": { + "max": 3 + } + } + }, + "com.amazonaws.codegurusecurity#Severity": { + "type": "enum", + "members": { + "CRITICAL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Critical" + } + }, + "HIGH": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "High" + } + }, + "MEDIUM": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Medium" + } + }, + "LOW": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Low" + } + }, + "INFO": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Info" + } + } + } + }, + "com.amazonaws.codegurusecurity#Status": { + "type": "enum", + "members": { + "CLOSED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Closed" + } + }, + "OPEN": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Open" + } + }, + "ALL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "All" + } + } + } + }, + "com.amazonaws.codegurusecurity#SuggestedFix": { + "type": "structure", + "members": { + "description": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "A description of the suggested code fix and why it is being suggested.
" + } + }, + "code": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The suggested code to add to your file.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about the suggested code fix to remediate a finding.
" + } + }, + "com.amazonaws.codegurusecurity#SuggestedFixes": { + "type": "list", + "member": { + "target": "com.amazonaws.codegurusecurity#SuggestedFix" + } + }, + "com.amazonaws.codegurusecurity#TagKey": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 128 + } + } + }, + "com.amazonaws.codegurusecurity#TagKeyList": { + "type": "list", + "member": { + "target": "com.amazonaws.codegurusecurity#TagKey" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 200 + } + } + }, + "com.amazonaws.codegurusecurity#TagMap": { + "type": "map", + "key": { + "target": "com.amazonaws.codegurusecurity#TagKey" + }, + "value": { + "target": "com.amazonaws.codegurusecurity#TagValue" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 200 + } + } + }, + "com.amazonaws.codegurusecurity#TagResource": { + "type": "operation", + "input": { + "target": "com.amazonaws.codegurusecurity#TagResourceRequest" + }, + "output": { + "target": "com.amazonaws.codegurusecurity#TagResourceResponse" + }, + "errors": [ + { + "target": "com.amazonaws.codegurusecurity#AccessDeniedException" + }, + { + "target": "com.amazonaws.codegurusecurity#ConflictException" + }, + { + "target": "com.amazonaws.codegurusecurity#InternalServerException" + }, + { + "target": "com.amazonaws.codegurusecurity#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.codegurusecurity#ThrottlingException" + }, + { + "target": "com.amazonaws.codegurusecurity#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Use to add one or more tags to an existing scan.
", + "smithy.api#http": { + "method": "POST", + "uri": "/tags/{resourceArn}", + "code": 204 + } + } + }, + "com.amazonaws.codegurusecurity#TagResourceRequest": { + "type": "structure", + "members": { + "resourceArn": { + "target": "com.amazonaws.codegurusecurity#ScanNameArn", + "traits": { + "smithy.api#documentation": "The ARN of the ScanName object. You can retrieve this ARN by calling\n ListScans or GetScan.
An array of key-value pairs used to tag an existing scan. A tag is a custom attribute\n label with two parts:
\nA tag key. For example, CostCenter, Environment, or\n Secret. Tag keys are case sensitive.
An optional tag value field. For example, 111122223333,\n Production, or a team name. Omitting the tag value is the same as using an\n empty string. Tag values are case sensitive.
The identifier for the error.
", + "smithy.api#required": {} + } + }, + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Description of the error.
", + "smithy.api#required": {} + } + }, + "serviceCode": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The identifier for the originating service.
" + } + }, + "quotaCode": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The identifier for the originating quota.
" + } + } + }, + "traits": { + "smithy.api#documentation": "The request was denied due to request throttling.
", + "smithy.api#error": "client", + "smithy.api#httpError": 429, + "smithy.api#retryable": { + "throttling": true + } + } + }, + "com.amazonaws.codegurusecurity#UntagResource": { + "type": "operation", + "input": { + "target": "com.amazonaws.codegurusecurity#UntagResourceRequest" + }, + "output": { + "target": "com.amazonaws.codegurusecurity#UntagResourceResponse" + }, + "errors": [ + { + "target": "com.amazonaws.codegurusecurity#AccessDeniedException" + }, + { + "target": "com.amazonaws.codegurusecurity#ConflictException" + }, + { + "target": "com.amazonaws.codegurusecurity#InternalServerException" + }, + { + "target": "com.amazonaws.codegurusecurity#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.codegurusecurity#ThrottlingException" + }, + { + "target": "com.amazonaws.codegurusecurity#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Use to remove one or more tags from an existing scan.
", + "smithy.api#http": { + "method": "DELETE", + "uri": "/tags/{resourceArn}", + "code": 204 + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.codegurusecurity#UntagResourceRequest": { + "type": "structure", + "members": { + "resourceArn": { + "target": "com.amazonaws.codegurusecurity#ScanNameArn", + "traits": { + "smithy.api#documentation": "The ARN of the ScanName object. You can retrieve this ARN by calling\n ListScans or GetScan.
A list of keys for each tag you want to remove from a scan.
", + "smithy.api#httpQuery": "tagKeys", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.codegurusecurity#UntagResourceResponse": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.codegurusecurity#UpdateAccountConfiguration": { + "type": "operation", + "input": { + "target": "com.amazonaws.codegurusecurity#UpdateAccountConfigurationRequest" + }, + "output": { + "target": "com.amazonaws.codegurusecurity#UpdateAccountConfigurationResponse" + }, + "errors": [ + { + "target": "com.amazonaws.codegurusecurity#AccessDeniedException" + }, + { + "target": "com.amazonaws.codegurusecurity#InternalServerException" + }, + { + "target": "com.amazonaws.codegurusecurity#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.codegurusecurity#ThrottlingException" + }, + { + "target": "com.amazonaws.codegurusecurity#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Use to update account-level configuration with an encryption key.
", + "smithy.api#http": { + "code": 200, + "method": "PUT", + "uri": "/updateAccountConfiguration" + } + } + }, + "com.amazonaws.codegurusecurity#UpdateAccountConfigurationRequest": { + "type": "structure", + "members": { + "encryptionConfig": { + "target": "com.amazonaws.codegurusecurity#EncryptionConfig", + "traits": { + "smithy.api#documentation": "The KMS key ARN you want to use for encryption. Defaults to service-side encryption if missing.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.codegurusecurity#UpdateAccountConfigurationResponse": { + "type": "structure", + "members": { + "encryptionConfig": { + "target": "com.amazonaws.codegurusecurity#EncryptionConfig", + "traits": { + "smithy.api#documentation": "An EncryptionConfig object that contains the KMS key ARN to use for\n encryption.
The identifier for the error.
", + "smithy.api#required": {} + } + }, + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Description of the error.
", + "smithy.api#required": {} + } + }, + "reason": { + "target": "com.amazonaws.codegurusecurity#ValidationExceptionReason", + "traits": { + "smithy.api#documentation": "The reason the request failed validation.
", + "smithy.api#required": {} + } + }, + "fieldList": { + "target": "com.amazonaws.codegurusecurity#ValidationExceptionFieldList", + "traits": { + "smithy.api#documentation": "The field that caused the error, if applicable.
" + } + } + }, + "traits": { + "smithy.api#documentation": "The input fails to satisfy the specified constraints.
", + "smithy.api#error": "client", + "smithy.api#httpError": 400 + } + }, + "com.amazonaws.codegurusecurity#ValidationExceptionField": { + "type": "structure", + "members": { + "name": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The name of the exception.
", + "smithy.api#required": {} + } + }, + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Describes the exception.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Information about a validation exception.
" + } + }, + "com.amazonaws.codegurusecurity#ValidationExceptionFieldList": { + "type": "list", + "member": { + "target": "com.amazonaws.codegurusecurity#ValidationExceptionField" + } + }, + "com.amazonaws.codegurusecurity#ValidationExceptionReason": { + "type": "enum", + "members": { + "UNKNOWN_OPERATION": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "unknownOperation" + } + }, + "CANNOT_PARSE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "cannotParse" + } + }, + "FIELD_VALIDATION_FAILED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "fieldValidationFailed" + } + }, + "OTHER": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "other" + } + }, + "LAMBDA_CODE_SHA_MISMATCH": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "lambdaCodeShaMisMatch" + } + } + } + }, + "com.amazonaws.codegurusecurity#Vulnerability": { + "type": "structure", + "members": { + "referenceUrls": { + "target": "com.amazonaws.codegurusecurity#ReferenceUrls", + "traits": { + "smithy.api#documentation": "One or more URL addresses that contain details about a vulnerability.
" + } + }, + "relatedVulnerabilities": { + "target": "com.amazonaws.codegurusecurity#RelatedVulnerabilities", + "traits": { + "smithy.api#documentation": "One or more vulnerabilities that are related to the vulnerability being described.
" + } + }, + "id": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The identifier for the vulnerability.
" + } + }, + "filePath": { + "target": "com.amazonaws.codegurusecurity#FilePath", + "traits": { + "smithy.api#documentation": "An object that describes the location of the detected security vulnerability in your\n code.
" + } + }, + "itemCount": { + "target": "smithy.api#Integer", + "traits": { + "smithy.api#documentation": "The number of times the vulnerability appears in your code.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about a security vulnerability that Amazon CodeGuru Security detected.
" + } + } + } +} \ No newline at end of file diff --git a/codegen/sdk/aws-models/connect.json b/codegen/sdk/aws-models/connect.json index 87db86682ec..bcecafbbf24 100644 --- a/codegen/sdk/aws-models/connect.json +++ b/codegen/sdk/aws-models/connect.json @@ -961,9 +961,18 @@ { "target": "com.amazonaws.connect#SearchAvailablePhoneNumbers" }, + { + "target": "com.amazonaws.connect#SearchHoursOfOperations" + }, + { + "target": "com.amazonaws.connect#SearchPrompts" + }, { "target": "com.amazonaws.connect#SearchQueues" }, + { + "target": "com.amazonaws.connect#SearchQuickConnects" + }, { "target": "com.amazonaws.connect#SearchRoutingProfiles" }, @@ -13190,9 +13199,58 @@ "com.amazonaws.connect#HoursOfOperationId": { "type": "string" }, + "com.amazonaws.connect#HoursOfOperationList": { + "type": "list", + "member": { + "target": "com.amazonaws.connect#HoursOfOperation" + } + }, "com.amazonaws.connect#HoursOfOperationName": { "type": "string" }, + "com.amazonaws.connect#HoursOfOperationSearchConditionList": { + "type": "list", + "member": { + "target": "com.amazonaws.connect#HoursOfOperationSearchCriteria" + } + }, + "com.amazonaws.connect#HoursOfOperationSearchCriteria": { + "type": "structure", + "members": { + "OrConditions": { + "target": "com.amazonaws.connect#HoursOfOperationSearchConditionList", + "traits": { + "smithy.api#documentation": "A list of conditions which would be applied together with an OR condition.
" + } + }, + "AndConditions": { + "target": "com.amazonaws.connect#HoursOfOperationSearchConditionList", + "traits": { + "smithy.api#documentation": "A list of conditions which would be applied together with an AND condition.
" + } + }, + "StringCondition": { + "target": "com.amazonaws.connect#StringCondition", + "traits": { + "smithy.api#documentation": "A leaf node condition which can be used to specify a string condition.
\nThe currently supported values for FieldName are name, \n description, timezone, and resourceID.
The search criteria to be used to return hours of operations.
" + } + }, + "com.amazonaws.connect#HoursOfOperationSearchFilter": { + "type": "structure", + "members": { + "TagFilter": { + "target": "com.amazonaws.connect#ControlPlaneTagFilter" + } + }, + "traits": { + "smithy.api#documentation": "Filters to be applied to search results.
" + } + }, "com.amazonaws.connect#HoursOfOperationSummary": { "type": "structure", "members": { @@ -13330,6 +13388,12 @@ "traits": { "smithy.api#documentation": "Whether outbound calls are enabled.
" } + }, + "InstanceAccessUrl": { + "target": "com.amazonaws.connect#Url", + "traits": { + "smithy.api#documentation": "This URL allows contact center users to access Amazon Connect admin website.
" + } } }, "traits": { @@ -13579,6 +13643,12 @@ "traits": { "smithy.api#enumValue": "CONTACT_EVALUATIONS" } + }, + "SCREEN_RECORDINGS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SCREEN_RECORDINGS" + } } } }, @@ -13638,6 +13708,12 @@ "traits": { "smithy.api#documentation": "Whether outbound calls are enabled.
" } + }, + "InstanceAccessUrl": { + "target": "com.amazonaws.connect#Url", + "traits": { + "smithy.api#documentation": "This URL allows contact center users to access Amazon Connect admin website.
" + } } }, "traits": { @@ -19963,7 +20039,7 @@ "Description": { "target": "com.amazonaws.connect#PromptDescription", "traits": { - "smithy.api#documentation": "A description for the prompt.
" + "smithy.api#documentation": "The description of the prompt.
" } }, "Tags": { @@ -19995,6 +20071,12 @@ } } }, + "com.amazonaws.connect#PromptList": { + "type": "list", + "member": { + "target": "com.amazonaws.connect#Prompt" + } + }, "com.amazonaws.connect#PromptName": { "type": "string", "traits": { @@ -20013,6 +20095,49 @@ } } }, + "com.amazonaws.connect#PromptSearchConditionList": { + "type": "list", + "member": { + "target": "com.amazonaws.connect#PromptSearchCriteria" + } + }, + "com.amazonaws.connect#PromptSearchCriteria": { + "type": "structure", + "members": { + "OrConditions": { + "target": "com.amazonaws.connect#PromptSearchConditionList", + "traits": { + "smithy.api#documentation": "A list of conditions which would be applied together with an OR condition.
" + } + }, + "AndConditions": { + "target": "com.amazonaws.connect#PromptSearchConditionList", + "traits": { + "smithy.api#documentation": "A list of conditions which would be applied together with an AND condition.
" + } + }, + "StringCondition": { + "target": "com.amazonaws.connect#StringCondition", + "traits": { + "smithy.api#documentation": "A leaf node condition which can be used to specify a string condition.
\nThe currently supported values for FieldName are name, \n description, and resourceID.
The search criteria to be used to return prompts.
" + } + }, + "com.amazonaws.connect#PromptSearchFilter": { + "type": "structure", + "members": { + "TagFilter": { + "target": "com.amazonaws.connect#ControlPlaneTagFilter" + } + }, + "traits": { + "smithy.api#documentation": "Filters to be applied to search results.
" + } + }, "com.amazonaws.connect#PromptSummary": { "type": "structure", "members": { @@ -20392,7 +20517,10 @@ } }, "StringCondition": { - "target": "com.amazonaws.connect#StringCondition" + "target": "com.amazonaws.connect#StringCondition", + "traits": { + "smithy.api#documentation": "A leaf node condition which can be used to specify a string condition.
\nThe currently supported values for FieldName are name, \n description, and resourceID.
A list of conditions which would be applied together with an OR condition.
" + } + }, + "AndConditions": { + "target": "com.amazonaws.connect#QuickConnectSearchConditionList", + "traits": { + "smithy.api#documentation": "A list of conditions which would be applied together with an AND condition.
" + } + }, + "StringCondition": { + "target": "com.amazonaws.connect#StringCondition", + "traits": { + "smithy.api#documentation": "A leaf node condition which can be used to specify a string condition.
\nThe currently supported values for FieldName are name, \n description, and resourceID.
The search criteria to be used to return quick connects.
" + } + }, + "com.amazonaws.connect#QuickConnectSearchFilter": { + "type": "structure", + "members": { + "TagFilter": { + "target": "com.amazonaws.connect#ControlPlaneTagFilter" + } + }, + "traits": { + "smithy.api#documentation": "Filters to be applied to search results.
" + } + }, + "com.amazonaws.connect#QuickConnectSearchSummaryList": { + "type": "list", + "member": { + "target": "com.amazonaws.connect#QuickConnect" + } + }, "com.amazonaws.connect#QuickConnectSummary": { "type": "structure", "members": { @@ -21243,7 +21420,7 @@ } ], "traits": { - "smithy.api#documentation": "When a contact is being recorded, and the recording has been suspended using\n SuspendContactRecording, this API resumes recording the call.
\nOnly voice recordings are supported at this time.
", + "smithy.api#documentation": "When a contact is being recorded, and the recording has been suspended using \n SuspendContactRecording, this API resumes recording the call or screen.
\nVoice and screen recordings are supported.
", "smithy.api#http": { "method": "POST", "uri": "/contact/resume-recording", @@ -21553,7 +21730,10 @@ } }, "StringCondition": { - "target": "com.amazonaws.connect#StringCondition" + "target": "com.amazonaws.connect#StringCondition", + "traits": { + "smithy.api#documentation": "A leaf node condition which can be used to specify a string condition.
\nThe currently supported values for FieldName are name, \n description, and resourceID.
Searches the hours of operation in an Amazon Connect instance, with optional filtering.
", + "smithy.api#http": { + "method": "POST", + "uri": "/search-hours-of-operations", + "code": 200 + }, + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "items": "HoursOfOperations", + "pageSize": "MaxResults" + } + } + }, + "com.amazonaws.connect#SearchHoursOfOperationsRequest": { + "type": "structure", + "members": { + "InstanceId": { + "target": "com.amazonaws.connect#InstanceId", + "traits": { + "smithy.api#documentation": "The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.
", + "smithy.api#required": {} + } + }, + "NextToken": { + "target": "com.amazonaws.connect#NextToken2500", + "traits": { + "smithy.api#documentation": "The token for the next set of results. Use the value returned in the previous \nresponse in the next request to retrieve the next set of results.
" + } + }, + "MaxResults": { + "target": "com.amazonaws.connect#MaxResult100", + "traits": { + "smithy.api#default": null, + "smithy.api#documentation": "The maximum number of results to return per page.
" + } + }, + "SearchFilter": { + "target": "com.amazonaws.connect#HoursOfOperationSearchFilter", + "traits": { + "smithy.api#documentation": "Filters to be applied to search results.
" + } + }, + "SearchCriteria": { + "target": "com.amazonaws.connect#HoursOfOperationSearchCriteria", + "traits": { + "smithy.api#documentation": "The search criteria to be used to return hours of operations.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.connect#SearchHoursOfOperationsResponse": { + "type": "structure", + "members": { + "HoursOfOperations": { + "target": "com.amazonaws.connect#HoursOfOperationList", + "traits": { + "smithy.api#documentation": "Information about the hours of operations.
" + } + }, + "NextToken": { + "target": "com.amazonaws.connect#NextToken2500", + "traits": { + "smithy.api#documentation": "If there are additional results, this is the token for the next set of results.
" + } + }, + "ApproximateTotalCount": { + "target": "com.amazonaws.connect#ApproximateTotalCount", + "traits": { + "smithy.api#documentation": "The total number of hours of operations which matched your search query.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.connect#SearchPrompts": { + "type": "operation", + "input": { + "target": "com.amazonaws.connect#SearchPromptsRequest" + }, + "output": { + "target": "com.amazonaws.connect#SearchPromptsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.connect#InternalServiceException" + }, + { + "target": "com.amazonaws.connect#InvalidParameterException" + }, + { + "target": "com.amazonaws.connect#InvalidRequestException" + }, + { + "target": "com.amazonaws.connect#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.connect#ThrottlingException" + } + ], + "traits": { + "smithy.api#documentation": "Searches prompts in an Amazon Connect instance, with optional filtering.
", + "smithy.api#http": { + "method": "POST", + "uri": "/search-prompts", + "code": 200 + }, + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "items": "Prompts", + "pageSize": "MaxResults" + } + } + }, + "com.amazonaws.connect#SearchPromptsRequest": { + "type": "structure", + "members": { + "InstanceId": { + "target": "com.amazonaws.connect#InstanceId", + "traits": { + "smithy.api#documentation": "The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.
", + "smithy.api#required": {} + } + }, + "NextToken": { + "target": "com.amazonaws.connect#NextToken2500", + "traits": { + "smithy.api#documentation": "The token for the next set of results. Use the value returned in the previous \nresponse in the next request to retrieve the next set of results.
" + } + }, + "MaxResults": { + "target": "com.amazonaws.connect#MaxResult100", + "traits": { + "smithy.api#default": null, + "smithy.api#documentation": "The maximum number of results to return per page.
" + } + }, + "SearchFilter": { + "target": "com.amazonaws.connect#PromptSearchFilter", + "traits": { + "smithy.api#documentation": "Filters to be applied to search results.
" + } + }, + "SearchCriteria": { + "target": "com.amazonaws.connect#PromptSearchCriteria", + "traits": { + "smithy.api#documentation": "The search criteria to be used to return prompts.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.connect#SearchPromptsResponse": { + "type": "structure", + "members": { + "Prompts": { + "target": "com.amazonaws.connect#PromptList", + "traits": { + "smithy.api#documentation": "Information about the prompts.
" + } + }, + "NextToken": { + "target": "com.amazonaws.connect#NextToken2500", + "traits": { + "smithy.api#documentation": "If there are additional results, this is the token for the next set of results.
" + } + }, + "ApproximateTotalCount": { + "target": "com.amazonaws.connect#ApproximateTotalCount", + "traits": { + "smithy.api#documentation": "The total number of quick connects which matched your search query.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.connect#SearchQueues": { "type": "operation", "input": { @@ -22123,6 +22515,112 @@ "smithy.api#output": {} } }, + "com.amazonaws.connect#SearchQuickConnects": { + "type": "operation", + "input": { + "target": "com.amazonaws.connect#SearchQuickConnectsRequest" + }, + "output": { + "target": "com.amazonaws.connect#SearchQuickConnectsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.connect#InternalServiceException" + }, + { + "target": "com.amazonaws.connect#InvalidParameterException" + }, + { + "target": "com.amazonaws.connect#InvalidRequestException" + }, + { + "target": "com.amazonaws.connect#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.connect#ThrottlingException" + } + ], + "traits": { + "smithy.api#documentation": "Searches quick connects in an Amazon Connect instance, with optional filtering.
", + "smithy.api#http": { + "method": "POST", + "uri": "/search-quick-connects", + "code": 200 + }, + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "items": "QuickConnects", + "pageSize": "MaxResults" + } + } + }, + "com.amazonaws.connect#SearchQuickConnectsRequest": { + "type": "structure", + "members": { + "InstanceId": { + "target": "com.amazonaws.connect#InstanceId", + "traits": { + "smithy.api#documentation": "The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.
", + "smithy.api#required": {} + } + }, + "NextToken": { + "target": "com.amazonaws.connect#NextToken2500", + "traits": { + "smithy.api#documentation": "The token for the next set of results. Use the value returned in the previous \nresponse in the next request to retrieve the next set of results.
" + } + }, + "MaxResults": { + "target": "com.amazonaws.connect#MaxResult100", + "traits": { + "smithy.api#default": null, + "smithy.api#documentation": "The maximum number of results to return per page.
" + } + }, + "SearchFilter": { + "target": "com.amazonaws.connect#QuickConnectSearchFilter", + "traits": { + "smithy.api#documentation": "Filters to be applied to search results.
" + } + }, + "SearchCriteria": { + "target": "com.amazonaws.connect#QuickConnectSearchCriteria", + "traits": { + "smithy.api#documentation": "The search criteria to be used to return quick connects.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.connect#SearchQuickConnectsResponse": { + "type": "structure", + "members": { + "QuickConnects": { + "target": "com.amazonaws.connect#QuickConnectSearchSummaryList", + "traits": { + "smithy.api#documentation": "Information about the quick connects.
" + } + }, + "NextToken": { + "target": "com.amazonaws.connect#NextToken2500", + "traits": { + "smithy.api#documentation": "If there are additional results, this is the token for the next set of results.
" + } + }, + "ApproximateTotalCount": { + "target": "com.amazonaws.connect#ApproximateTotalCount", + "traits": { + "smithy.api#documentation": "The total number of quick connects which matched your search query.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.connect#SearchRoutingProfiles": { "type": "operation", "input": { @@ -23944,7 +24442,7 @@ } }, "traits": { - "smithy.api#documentation": "A leaf node condition which can be used to specify a string condition.
\nThe currently supported value for FieldName: name\n
A leaf node condition which can be used to specify a string condition.
" } }, "com.amazonaws.connect#StringReference": { @@ -24103,7 +24601,7 @@ } ], "traits": { - "smithy.api#documentation": "When a contact is being recorded, this API suspends recording the call. For example, you\n might suspend the call recording while collecting sensitive information, such as a credit card\n number. Then use ResumeContactRecording to restart recording.
\nThe period of time that the recording is suspended is filled with silence in the final\n recording.
\nOnly voice recordings are supported at this time.
", + "smithy.api#documentation": "When a contact is being recorded, this API suspends recording the call or screen. For \n example, you might suspend the call or screen recording while collecting sensitive \n information, such as a credit card number. Then use ResumeContactRecording to restart recording.
\nThe period of time that the recording is suspended is filled with silence in the final recording.
\nVoice and screen recordings are supported.
", "smithy.api#http": { "method": "POST", "uri": "/contact/suspend-recording", @@ -28712,7 +29210,7 @@ "StringCondition": { "target": "com.amazonaws.connect#StringCondition", "traits": { - "smithy.api#documentation": "A leaf node condition which can be used to specify a string condition.
" + "smithy.api#documentation": "A leaf node condition which can be used to specify a string condition.
\nThe currently supported values for FieldName are name, \n description, and resourceID.
Associate a Source Network to an existing CloudFormation Stack and modify launch templates to use this network. Can be used for reverting to previously deployed CloudFormation stacks.
", + "smithy.api#http": { + "uri": "/AssociateSourceNetworkStack", + "method": "POST", + "code": 202 + } + } + }, + "com.amazonaws.drs#AssociateSourceNetworkStackRequest": { + "type": "structure", + "members": { + "sourceNetworkID": { + "target": "com.amazonaws.drs#SourceNetworkID", + "traits": { + "smithy.api#documentation": "The Source Network ID to associate with CloudFormation template.
", + "smithy.api#required": {} + } + }, + "cfnStackName": { + "target": "com.amazonaws.drs#CfnStackName", + "traits": { + "smithy.api#documentation": "CloudFormation template to associate with a Source Network.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.drs#AssociateSourceNetworkStackResponse": { + "type": "structure", + "members": { + "job": { + "target": "com.amazonaws.drs#Job", + "traits": { + "smithy.api#documentation": "The Source Network association Job.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.drs#AwsAvailabilityZone": { "type": "string", "traits": { @@ -136,6 +224,17 @@ "smithy.api#documentation": "Information about a server's CPU.
" } }, + "com.amazonaws.drs#CfnStackName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 128 + }, + "smithy.api#pattern": "^[a-zA-Z][-a-zA-Z0-9]*$", + "smithy.api#sensitive": {} + } + }, "com.amazonaws.drs#ConflictException": { "type": "structure", "members": { @@ -367,6 +466,12 @@ "traits": { "smithy.api#documentation": "Licensing.
" } + }, + "exportBucketArn": { + "target": "com.amazonaws.drs#ARN", + "traits": { + "smithy.api#documentation": "S3 bucket ARN to export Source Network templates.
" + } } } }, @@ -526,6 +631,99 @@ } } }, + "com.amazonaws.drs#CreateSourceNetwork": { + "type": "operation", + "input": { + "target": "com.amazonaws.drs#CreateSourceNetworkRequest" + }, + "output": { + "target": "com.amazonaws.drs#CreateSourceNetworkResponse" + }, + "errors": [ + { + "target": "com.amazonaws.drs#ConflictException" + }, + { + "target": "com.amazonaws.drs#InternalServerException" + }, + { + "target": "com.amazonaws.drs#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.drs#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.drs#ThrottlingException" + }, + { + "target": "com.amazonaws.drs#UninitializedAccountException" + }, + { + "target": "com.amazonaws.drs#ValidationException" + } + ], + "traits": { + "aws.iam#requiredActions": [ + "ec2:DescribeVpcs", + "ec2:DescribeInstances" + ], + "smithy.api#documentation": "Create a new Source Network resource for a provided VPC ID.
", + "smithy.api#http": { + "uri": "/CreateSourceNetwork", + "method": "POST", + "code": 201 + } + } + }, + "com.amazonaws.drs#CreateSourceNetworkRequest": { + "type": "structure", + "members": { + "vpcID": { + "target": "com.amazonaws.drs#VpcID", + "traits": { + "smithy.api#documentation": "Which VPC ID to protect.
", + "smithy.api#required": {} + } + }, + "originAccountID": { + "target": "com.amazonaws.drs#AccountID", + "traits": { + "smithy.api#documentation": "Account containing the VPC to protect.
", + "smithy.api#required": {} + } + }, + "originRegion": { + "target": "com.amazonaws.drs#AwsRegion", + "traits": { + "smithy.api#documentation": "Region containing the VPC to protect.
", + "smithy.api#required": {} + } + }, + "tags": { + "target": "com.amazonaws.drs#TagsMap", + "traits": { + "smithy.api#documentation": "A set of tags to be associated with the Source Network resource.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.drs#CreateSourceNetworkResponse": { + "type": "structure", + "members": { + "sourceNetworkID": { + "target": "com.amazonaws.drs#SourceNetworkID", + "traits": { + "smithy.api#documentation": "ID of the created Source Network.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.drs#DataReplicationError": { "type": "structure", "members": { @@ -1089,6 +1287,63 @@ "type": "structure", "members": {} }, + "com.amazonaws.drs#DeleteSourceNetwork": { + "type": "operation", + "input": { + "target": "com.amazonaws.drs#DeleteSourceNetworkRequest" + }, + "output": { + "target": "com.amazonaws.drs#DeleteSourceNetworkResponse" + }, + "errors": [ + { + "target": "com.amazonaws.drs#ConflictException" + }, + { + "target": "com.amazonaws.drs#InternalServerException" + }, + { + "target": "com.amazonaws.drs#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.drs#ThrottlingException" + }, + { + "target": "com.amazonaws.drs#UninitializedAccountException" + } + ], + "traits": { + "smithy.api#documentation": "Delete Source Network resource.
", + "smithy.api#http": { + "uri": "/DeleteSourceNetwork", + "method": "POST", + "code": 204 + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.drs#DeleteSourceNetworkRequest": { + "type": "structure", + "members": { + "sourceNetworkID": { + "target": "com.amazonaws.drs#SourceNetworkID", + "traits": { + "smithy.api#documentation": "ID of the Source Network to delete.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.drs#DeleteSourceNetworkResponse": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.drs#DeleteSourceServer": { "type": "operation", "input": { @@ -1725,13 +1980,13 @@ } } }, - "com.amazonaws.drs#DescribeSourceServers": { + "com.amazonaws.drs#DescribeSourceNetworks": { "type": "operation", "input": { - "target": "com.amazonaws.drs#DescribeSourceServersRequest" + "target": "com.amazonaws.drs#DescribeSourceNetworksRequest" }, "output": { - "target": "com.amazonaws.drs#DescribeSourceServersResponse" + "target": "com.amazonaws.drs#DescribeSourceNetworksResponse" }, "errors": [ { @@ -1748,9 +2003,9 @@ } ], "traits": { - "smithy.api#documentation": "Lists all Source Servers or multiple Source Servers filtered by ID.
", + "smithy.api#documentation": "Lists all Source Networks or multiple Source Networks filtered by ID.
", "smithy.api#http": { - "uri": "/DescribeSourceServers", + "uri": "/DescribeSourceNetworks", "method": "POST", "code": 200 }, @@ -1763,117 +2018,240 @@ "smithy.api#readonly": {} } }, - "com.amazonaws.drs#DescribeSourceServersRequest": { + "com.amazonaws.drs#DescribeSourceNetworksRequest": { "type": "structure", "members": { "filters": { - "target": "com.amazonaws.drs#DescribeSourceServersRequestFilters", + "target": "com.amazonaws.drs#DescribeSourceNetworksRequestFilters", "traits": { - "smithy.api#documentation": "A set of filters by which to return Source Servers.
" + "smithy.api#documentation": "A set of filters by which to return Source Networks.
" } }, "maxResults": { "target": "com.amazonaws.drs#StrictlyPositiveInteger", "traits": { "smithy.api#default": 0, - "smithy.api#documentation": "Maximum number of Source Servers to retrieve.
" + "smithy.api#documentation": "Maximum number of Source Networks to retrieve.
" } }, "nextToken": { "target": "com.amazonaws.drs#PaginationToken", "traits": { - "smithy.api#documentation": "The token of the next Source Server to retrieve.
" + "smithy.api#documentation": "The token of the next Source Networks to retrieve.
" } } + }, + "traits": { + "smithy.api#input": {} } }, - "com.amazonaws.drs#DescribeSourceServersRequestFilters": { + "com.amazonaws.drs#DescribeSourceNetworksRequestFilters": { "type": "structure", "members": { - "sourceServerIDs": { - "target": "com.amazonaws.drs#DescribeSourceServersRequestFiltersIDs", + "sourceNetworkIDs": { + "target": "com.amazonaws.drs#DescribeSourceNetworksRequestFiltersIDs", "traits": { - "smithy.api#documentation": "An array of Source Servers IDs that should be returned. An empty array means all Source Servers.
" + "smithy.api#documentation": "An array of Source Network IDs that should be returned. An empty array means all Source Networks.
" } }, - "hardwareId": { - "target": "com.amazonaws.drs#BoundedString", + "originAccountID": { + "target": "com.amazonaws.drs#AccountID", "traits": { - "smithy.api#documentation": "An ID that describes the hardware of the Source Server. This is either an EC2 instance id, a VMware uuid or a mac address.
" + "smithy.api#documentation": "Filter Source Networks by account ID containing the protected VPCs.
" } }, - "stagingAccountIDs": { - "target": "com.amazonaws.drs#AccountIDs", + "originRegion": { + "target": "com.amazonaws.drs#AwsRegion", "traits": { - "smithy.api#documentation": "An array of staging account IDs that extended source servers belong to. An empty array means all source servers will be shown.
" + "smithy.api#documentation": "Filter Source Networks by the region containing the protected VPCs.
" } } }, "traits": { - "smithy.api#documentation": "A set of filters by which to return Source Servers.
" + "smithy.api#documentation": "A set of filters by which to return Source Networks.
" } }, - "com.amazonaws.drs#DescribeSourceServersRequestFiltersIDs": { + "com.amazonaws.drs#DescribeSourceNetworksRequestFiltersIDs": { "type": "list", "member": { - "target": "com.amazonaws.drs#SourceServerID" + "target": "com.amazonaws.drs#SourceNetworkID" }, "traits": { "smithy.api#length": { "min": 0, - "max": 200 + "max": 100 } } }, - "com.amazonaws.drs#DescribeSourceServersResponse": { + "com.amazonaws.drs#DescribeSourceNetworksResponse": { "type": "structure", "members": { "items": { - "target": "com.amazonaws.drs#SourceServersList", + "target": "com.amazonaws.drs#SourceNetworksList", "traits": { - "smithy.api#documentation": "An array of Source Servers.
" + "smithy.api#documentation": "An array of Source Networks.
" } }, "nextToken": { "target": "com.amazonaws.drs#PaginationToken", "traits": { - "smithy.api#documentation": "The token of the next Source Server to retrieve.
" + "smithy.api#documentation": "The token of the next Source Networks to retrieve.
" } } + }, + "traits": { + "smithy.api#output": {} } }, - "com.amazonaws.drs#DisconnectRecoveryInstance": { + "com.amazonaws.drs#DescribeSourceServers": { "type": "operation", "input": { - "target": "com.amazonaws.drs#DisconnectRecoveryInstanceRequest" + "target": "com.amazonaws.drs#DescribeSourceServersRequest" }, "output": { - "target": "smithy.api#Unit" + "target": "com.amazonaws.drs#DescribeSourceServersResponse" }, "errors": [ - { - "target": "com.amazonaws.drs#AccessDeniedException" - }, - { - "target": "com.amazonaws.drs#ConflictException" - }, { "target": "com.amazonaws.drs#InternalServerException" }, - { - "target": "com.amazonaws.drs#ResourceNotFoundException" - }, { "target": "com.amazonaws.drs#ThrottlingException" }, { "target": "com.amazonaws.drs#UninitializedAccountException" + }, + { + "target": "com.amazonaws.drs#ValidationException" } ], "traits": { - "smithy.api#documentation": "Disconnect a Recovery Instance from Elastic Disaster Recovery. Data replication is stopped immediately. All AWS resources created by Elastic Disaster Recovery for enabling the replication of the Recovery Instance will be terminated / deleted within 90 minutes. If the agent on the Recovery Instance has not been prevented from communicating with the Elastic Disaster Recovery service, then it will receive a command to uninstall itself (within approximately 10 minutes). The following properties of the Recovery Instance will be changed immediately: dataReplicationInfo.dataReplicationState will be set to DISCONNECTED; The totalStorageBytes property for each of dataReplicationInfo.replicatedDisks will be set to zero; dataReplicationInfo.lagDuration and dataReplicationInfo.lagDuration will be nullified.
", + "smithy.api#documentation": "Lists all Source Servers or multiple Source Servers filtered by ID.
", "smithy.api#http": { - "uri": "/DisconnectRecoveryInstance", + "uri": "/DescribeSourceServers", + "method": "POST", + "code": 200 + }, + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "pageSize": "maxResults", + "items": "items" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.drs#DescribeSourceServersRequest": { + "type": "structure", + "members": { + "filters": { + "target": "com.amazonaws.drs#DescribeSourceServersRequestFilters", + "traits": { + "smithy.api#documentation": "A set of filters by which to return Source Servers.
" + } + }, + "maxResults": { + "target": "com.amazonaws.drs#StrictlyPositiveInteger", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "Maximum number of Source Servers to retrieve.
" + } + }, + "nextToken": { + "target": "com.amazonaws.drs#PaginationToken", + "traits": { + "smithy.api#documentation": "The token of the next Source Server to retrieve.
" + } + } + } + }, + "com.amazonaws.drs#DescribeSourceServersRequestFilters": { + "type": "structure", + "members": { + "sourceServerIDs": { + "target": "com.amazonaws.drs#DescribeSourceServersRequestFiltersIDs", + "traits": { + "smithy.api#documentation": "An array of Source Servers IDs that should be returned. An empty array means all Source Servers.
" + } + }, + "hardwareId": { + "target": "com.amazonaws.drs#BoundedString", + "traits": { + "smithy.api#documentation": "An ID that describes the hardware of the Source Server. This is either an EC2 instance id, a VMware uuid or a mac address.
" + } + }, + "stagingAccountIDs": { + "target": "com.amazonaws.drs#AccountIDs", + "traits": { + "smithy.api#documentation": "An array of staging account IDs that extended source servers belong to. An empty array means all source servers will be shown.
" + } + } + }, + "traits": { + "smithy.api#documentation": "A set of filters by which to return Source Servers.
" + } + }, + "com.amazonaws.drs#DescribeSourceServersRequestFiltersIDs": { + "type": "list", + "member": { + "target": "com.amazonaws.drs#SourceServerID" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 200 + } + } + }, + "com.amazonaws.drs#DescribeSourceServersResponse": { + "type": "structure", + "members": { + "items": { + "target": "com.amazonaws.drs#SourceServersList", + "traits": { + "smithy.api#documentation": "An array of Source Servers.
" + } + }, + "nextToken": { + "target": "com.amazonaws.drs#PaginationToken", + "traits": { + "smithy.api#documentation": "The token of the next Source Server to retrieve.
" + } + } + } + }, + "com.amazonaws.drs#DisconnectRecoveryInstance": { + "type": "operation", + "input": { + "target": "com.amazonaws.drs#DisconnectRecoveryInstanceRequest" + }, + "output": { + "target": "smithy.api#Unit" + }, + "errors": [ + { + "target": "com.amazonaws.drs#AccessDeniedException" + }, + { + "target": "com.amazonaws.drs#ConflictException" + }, + { + "target": "com.amazonaws.drs#InternalServerException" + }, + { + "target": "com.amazonaws.drs#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.drs#ThrottlingException" + }, + { + "target": "com.amazonaws.drs#UninitializedAccountException" + } + ], + "traits": { + "smithy.api#documentation": "Disconnect a Recovery Instance from Elastic Disaster Recovery. Data replication is stopped immediately. All AWS resources created by Elastic Disaster Recovery for enabling the replication of the Recovery Instance will be terminated / deleted within 90 minutes. If the agent on the Recovery Instance has not been prevented from communicating with the Elastic Disaster Recovery service, then it will receive a command to uninstall itself (within approximately 10 minutes). The following properties of the Recovery Instance will be changed immediately: dataReplicationInfo.dataReplicationState will be set to DISCONNECTED; The totalStorageBytes property for each of dataReplicationInfo.replicatedDisks will be set to zero; dataReplicationInfo.lagDuration and dataReplicationInfo.lagDuration will be nullified.
", + "smithy.api#http": { + "uri": "/DisconnectRecoveryInstance", "method": "POST", "code": 200 } @@ -2088,6 +2466,9 @@ { "target": "com.amazonaws.drs#ReplicationConfigurationTemplateResource" }, + { + "target": "com.amazonaws.drs#SourceNetworkResource" + }, { "target": "com.amazonaws.drs#SourceServerResource" } @@ -3051,6 +3432,91 @@ } } }, + "com.amazonaws.drs#EventResourceData": { + "type": "union", + "members": { + "sourceNetworkData": { + "target": "com.amazonaws.drs#SourceNetworkData", + "traits": { + "smithy.api#documentation": "Source Network properties.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Properties of resource related to a job event.
" + } + }, + "com.amazonaws.drs#ExportSourceNetworkCfnTemplate": { + "type": "operation", + "input": { + "target": "com.amazonaws.drs#ExportSourceNetworkCfnTemplateRequest" + }, + "output": { + "target": "com.amazonaws.drs#ExportSourceNetworkCfnTemplateResponse" + }, + "errors": [ + { + "target": "com.amazonaws.drs#ConflictException" + }, + { + "target": "com.amazonaws.drs#InternalServerException" + }, + { + "target": "com.amazonaws.drs#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.drs#ThrottlingException" + }, + { + "target": "com.amazonaws.drs#UninitializedAccountException" + }, + { + "target": "com.amazonaws.drs#ValidationException" + } + ], + "traits": { + "aws.iam#requiredActions": [ + "s3:GetBucketLocation", + "s3:PutObject", + "s3:GetObject" + ], + "smithy.api#documentation": "Export the Source Network CloudFormation template to an S3 bucket.
", + "smithy.api#http": { + "uri": "/ExportSourceNetworkCfnTemplate", + "method": "POST", + "code": 200 + } + } + }, + "com.amazonaws.drs#ExportSourceNetworkCfnTemplateRequest": { + "type": "structure", + "members": { + "sourceNetworkID": { + "target": "com.amazonaws.drs#SourceNetworkID", + "traits": { + "smithy.api#documentation": "The Source Network ID to export its CloudFormation template to an S3 bucket.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.drs#ExportSourceNetworkCfnTemplateResponse": { + "type": "structure", + "members": { + "s3DestinationUrl": { + "target": "com.amazonaws.drs#LargeBoundedString", + "traits": { + "smithy.api#documentation": "S3 bucket URL where the Source Network CloudFormation template was exported to.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.drs#ExtensionStatus": { "type": "string", "traits": { @@ -3506,6 +3972,18 @@ { "value": "TARGET_ACCOUNT", "name": "TARGET_ACCOUNT" + }, + { + "value": "CREATE_NETWORK_RECOVERY", + "name": "CREATE_NETWORK_RECOVERY" + }, + { + "value": "UPDATE_NETWORK_RECOVERY", + "name": "UPDATE_NETWORK_RECOVERY" + }, + { + "value": "ASSOCIATE_NETWORK_RECOVERY", + "name": "ASSOCIATE_NETWORK_RECOVERY" } ] } @@ -3591,6 +4069,12 @@ "traits": { "smithy.api#documentation": "A list of tags associated with the Job.
" } + }, + "participatingResources": { + "target": "com.amazonaws.drs#ParticipatingResources", + "traits": { + "smithy.api#documentation": "A list of resources that the Job is acting upon.
" + } } }, "traits": { @@ -3704,6 +4188,46 @@ { "name": "JOB_END", "value": "JOB_END" + }, + { + "name": "DEPLOY_NETWORK_CONFIGURATION_START", + "value": "DEPLOY_NETWORK_CONFIGURATION_START" + }, + { + "name": "DEPLOY_NETWORK_CONFIGURATION_END", + "value": "DEPLOY_NETWORK_CONFIGURATION_END" + }, + { + "name": "DEPLOY_NETWORK_CONFIGURATION_FAILED", + "value": "DEPLOY_NETWORK_CONFIGURATION_FAILED" + }, + { + "name": "UPDATE_NETWORK_CONFIGURATION_START", + "value": "UPDATE_NETWORK_CONFIGURATION_START" + }, + { + "name": "UPDATE_NETWORK_CONFIGURATION_END", + "value": "UPDATE_NETWORK_CONFIGURATION_END" + }, + { + "name": "UPDATE_NETWORK_CONFIGURATION_FAILED", + "value": "UPDATE_NETWORK_CONFIGURATION_FAILED" + }, + { + "name": "UPDATE_LAUNCH_TEMPLATE_START", + "value": "UPDATE_LAUNCH_TEMPLATE_START" + }, + { + "name": "UPDATE_LAUNCH_TEMPLATE_END", + "value": "UPDATE_LAUNCH_TEMPLATE_END" + }, + { + "name": "UPDATE_LAUNCH_TEMPLATE_FAILED", + "value": "UPDATE_LAUNCH_TEMPLATE_FAILED" + }, + { + "name": "NETWORK_RECOVERY_FAIL", + "value": "NETWORK_RECOVERY_FAIL" } ] } @@ -3740,6 +4264,12 @@ "traits": { "smithy.api#documentation": "Properties of a conversion job
" } + }, + "eventResourceData": { + "target": "com.amazonaws.drs#EventResourceData", + "traits": { + "smithy.api#documentation": "Properties of resource related to a job event.
" + } } }, "traits": { @@ -3974,6 +4504,12 @@ "traits": { "smithy.api#documentation": "Licensing.
" } + }, + "exportBucketArn": { + "target": "com.amazonaws.drs#ARN", + "traits": { + "smithy.api#documentation": "S3 bucket ARN to export Source Network templates.
" + } } }, "traits": { @@ -4572,6 +5108,46 @@ } } }, + "com.amazonaws.drs#ParticipatingResource": { + "type": "structure", + "members": { + "participatingResourceID": { + "target": "com.amazonaws.drs#ParticipatingResourceID", + "traits": { + "smithy.api#documentation": "The ID of a participating resource.
" + } + }, + "launchStatus": { + "target": "com.amazonaws.drs#LaunchStatus", + "traits": { + "smithy.api#documentation": "The launch status of a participating resource.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Represents a resource participating in an asynchronous Job.
" + } + }, + "com.amazonaws.drs#ParticipatingResourceID": { + "type": "union", + "members": { + "sourceNetworkID": { + "target": "com.amazonaws.drs#SourceNetworkID", + "traits": { + "smithy.api#documentation": "Source Network ID.
" + } + } + }, + "traits": { + "smithy.api#documentation": "ID of a resource participating in an asynchronous Job.
" + } + }, + "com.amazonaws.drs#ParticipatingResources": { + "type": "list", + "member": { + "target": "com.amazonaws.drs#ParticipatingResource" + } + }, "com.amazonaws.drs#ParticipatingServer": { "type": "structure", "members": { @@ -5277,17 +5853,79 @@ } } }, - "com.amazonaws.drs#RecoverySnapshot": { + "com.amazonaws.drs#RecoveryLifeCycle": { "type": "structure", "members": { - "snapshotID": { - "target": "com.amazonaws.drs#RecoverySnapshotID", + "apiCallDateTime": { + "target": "smithy.api#Timestamp", "traits": { - "smithy.api#documentation": "The ID of the Recovery Snapshot.
", - "smithy.api#required": {} + "smithy.api#documentation": "The date and time the last Source Network recovery was initiated.
", + "smithy.api#timestampFormat": "date-time" } }, - "sourceServerID": { + "jobID": { + "target": "com.amazonaws.drs#JobID", + "traits": { + "smithy.api#documentation": "The ID of the Job that was used to last recover the Source Network.
" + } + }, + "lastRecoveryResult": { + "target": "com.amazonaws.drs#RecoveryResult", + "traits": { + "smithy.api#documentation": "The status of the last recovery status of this Source Network.
" + } + } + }, + "traits": { + "smithy.api#documentation": "An object representing the Source Network recovery Lifecycle.
" + } + }, + "com.amazonaws.drs#RecoveryResult": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "NOT_STARTED", + "name": "NOT_STARTED" + }, + { + "value": "IN_PROGRESS", + "name": "IN_PROGRESS" + }, + { + "value": "SUCCESS", + "name": "SUCCESS" + }, + { + "value": "FAIL", + "name": "FAIL" + }, + { + "value": "PARTIAL_SUCCESS", + "name": "PARTIAL_SUCCESS" + }, + { + "value": "ASSOCIATE_SUCCESS", + "name": "ASSOCIATE_SUCCESS" + }, + { + "value": "ASSOCIATE_FAIL", + "name": "ASSOCIATE_FAIL" + } + ] + } + }, + "com.amazonaws.drs#RecoverySnapshot": { + "type": "structure", + "members": { + "snapshotID": { + "target": "com.amazonaws.drs#RecoverySnapshotID", + "traits": { + "smithy.api#documentation": "The ID of the Recovery Snapshot.
", + "smithy.api#required": {} + } + }, + "sourceServerID": { "target": "com.amazonaws.drs#SourceServerID", "traits": { "smithy.api#documentation": "The ID of the Source Server that the snapshot was taken for.
", @@ -5506,6 +6144,10 @@ { "value": "CUSTOM", "name": "CUSTOM" + }, + { + "value": "NONE", + "name": "NONE" } ] } @@ -5797,6 +6439,29 @@ } } }, + "com.amazonaws.drs#ReplicationStatus": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "STOPPED", + "name": "STOPPED" + }, + { + "value": "IN_PROGRESS", + "name": "IN_PROGRESS" + }, + { + "value": "PROTECTED", + "name": "PROTECTED" + }, + { + "value": "ERROR", + "name": "ERROR" + } + ] + } + }, "com.amazonaws.drs#ResourceNotFoundException": { "type": "structure", "members": { @@ -5957,6 +6622,16 @@ "smithy.api#pattern": "^sg-[0-9a-fA-F]{8,}$" } }, + "com.amazonaws.drs#SensitiveBoundedString": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 256 + }, + "smithy.api#sensitive": {} + } + }, "com.amazonaws.drs#ServiceQuotaExceededException": { "type": "structure", "members": { @@ -6032,6 +6707,178 @@ "smithy.api#documentation": "Properties of the cloud environment where this Source Server originated from.
" } }, + "com.amazonaws.drs#SourceNetwork": { + "type": "structure", + "members": { + "sourceNetworkID": { + "target": "com.amazonaws.drs#SourceNetworkID", + "traits": { + "smithy.api#documentation": "Source Network ID.
" + } + }, + "sourceVpcID": { + "target": "com.amazonaws.drs#VpcID", + "traits": { + "smithy.api#documentation": "VPC ID protected by the Source Network.
" + } + }, + "arn": { + "target": "com.amazonaws.drs#ARN", + "traits": { + "smithy.api#documentation": "The ARN of the Source Network.
" + } + }, + "tags": { + "target": "com.amazonaws.drs#TagsMap", + "traits": { + "smithy.api#documentation": "A list of tags associated with the Source Network.
" + } + }, + "replicationStatus": { + "target": "com.amazonaws.drs#ReplicationStatus", + "traits": { + "smithy.api#documentation": "Status of Source Network Replication. Possible values:\n (a) STOPPED - Source Network is not replicating.\n (b) IN_PROGRESS - Source Network is being replicated.\n (c) PROTECTED - Source Network was replicated successfully and is being synchronized for changes.\n (d) ERROR - Source Network replication has failed
" + } + }, + "replicationStatusDetails": { + "target": "com.amazonaws.drs#SensitiveBoundedString", + "traits": { + "smithy.api#documentation": "Error details in case Source Network replication status is ERROR.
" + } + }, + "cfnStackName": { + "target": "com.amazonaws.drs#CfnStackName", + "traits": { + "smithy.api#documentation": "CloudFormation stack name that was deployed for recovering the Source Network.
" + } + }, + "sourceRegion": { + "target": "com.amazonaws.drs#AwsRegion", + "traits": { + "smithy.api#documentation": "Region containing the VPC protected by the Source Network.
" + } + }, + "sourceAccountID": { + "target": "com.amazonaws.drs#AccountID", + "traits": { + "smithy.api#documentation": "Account ID containing the VPC protected by the Source Network.
" + } + }, + "lastRecovery": { + "target": "com.amazonaws.drs#RecoveryLifeCycle", + "traits": { + "smithy.api#documentation": "An object containing information regarding the last recovery of the Source Network.
" + } + }, + "launchedVpcID": { + "target": "com.amazonaws.drs#VpcID", + "traits": { + "smithy.api#documentation": "ID of the recovered VPC following Source Network recovery.
" + } + } + }, + "traits": { + "smithy.api#documentation": "The ARN of the Source Network.
", + "smithy.api#references": [ + { + "resource": "com.amazonaws.drs#SourceNetworkResource" + } + ] + } + }, + "com.amazonaws.drs#SourceNetworkData": { + "type": "structure", + "members": { + "sourceNetworkID": { + "target": "com.amazonaws.drs#SourceNetworkID", + "traits": { + "smithy.api#documentation": "Source Network ID.
" + } + }, + "sourceVpc": { + "target": "com.amazonaws.drs#VpcID", + "traits": { + "smithy.api#documentation": "VPC ID protected by the Source Network.
" + } + }, + "targetVpc": { + "target": "com.amazonaws.drs#VpcID", + "traits": { + "smithy.api#documentation": "ID of the recovered VPC following Source Network recovery.
" + } + }, + "stackName": { + "target": "com.amazonaws.drs#LargeBoundedString", + "traits": { + "smithy.api#documentation": "CloudFormation stack name that was deployed for recovering the Source Network.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Properties of Source Network related to a job event.
" + } + }, + "com.amazonaws.drs#SourceNetworkID": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 20, + "max": 20 + }, + "smithy.api#pattern": "^sn-[0-9a-zA-Z]{17}$" + } + }, + "com.amazonaws.drs#SourceNetworkResource": { + "type": "resource", + "identifiers": { + "sourceNetworkID": { + "target": "com.amazonaws.drs#SourceNetworkID" + } + }, + "create": { + "target": "com.amazonaws.drs#CreateSourceNetwork" + }, + "delete": { + "target": "com.amazonaws.drs#DeleteSourceNetwork" + }, + "list": { + "target": "com.amazonaws.drs#DescribeSourceNetworks" + }, + "operations": [ + { + "target": "com.amazonaws.drs#AssociateSourceNetworkStack" + }, + { + "target": "com.amazonaws.drs#ExportSourceNetworkCfnTemplate" + }, + { + "target": "com.amazonaws.drs#StartSourceNetworkReplication" + }, + { + "target": "com.amazonaws.drs#StopSourceNetworkReplication" + } + ], + "collectionOperations": [ + { + "target": "com.amazonaws.drs#StartSourceNetworkRecovery" + } + ], + "traits": { + "aws.api#arn": { + "template": "source-network/{sourceNetworkID}" + }, + "aws.iam#conditionKeys": [ + "aws:ResourceTag" + ], + "aws.iam#disableConditionKeyInference": {} + } + }, + "com.amazonaws.drs#SourceNetworksList": { + "type": "list", + "member": { + "target": "com.amazonaws.drs#SourceNetwork" + } + }, "com.amazonaws.drs#SourceProperties": { "type": "structure", "members": { @@ -6169,6 +7016,12 @@ "traits": { "smithy.api#documentation": "For EC2-originated Source Servers which have been failed over and then failed back, this value will mean the ARN of the Source Server on the opposite replication direction.
" } + }, + "sourceNetworkID": { + "target": "com.amazonaws.drs#SourceNetworkID", + "traits": { + "smithy.api#documentation": "ID of the Source Network which is protecting this Source Server's network.
" + } } }, "traits": { @@ -6606,6 +7459,201 @@ } } }, + "com.amazonaws.drs#StartSourceNetworkRecovery": { + "type": "operation", + "input": { + "target": "com.amazonaws.drs#StartSourceNetworkRecoveryRequest" + }, + "output": { + "target": "com.amazonaws.drs#StartSourceNetworkRecoveryResponse" + }, + "errors": [ + { + "target": "com.amazonaws.drs#ConflictException" + }, + { + "target": "com.amazonaws.drs#InternalServerException" + }, + { + "target": "com.amazonaws.drs#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.drs#ThrottlingException" + }, + { + "target": "com.amazonaws.drs#UninitializedAccountException" + }, + { + "target": "com.amazonaws.drs#ValidationException" + } + ], + "traits": { + "aws.iam#requiredActions": [ + "ec2:DescribeSubnets", + "ec2:DescribeSecurityGroups", + "ec2:DescribeLaunchTemplates", + "ec2:DescribeLaunchTemplateVersions", + "ec2:ModifyLaunchTemplate", + "ec2:CreateLaunchTemplateVersion", + "ec2:DescribeVpcs", + "ec2:DescribeSubnets", + "ec2:DescribeSecurityGroups", + "ec2:DescribeLaunchTemplates", + "ec2:DescribeLaunchTemplateVersions", + "cloudformation:DescribeStacks", + "cloudformation:UpdateStack", + "cloudformation:CreateStack", + "cloudformation:DescribeStackResource", + "cloudformation:DescribeStacks", + "drs:GetLaunchConfiguration", + "s3:PutObject", + "s3:GetObject" + ], + "smithy.api#documentation": "Deploy VPC for the specified Source Network and modify launch templates to use this network. The VPC will be deployed using a dedicated CloudFormation stack.
", + "smithy.api#http": { + "uri": "/StartSourceNetworkRecovery", + "method": "POST", + "code": 202 + } + } + }, + "com.amazonaws.drs#StartSourceNetworkRecoveryRequest": { + "type": "structure", + "members": { + "sourceNetworks": { + "target": "com.amazonaws.drs#StartSourceNetworkRecoveryRequestNetworkEntries", + "traits": { + "smithy.api#documentation": "The Source Networks that we want to start a Recovery Job for.
", + "smithy.api#required": {} + } + }, + "deployAsNew": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "Don't update existing CloudFormation Stack, recover the network using a new stack.
" + } + }, + "tags": { + "target": "com.amazonaws.drs#TagsMap", + "traits": { + "smithy.api#documentation": "The tags to be associated with the Source Network recovery Job.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.drs#StartSourceNetworkRecoveryRequestNetworkEntries": { + "type": "list", + "member": { + "target": "com.amazonaws.drs#StartSourceNetworkRecoveryRequestNetworkEntry" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 100 + } + } + }, + "com.amazonaws.drs#StartSourceNetworkRecoveryRequestNetworkEntry": { + "type": "structure", + "members": { + "sourceNetworkID": { + "target": "com.amazonaws.drs#SourceNetworkID", + "traits": { + "smithy.api#documentation": "The ID of the Source Network you want to recover.
", + "smithy.api#required": {} + } + }, + "cfnStackName": { + "target": "com.amazonaws.drs#CfnStackName", + "traits": { + "smithy.api#documentation": "CloudFormation stack name to be used for recovering the network.
" + } + } + }, + "traits": { + "smithy.api#documentation": "An object representing the Source Network to recover.
" + } + }, + "com.amazonaws.drs#StartSourceNetworkRecoveryResponse": { + "type": "structure", + "members": { + "job": { + "target": "com.amazonaws.drs#Job", + "traits": { + "smithy.api#documentation": "The Source Network recovery Job.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.drs#StartSourceNetworkReplication": { + "type": "operation", + "input": { + "target": "com.amazonaws.drs#StartSourceNetworkReplicationRequest" + }, + "output": { + "target": "com.amazonaws.drs#StartSourceNetworkReplicationResponse" + }, + "errors": [ + { + "target": "com.amazonaws.drs#ConflictException" + }, + { + "target": "com.amazonaws.drs#InternalServerException" + }, + { + "target": "com.amazonaws.drs#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.drs#ThrottlingException" + }, + { + "target": "com.amazonaws.drs#UninitializedAccountException" + } + ], + "traits": { + "smithy.api#documentation": "Starts replication for a Source Network. This action would make the Source Network protected.
", + "smithy.api#http": { + "uri": "/StartSourceNetworkReplication", + "method": "POST", + "code": 200 + } + } + }, + "com.amazonaws.drs#StartSourceNetworkReplicationRequest": { + "type": "structure", + "members": { + "sourceNetworkID": { + "target": "com.amazonaws.drs#SourceNetworkID", + "traits": { + "smithy.api#documentation": "ID of the Source Network to replicate.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.drs#StartSourceNetworkReplicationResponse": { + "type": "structure", + "members": { + "sourceNetwork": { + "target": "com.amazonaws.drs#SourceNetwork", + "traits": { + "smithy.api#documentation": "Source Network which was requested for replication.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.drs#StopFailback": { "type": "operation", "input": { @@ -6706,6 +7754,72 @@ } } }, + "com.amazonaws.drs#StopSourceNetworkReplication": { + "type": "operation", + "input": { + "target": "com.amazonaws.drs#StopSourceNetworkReplicationRequest" + }, + "output": { + "target": "com.amazonaws.drs#StopSourceNetworkReplicationResponse" + }, + "errors": [ + { + "target": "com.amazonaws.drs#ConflictException" + }, + { + "target": "com.amazonaws.drs#InternalServerException" + }, + { + "target": "com.amazonaws.drs#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.drs#ThrottlingException" + }, + { + "target": "com.amazonaws.drs#UninitializedAccountException" + }, + { + "target": "com.amazonaws.drs#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Stops replication for a Source Network. This action would make the Source Network unprotected.
", + "smithy.api#http": { + "uri": "/StopSourceNetworkReplication", + "method": "POST", + "code": 200 + } + } + }, + "com.amazonaws.drs#StopSourceNetworkReplicationRequest": { + "type": "structure", + "members": { + "sourceNetworkID": { + "target": "com.amazonaws.drs#SourceNetworkID", + "traits": { + "smithy.api#documentation": "ID of the Source Network to stop replication.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.drs#StopSourceNetworkReplicationResponse": { + "type": "structure", + "members": { + "sourceNetwork": { + "target": "com.amazonaws.drs#SourceNetwork", + "traits": { + "smithy.api#documentation": "Source Network which was requested to stop replication.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.drs#StrictlyPositiveInteger": { "type": "integer", "traits": { @@ -7230,6 +8344,12 @@ "traits": { "smithy.api#documentation": "Licensing.
" } + }, + "exportBucketArn": { + "target": "com.amazonaws.drs#ARN", + "traits": { + "smithy.api#documentation": "S3 bucket ARN to export Source Network templates.
" + } } } }, @@ -7628,6 +8748,16 @@ "value": { "target": "com.amazonaws.drs#PositiveInteger" } + }, + "com.amazonaws.drs#VpcID": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 12, + "max": 21 + }, + "smithy.api#pattern": "^vpc-[0-9a-fA-F]{8,}$" + } } } } \ No newline at end of file diff --git a/codegen/sdk/aws-models/dynamodb-streams.json b/codegen/sdk/aws-models/dynamodb-streams.json index 8c04f216c79..aefb201e259 100644 --- a/codegen/sdk/aws-models/dynamodb-streams.json +++ b/codegen/sdk/aws-models/dynamodb-streams.json @@ -174,7 +174,8 @@ } }, "traits": { - "smithy.api#documentation": "Represents the input of a DescribeStream operation.
Represents the input of a DescribeStream operation.
Represents the output of a DescribeStream operation.
Represents the output of a DescribeStream operation.
Amazon DynamoDB Streams provides API actions for accessing streams and processing\n stream records. To learn more about application development with Streams, see Capturing\n Table Activity with DynamoDB Streams in the Amazon DynamoDB Developer\n Guide.
", + "smithy.api#documentation": "Amazon DynamoDB Streams provides API actions for accessing streams and processing\n stream records. To learn more about application development with Streams, see Capturing\n Table Activity with DynamoDB Streams in the Amazon DynamoDB Developer\n Guide.
", "smithy.api#title": "Amazon DynamoDB Streams", "smithy.api#xmlNamespace": { "uri": "http://dynamodb.amazonaws.com/doc/2012-08-10/" @@ -1467,7 +1469,8 @@ } }, "traits": { - "smithy.api#documentation": "Represents the input of a GetRecords operation.
Represents the input of a GetRecords operation.
Represents the output of a GetRecords operation.
Represents the output of a GetRecords operation.
Represents the input of a GetShardIterator operation.
Represents the input of a GetShardIterator operation.
Represents the output of a GetShardIterator operation.
Represents the output of a GetShardIterator operation.
The role that this key attribute will assume:
\n\n HASH - partition key
\n RANGE - sort key
The partition key of an item is also known as its hash\n attribute. The term \"hash attribute\" derives from DynamoDB's usage of\n an internal hash function to evenly distribute data items across partitions, based\n on their partition key values.
\nThe sort key of an item is also known as its range\n attribute. The term \"range attribute\" derives from the way DynamoDB\n stores items with the same partition key physically close together, in sorted order\n by the sort key value.
\nThe role that this key attribute will assume:
\n\n HASH - partition key
\n RANGE - sort key
The partition key of an item is also known as its hash\n attribute. The term \"hash attribute\" derives from DynamoDB's usage of\n an internal hash function to evenly distribute data items across partitions, based\n on their partition key values.
\nThe sort key of an item is also known as its range\n attribute. The term \"range attribute\" derives from the way DynamoDB\n stores items with the same partition key physically close together, in sorted order\n by the sort key value.
\nThere is no limit to the number of daily on-demand backups that can be taken.
\nFor most purposes, up to 500 simultaneous table operations are allowed per account. These operations\n include CreateTable, UpdateTable,\n DeleteTable,UpdateTimeToLive,\n RestoreTableFromBackup, and RestoreTableToPointInTime.
When you are creating a table with one or more secondary\n indexes, you can have up to 250 such requests running at a time. However, if the table or\n index specifications are complex, then DynamoDB might temporarily reduce the number\n of concurrent operations.
\nWhen importing into DynamoDB, up to 50 simultaneous import table operations are allowed per account.
\nThere is a soft account quota of 2,500 tables.
", + "smithy.api#documentation": "There is no limit to the number of daily on-demand backups that can be taken.
\nFor most purposes, up to 500 simultaneous table operations are allowed per account. These operations\n include CreateTable, UpdateTable,\n DeleteTable,UpdateTimeToLive,\n RestoreTableFromBackup, and RestoreTableToPointInTime.
When you are creating a table with one or more secondary\n indexes, you can have up to 250 such requests running at a time. However, if the table or\n index specifications are complex, then DynamoDB might temporarily reduce the number\n of concurrent operations.
\nWhen importing into DynamoDB, up to 50 simultaneous import table operations are allowed per account.
\nThere is a soft account quota of 2,500 tables.
\nGetRecords was called with a value of more than 1000 for the limit request parameter.
\nMore than 2 processes are reading from the same streams shard at the same time. Exceeding\n this limit may result in request throttling.
", "smithy.api#error": "client" } }, @@ -1721,7 +1727,8 @@ } }, "traits": { - "smithy.api#documentation": "Represents the input of a ListStreams operation.
Represents the input of a ListStreams operation.
Represents the output of a ListStreams operation.
Represents the output of a ListStreams operation.
The AWS service from which the stream record originated. For DynamoDB Streams, this is aws:dynamodb.
The Amazon Web Services service from which the stream record originated. For DynamoDB Streams, this is aws:dynamodb.
A timestamp, in ISO 8601 format, for this stream.
\nNote that LatestStreamLabel is not a unique identifier for the stream, because it is\n possible that a stream from another table might have the same timestamp. However, the\n combination of the following three elements is guaranteed to be unique:
the AWS customer ID.
\nthe table name
\nthe StreamLabel\n
A timestamp, in ISO 8601 format, for this stream.
\nNote that LatestStreamLabel is not a unique identifier for the stream, because it is\n possible that a stream from another table might have the same timestamp. However, the\n combination of the following three elements is guaranteed to be unique:
the Amazon Web Services customer ID.
\nthe table name
\nthe StreamLabel\n
A timestamp, in ISO 8601 format, for this stream.
\nNote that LatestStreamLabel is not a unique identifier for the stream, because it is\n possible that a stream from another table might have the same timestamp. However, the\n combination of the following three elements is guaranteed to be unique:
the AWS customer ID.
\nthe table name
\nthe StreamLabel\n
A timestamp, in ISO 8601 format, for this stream.
\nNote that LatestStreamLabel is not a unique identifier for the stream, because it is\n possible that a stream from another table might have the same timestamp. However, the\n combination of the following three elements is guaranteed to be unique:
the Amazon Web Services customer ID.
\nthe table name
\nthe StreamLabel\n
The approximate date and time when the stream record was created, in UNIX epoch time format.
" + "smithy.api#documentation": "The approximate date and time when the stream record was created, in UNIX epoch time format and rounded down to the closest second.
" } }, "Keys": { diff --git a/codegen/sdk/aws-models/dynamodb.json b/codegen/sdk/aws-models/dynamodb.json index adb4cf00ebc..7c5a2d76787 100644 --- a/codegen/sdk/aws-models/dynamodb.json +++ b/codegen/sdk/aws-models/dynamodb.json @@ -833,7 +833,7 @@ "aws.api#clientDiscoveredEndpoint": { "required": false }, - "smithy.api#documentation": "The BatchGetItem operation returns the attributes of one or more items\n from one or more tables. You identify requested items by primary key.
A single operation can retrieve up to 16 MB of data, which can contain as many as 100\n items. BatchGetItem returns a partial result if the response size limit is\n exceeded, the table's provisioned throughput is exceeded, or an internal processing\n failure occurs. If a partial result is returned, the operation returns a value for\n UnprocessedKeys. You can use this value to retry the operation starting\n with the next item to get.
If you request more than 100 items, BatchGetItem returns a\n ValidationException with the message \"Too many items requested for\n the BatchGetItem call.\"
For example, if you ask to retrieve 100 items, but each individual item is 300 KB in\n size, the system returns 52 items (so as not to exceed the 16 MB limit). It also returns\n an appropriate UnprocessedKeys value so you can get the next page of\n results. If desired, your application can include its own logic to assemble the pages of\n results into one dataset.
If none of the items can be processed due to insufficient\n provisioned throughput on all of the tables in the request, then\n BatchGetItem returns a\n ProvisionedThroughputExceededException. If at least\n one of the items is successfully processed, then\n BatchGetItem completes successfully, while returning the keys of the\n unread items in UnprocessedKeys.
If DynamoDB returns any unprocessed items, you should retry the batch operation on\n those items. However, we strongly recommend that you use an exponential\n backoff algorithm. If you retry the batch operation immediately, the\n underlying read or write requests can still fail due to throttling on the individual\n tables. If you delay the batch operation using exponential backoff, the individual\n requests in the batch are much more likely to succeed.
\nFor more information, see Batch Operations and Error Handling in the Amazon DynamoDB\n Developer Guide.
\nBy default, BatchGetItem performs eventually consistent reads on every\n table in the request. If you want strongly consistent reads instead, you can set\n ConsistentRead to true for any or all tables.
In order to minimize response latency, BatchGetItem may retrieve items in\n parallel.
When designing your application, keep in mind that DynamoDB does not return items in\n any particular order. To help parse the response by item, include the primary key values\n for the items in your request in the ProjectionExpression parameter.
If a requested item does not exist, it is not returned in the result. Requests for\n nonexistent items consume the minimum read capacity units according to the type of read.\n For more information, see Working with Tables in the Amazon DynamoDB Developer\n Guide.
" + "smithy.api#documentation": "The BatchGetItem operation returns the attributes of one or more items\n from one or more tables. You identify requested items by primary key.
A single operation can retrieve up to 16 MB of data, which can contain as many as 100\n items. BatchGetItem returns a partial result if the response size limit is\n exceeded, the table's provisioned throughput is exceeded, more than 1MB per partition is requested,\n or an internal processing failure occurs. If a partial result is returned, the operation returns a value for\n UnprocessedKeys. You can use this value to retry the operation starting\n with the next item to get.
If you request more than 100 items, BatchGetItem returns a\n ValidationException with the message \"Too many items requested for\n the BatchGetItem call.\"
For example, if you ask to retrieve 100 items, but each individual item is 300 KB in\n size, the system returns 52 items (so as not to exceed the 16 MB limit). It also returns\n an appropriate UnprocessedKeys value so you can get the next page of\n results. If desired, your application can include its own logic to assemble the pages of\n results into one dataset.
If none of the items can be processed due to insufficient\n provisioned throughput on all of the tables in the request, then\n BatchGetItem returns a\n ProvisionedThroughputExceededException. If at least\n one of the items is successfully processed, then\n BatchGetItem completes successfully, while returning the keys of the\n unread items in UnprocessedKeys.
If DynamoDB returns any unprocessed items, you should retry the batch operation on\n those items. However, we strongly recommend that you use an exponential\n backoff algorithm. If you retry the batch operation immediately, the\n underlying read or write requests can still fail due to throttling on the individual\n tables. If you delay the batch operation using exponential backoff, the individual\n requests in the batch are much more likely to succeed.
\nFor more information, see Batch Operations and Error Handling in the Amazon DynamoDB\n Developer Guide.
\nBy default, BatchGetItem performs eventually consistent reads on every\n table in the request. If you want strongly consistent reads instead, you can set\n ConsistentRead to true for any or all tables.
In order to minimize response latency, BatchGetItem may retrieve items in\n parallel.
When designing your application, keep in mind that DynamoDB does not return items in\n any particular order. To help parse the response by item, include the primary key values\n for the items in your request in the ProjectionExpression parameter.
If a requested item does not exist, it is not returned in the result. Requests for\n nonexistent items consume the minimum read capacity units according to the type of read.\n For more information, see Working with Tables in the Amazon DynamoDB Developer\n Guide.
" } }, "com.amazonaws.dynamodb#BatchGetItemInput": { @@ -6732,7 +6732,7 @@ } }, "traits": { - "smithy.api#documentation": "There is no limit to the number of daily on-demand backups that can be taken.
\nFor most purposes, up to 500 simultaneous table operations are allowed per account. These operations\n include CreateTable, UpdateTable,\n DeleteTable,UpdateTimeToLive,\n RestoreTableFromBackup, and RestoreTableToPointInTime.
When you are creating a table with one or more secondary\n indexes, you can have up to 250 such requests running at a time. However, if the table or\n index specifications are complex, then DynamoDB might temporarily reduce the number\n of concurrent operations.
\nWhen importing into DynamoDB, up to 50 simultaneous import table operations are allowed per account.
\nThere is a soft account quota of 2,500 tables.
", + "smithy.api#documentation": "There is no limit to the number of daily on-demand backups that can be taken.
\nFor most purposes, up to 500 simultaneous table operations are allowed per account. These operations\n include CreateTable, UpdateTable,\n DeleteTable,UpdateTimeToLive,\n RestoreTableFromBackup, and RestoreTableToPointInTime.
When you are creating a table with one or more secondary\n indexes, you can have up to 250 such requests running at a time. However, if the table or\n index specifications are complex, then DynamoDB might temporarily reduce the number\n of concurrent operations.
\nWhen importing into DynamoDB, up to 50 simultaneous import table operations are allowed per account.
\nThere is a soft account quota of 2,500 tables.
\nGetRecords was called with a value of more than 1000 for the limit request parameter.
\nMore than 2 processes are reading from the same streams shard at the same time. Exceeding\n this limit may result in request throttling.
", "smithy.api#error": "client" } }, @@ -7689,14 +7689,14 @@ "ReadCapacityUnits": { "target": "com.amazonaws.dynamodb#PositiveLongObject", "traits": { - "smithy.api#documentation": "The maximum number of strongly consistent reads consumed per second before DynamoDB\n returns a ThrottlingException. For more information, see Specifying Read and Write Requirements in the Amazon DynamoDB\n Developer Guide.
If read/write capacity mode is PAY_PER_REQUEST the value is set to\n 0.
The maximum number of strongly consistent reads consumed per second before DynamoDB\n returns a ThrottlingException. For more information, see Specifying Read and Write Requirements in the Amazon DynamoDB\n Developer Guide.
If read/write capacity mode is PAY_PER_REQUEST the value is set to\n 0.
The maximum number of writes consumed per second before DynamoDB returns a\n ThrottlingException. For more information, see Specifying Read and Write Requirements in the Amazon DynamoDB\n Developer Guide.
If read/write capacity mode is PAY_PER_REQUEST the value is set to\n 0.
The maximum number of writes consumed per second before DynamoDB returns a\n ThrottlingException. For more information, see Specifying Read and Write Requirements in the Amazon DynamoDB\n Developer Guide.
If read/write capacity mode is PAY_PER_REQUEST the value is set to\n 0.
The ID representing the allocation of the address for use with EC2-VPC.
", + "smithy.api#documentation": "The ID representing the allocation of the address.
", "smithy.api#xmlName": "allocationId" } }, @@ -1184,7 +1184,7 @@ "target": "com.amazonaws.ec2#String", "traits": { "aws.protocols#ec2QueryName": "AssociationId", - "smithy.api#documentation": "The ID representing the association of the address with an instance in a VPC.
", + "smithy.api#documentation": "The ID representing the association of the address with an instance.
", "smithy.api#xmlName": "associationId" } }, @@ -1192,7 +1192,7 @@ "target": "com.amazonaws.ec2#DomainType", "traits": { "aws.protocols#ec2QueryName": "Domain", - "smithy.api#documentation": "Indicates whether this Elastic IP address is for use with instances\n\t\t\t\tin EC2-Classic (standard) or instances in a VPC (vpc).
The network (vpc).
Allocates an Elastic IP address to your Amazon Web Services account. After you allocate the Elastic IP address you can associate \n it with an instance or network interface. After you release an Elastic IP address, it is released to the IP address \n pool and can be allocated to a different Amazon Web Services account.
\nYou can allocate an Elastic IP address from an address pool owned by Amazon Web Services or from an address pool created \n from a public IPv4 address range that you have brought to Amazon Web Services for use with your Amazon Web Services resources using bring your own \n IP addresses (BYOIP). For more information, see Bring Your Own IP Addresses (BYOIP) in the Amazon Elastic Compute Cloud User Guide.
\n[EC2-VPC] If you release an Elastic IP address, you might be able to recover it. You cannot recover an \n Elastic IP address that you released after it is allocated to another Amazon Web Services account. You cannot recover an Elastic IP\n address for EC2-Classic. To attempt to recover an Elastic IP address that you released, specify it in this operation.
\nAn Elastic IP address is for use either in the EC2-Classic platform or in a VPC. By default, you can allocate\n 5 Elastic IP addresses for EC2-Classic per Region and 5 Elastic IP addresses for EC2-VPC per Region.
\nFor more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.
\nYou can allocate a carrier IP address which is a public IP address from a telecommunication carrier, to a network interface which resides in a subnet in a Wavelength Zone (for example an EC2 instance).
\nWe are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.
\nAllocates an Elastic IP address to your Amazon Web Services account. After you allocate the Elastic IP address you can associate \n it with an instance or network interface. After you release an Elastic IP address, it is released to the IP address \n pool and can be allocated to a different Amazon Web Services account.
\nYou can allocate an Elastic IP address from an address pool owned by Amazon Web Services or from an address pool created \n from a public IPv4 address range that you have brought to Amazon Web Services for use with your Amazon Web Services resources using bring your own \n IP addresses (BYOIP). For more information, see Bring Your Own IP Addresses (BYOIP) in the Amazon Elastic Compute Cloud User Guide.
\nIf you release an Elastic IP address, you might be able to recover it. You cannot recover\n an Elastic IP address that you released after it is allocated to another Amazon Web Services account. To attempt to recover an Elastic IP address that you released, specify\n it in this operation.
\nFor more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.
\nYou can allocate a carrier IP address which is a public IP address from a telecommunication carrier, \n to a network interface which resides in a subnet in a Wavelength Zone (for example an EC2 instance).
" } }, "com.amazonaws.ec2#AllocateAddressRequest": { @@ -1544,13 +1544,13 @@ "Domain": { "target": "com.amazonaws.ec2#DomainType", "traits": { - "smithy.api#documentation": "Indicates whether the Elastic IP address is for use with instances in a VPC or instances in EC2-Classic.
\nDefault: If the Region supports EC2-Classic, the default is standard. Otherwise, the default\n is vpc.
The network (vpc).
[EC2-VPC] The Elastic IP address to recover or an IPv4 address from an address pool.
" + "smithy.api#documentation": "The Elastic IP address to recover or an IPv4 address from an address pool.
" } }, "PublicIpv4Pool": { @@ -1608,7 +1608,7 @@ "target": "com.amazonaws.ec2#String", "traits": { "aws.protocols#ec2QueryName": "AllocationId", - "smithy.api#documentation": "[EC2-VPC] The ID that Amazon Web Services assigns to represent the allocation of the Elastic IP address for use with instances in a VPC.
", + "smithy.api#documentation": "The ID that represents the allocation of the Elastic IP address.
", "smithy.api#xmlName": "allocationId" } }, @@ -1632,7 +1632,7 @@ "target": "com.amazonaws.ec2#DomainType", "traits": { "aws.protocols#ec2QueryName": "Domain", - "smithy.api#documentation": "Indicates whether the Elastic IP address is for use with instances in a VPC (vpc) or\n\t\t\t\tinstances in EC2-Classic (standard).
The network (vpc).
The carrier IP address. This option is only available for network interfaces which reside\n in a subnet in a Wavelength Zone (for example an EC2 instance).
", + "smithy.api#documentation": "The carrier IP address. This option is only available for network interfaces that reside\n in a subnet in a Wavelength Zone.
", "smithy.api#xmlName": "carrierIp" } } @@ -1787,7 +1787,7 @@ "target": "com.amazonaws.ec2#AllocateIpamPoolCidrResult" }, "traits": { - "smithy.api#documentation": "Allocate a CIDR from an IPAM pool. In IPAM, an allocation is a CIDR assignment from an IPAM pool to another IPAM pool or to a resource. For more information, see Allocate CIDRs in the Amazon VPC IPAM User Guide.
\nThis action creates an allocation with strong consistency. The returned CIDR will not overlap with any other allocations from the same pool.
\nAllocate a CIDR from an IPAM pool. The Region you use should be the IPAM pool locale. The locale is the Amazon Web Services Region where this IPAM pool is available for allocations.
\nIn IPAM, an allocation is a CIDR assignment from an IPAM pool to another IPAM pool or to a resource. For more information, see Allocate CIDRs in the Amazon VPC IPAM User Guide.
\nThis action creates an allocation with strong consistency. The returned CIDR will not overlap with any other allocations from the same pool.
\nAssociates an Elastic IP address, or carrier IP address (for instances that are in\n subnets in Wavelength Zones) with an instance or a network interface. Before you can use an\n Elastic IP address, you must allocate it to your account.
\nAn Elastic IP address is for use in either the EC2-Classic platform or in a VPC.\n\t\t\tFor more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.
\n[EC2-Classic, VPC in an EC2-VPC-only account] If the Elastic IP address is already\n associated with a different instance, it is disassociated from that instance and associated\n with the specified instance. If you associate an Elastic IP address with an instance that has\n an existing Elastic IP address, the existing address is disassociated from the instance, but\n remains allocated to your account.
\n[VPC in an EC2-Classic account] If you don't specify a private IP address, the Elastic\n IP address is associated with the primary IP address. If the Elastic IP address is already\n associated with a different instance or a network interface, you get an error unless you allow\n reassociation. You cannot associate an Elastic IP address with an instance or network\n interface that has an existing Elastic IP address.
\n[Subnets in Wavelength Zones] You can associate an IP address from the telecommunication\n carrier to the instance or network interface.
\nYou cannot associate an Elastic IP address with an interface in a different network border group.
\nThis is an idempotent operation. If you perform the operation more than once, Amazon EC2\n doesn't return an error, and you may be charged for each time the Elastic IP address is\n remapped to the same instance. For more information, see the Elastic IP\n Addresses section of Amazon EC2\n Pricing.
\nWe are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.
\nAssociates an Elastic IP address, or carrier IP address (for instances that are in\n subnets in Wavelength Zones) with an instance or a network interface. Before you can use an\n Elastic IP address, you must allocate it to your account.
\nIf the Elastic IP address is already\n associated with a different instance, it is disassociated from that instance and associated\n with the specified instance. If you associate an Elastic IP address with an instance that has\n an existing Elastic IP address, the existing address is disassociated from the instance, but\n remains allocated to your account.
\n[Subnets in Wavelength Zones] You can associate an IP address from the telecommunication\n carrier to the instance or network interface.
\nYou cannot associate an Elastic IP address with an interface in a different network border group.
\nThis is an idempotent operation. If you perform the operation more than once, Amazon EC2\n doesn't return an error, and you may be charged for each time the Elastic IP address is\n remapped to the same instance. For more information, see the Elastic IP\n Addresses section of Amazon EC2\n Pricing.
\n[EC2-VPC] The allocation ID. This is required for EC2-VPC.
" + "smithy.api#documentation": "The allocation ID. This is required.
" } }, "InstanceId": { "target": "com.amazonaws.ec2#InstanceId", "traits": { - "smithy.api#documentation": "The ID of the instance. The instance must have exactly one attached network interface.\n For EC2-VPC, you can specify either the instance ID or the network interface ID, but not both.\n For EC2-Classic, you must specify an instance ID and the instance must be in the running\n state.
" + "smithy.api#documentation": "The ID of the instance. The instance must have exactly one attached network interface.\n You can specify either the instance ID or the network interface ID, but not both.
" } }, "PublicIp": { "target": "com.amazonaws.ec2#EipAllocationPublicIp", "traits": { - "smithy.api#documentation": "[EC2-Classic] The Elastic IP address to associate with the instance. This is required for\n EC2-Classic.
" + "smithy.api#documentation": "Deprecated.
" } }, "AllowReassociation": { @@ -5991,7 +6000,7 @@ "aws.protocols#ec2QueryName": "AllowReassociation", "smithy.api#clientOptional": {}, "smithy.api#default": false, - "smithy.api#documentation": "[EC2-VPC] For a VPC in an EC2-Classic account, specify true to allow an Elastic IP address that is already associated with an instance or network interface to be reassociated with the specified instance or network interface. Otherwise, the operation fails. In a VPC in an EC2-VPC-only account, reassociation is automatic, therefore you can specify false to ensure the operation fails if the Elastic IP address is already associated with another resource.
", + "smithy.api#documentation": "Reassociation is automatic, but you can specify false to ensure the operation fails if the Elastic IP address is already associated with another resource.
", "smithy.api#xmlName": "allowReassociation" } }, @@ -6009,7 +6018,7 @@ "target": "com.amazonaws.ec2#NetworkInterfaceId", "traits": { "aws.protocols#ec2QueryName": "NetworkInterfaceId", - "smithy.api#documentation": "[EC2-VPC] The ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.
\nFor EC2-VPC, you can specify either the instance ID or the network interface ID, but not both.
", + "smithy.api#documentation": "The ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.
\nYou can specify either the instance ID or the network interface ID, but not both.
", "smithy.api#xmlName": "networkInterfaceId" } }, @@ -6017,7 +6026,7 @@ "target": "com.amazonaws.ec2#String", "traits": { "aws.protocols#ec2QueryName": "PrivateIpAddress", - "smithy.api#documentation": "[EC2-VPC] The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.
", + "smithy.api#documentation": "The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.
", "smithy.api#xmlName": "privateIpAddress" } } @@ -6033,7 +6042,7 @@ "target": "com.amazonaws.ec2#String", "traits": { "aws.protocols#ec2QueryName": "AssociationId", - "smithy.api#documentation": "[EC2-VPC] The ID that represents the association of the Elastic IP address with an instance.
", + "smithy.api#documentation": "The ID that represents the association of the Elastic IP address with an instance.
", "smithy.api#xmlName": "associationId" } } @@ -14769,6 +14778,95 @@ "smithy.api#output": {} } }, + "com.amazonaws.ec2#CreateInstanceConnectEndpoint": { + "type": "operation", + "input": { + "target": "com.amazonaws.ec2#CreateInstanceConnectEndpointRequest" + }, + "output": { + "target": "com.amazonaws.ec2#CreateInstanceConnectEndpointResult" + }, + "traits": { + "smithy.api#documentation": "Creates an EC2 Instance Connect Endpoint.
\nAn EC2 Instance Connect Endpoint allows you to connect to a resource, without\n requiring the resource to have a public IPv4 address. For more information, see Connect to your resources without requiring a public IPv4 address using EC2\n Instance Connect Endpoint in the Amazon EC2 User\n Guide.
" + } + }, + "com.amazonaws.ec2#CreateInstanceConnectEndpointRequest": { + "type": "structure", + "members": { + "DryRun": { + "target": "com.amazonaws.ec2#Boolean", + "traits": { + "smithy.api#clientOptional": {}, + "smithy.api#default": false, + "smithy.api#documentation": "Checks whether you have the required permissions for the action, without actually making the request, \n and provides an error response. If you have the required permissions, the error response is DryRunOperation. \n Otherwise, it is UnauthorizedOperation.
The ID of the subnet in which to create the EC2 Instance Connect Endpoint.
", + "smithy.api#required": {} + } + }, + "SecurityGroupIds": { + "target": "com.amazonaws.ec2#SecurityGroupIdStringListRequest", + "traits": { + "smithy.api#documentation": "One or more security groups to associate with the endpoint. If you don't specify a security group, \n the default security group for your VPC will be associated with the endpoint.
", + "smithy.api#xmlName": "SecurityGroupId" + } + }, + "PreserveClientIp": { + "target": "com.amazonaws.ec2#Boolean", + "traits": { + "smithy.api#clientOptional": {}, + "smithy.api#default": false, + "smithy.api#documentation": "Indicates whether your client's IP address is preserved as the source. The value is true or false.
If true, your client's IP address is used when you connect to a resource.
If false, the elastic network interface IP address is used when you connect to a resource.
Default: true\n
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.
", + "smithy.api#idempotencyToken": {} + } + }, + "TagSpecifications": { + "target": "com.amazonaws.ec2#TagSpecificationList", + "traits": { + "smithy.api#documentation": "The tags to apply to the EC2 Instance Connect Endpoint during creation.
", + "smithy.api#xmlName": "TagSpecification" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.ec2#CreateInstanceConnectEndpointResult": { + "type": "structure", + "members": { + "InstanceConnectEndpoint": { + "target": "com.amazonaws.ec2#Ec2InstanceConnectEndpoint", + "traits": { + "aws.protocols#ec2QueryName": "InstanceConnectEndpoint", + "smithy.api#documentation": "Information about the EC2 Instance Connect Endpoint.
", + "smithy.api#xmlName": "instanceConnectEndpoint" + } + }, + "ClientToken": { + "target": "com.amazonaws.ec2#String", + "traits": { + "aws.protocols#ec2QueryName": "ClientToken", + "smithy.api#documentation": "Unique, case-sensitive idempotency token provided by the client in the the request.
", + "smithy.api#xmlName": "clientToken" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.ec2#CreateInstanceEventWindow": { "type": "operation", "input": { @@ -16622,7 +16720,7 @@ "InterfaceType": { "target": "com.amazonaws.ec2#NetworkInterfaceCreationType", "traits": { - "smithy.api#documentation": "The type of network interface. The default is interface.
The only supported values are efa and trunk.
The type of network interface. The default is interface.
The only supported values are interface, efa, and trunk.
Deletes the specified EC2 Instance Connect Endpoint.
" + } + }, + "com.amazonaws.ec2#DeleteInstanceConnectEndpointRequest": { + "type": "structure", + "members": { + "DryRun": { + "target": "com.amazonaws.ec2#Boolean", + "traits": { + "smithy.api#clientOptional": {}, + "smithy.api#default": false, + "smithy.api#documentation": "Checks whether you have the required permissions for the action, without actually making the request, \n and provides an error response. If you have the required permissions, the error response is DryRunOperation. \n Otherwise, it is UnauthorizedOperation.
The ID of the EC2 Instance Connect Endpoint to delete.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.ec2#DeleteInstanceConnectEndpointResult": { + "type": "structure", + "members": { + "InstanceConnectEndpoint": { + "target": "com.amazonaws.ec2#Ec2InstanceConnectEndpoint", + "traits": { + "aws.protocols#ec2QueryName": "InstanceConnectEndpoint", + "smithy.api#documentation": "Information about the EC2 Instance Connect Endpoint.
", + "smithy.api#xmlName": "instanceConnectEndpoint" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.ec2#DeleteInstanceEventWindow": { "type": "operation", "input": { @@ -25457,7 +25607,7 @@ "target": "com.amazonaws.ec2#DescribeAddressTransfersResult" }, "traits": { - "smithy.api#documentation": "Describes an Elastic IP address transfer. For more information, see Transfer Elastic IP addresses in the Amazon Virtual Private Cloud User Guide.
", + "smithy.api#documentation": "Describes an Elastic IP address transfer. For more information, see Transfer Elastic IP addresses in the Amazon Virtual Private Cloud User Guide.
\nWhen you transfer an Elastic IP address, there is a two-step handshake\n between the source and transfer Amazon Web Services accounts. When the source account starts the transfer,\n the transfer account has seven days to accept the Elastic IP address\n transfer. During those seven days, the source account can view the\n pending transfer by using this action. After seven days, the\n transfer expires and ownership of the Elastic IP\n address returns to the source\n account. Accepted transfers are visible to the source account for three days\n after the transfers have been accepted.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -25546,7 +25696,7 @@ "target": "com.amazonaws.ec2#DescribeAddressesResult" }, "traits": { - "smithy.api#documentation": "Describes the specified Elastic IP addresses or all of your Elastic IP addresses.
\nAn Elastic IP address is for use in either the EC2-Classic platform or in a VPC.\n\t\t\t\tFor more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.
\nWe are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.
\nDescribes the specified Elastic IP addresses or all of your Elastic IP addresses.
" } }, "com.amazonaws.ec2#DescribeAddressesAttribute": { @@ -25640,7 +25790,7 @@ "Filters": { "target": "com.amazonaws.ec2#FilterList", "traits": { - "smithy.api#documentation": "One or more filters. Filter names and values are case-sensitive.
\n\n allocation-id - [EC2-VPC] The allocation ID for the address.
\n association-id - [EC2-VPC] The association ID for the address.
\n domain - Indicates whether the address is for use in EC2-Classic (standard) \n or in a VPC (vpc).
\n instance-id - The ID of the instance the address is associated with, if any.
\n network-border-group - A unique set of Availability Zones, Local Zones,\n or Wavelength Zones from where Amazon Web Services advertises IP addresses.
\n network-interface-id - [EC2-VPC] The ID of the network interface that the address is associated with, if any.
\n network-interface-owner-id - The Amazon Web Services account ID of the owner.
\n private-ip-address - [EC2-VPC] The private IP address associated with the Elastic IP address.
\n public-ip - The Elastic IP address, or the carrier IP address.
\n tag:Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
\n tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
One or more filters. Filter names and values are case-sensitive.
\n\n allocation-id - The allocation ID for the address.
\n association-id - The association ID for the address.
\n instance-id - The ID of the instance the address is associated with, if any.
\n network-border-group - A unique set of Availability Zones, Local Zones,\n or Wavelength Zones from where Amazon Web Services advertises IP addresses.
\n network-interface-id - The ID of the network interface that the address is associated with, if any.
\n network-interface-owner-id - The Amazon Web Services account ID of the owner.
\n private-ip-address - The private IP address associated with the Elastic IP address.
\n public-ip - The Elastic IP address, or the carrier IP address.
\n tag:Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
\n tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
[EC2-VPC] Information about the allocation IDs.
", + "smithy.api#documentation": "Information about the allocation IDs.
", "smithy.api#xmlName": "AllocationId" } }, @@ -29644,6 +29794,92 @@ "smithy.api#input": {} } }, + "com.amazonaws.ec2#DescribeInstanceConnectEndpoints": { + "type": "operation", + "input": { + "target": "com.amazonaws.ec2#DescribeInstanceConnectEndpointsRequest" + }, + "output": { + "target": "com.amazonaws.ec2#DescribeInstanceConnectEndpointsResult" + }, + "traits": { + "smithy.api#documentation": "Describes the specified EC2 Instance Connect Endpoints or all EC2 Instance Connect Endpoints.
", + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "items": "InstanceConnectEndpoints", + "pageSize": "MaxResults" + } + } + }, + "com.amazonaws.ec2#DescribeInstanceConnectEndpointsRequest": { + "type": "structure", + "members": { + "DryRun": { + "target": "com.amazonaws.ec2#Boolean", + "traits": { + "smithy.api#clientOptional": {}, + "smithy.api#default": false, + "smithy.api#documentation": "Checks whether you have the required permissions for the action, without actually making the request, \n and provides an error response. If you have the required permissions, the error response is DryRunOperation. \n Otherwise, it is UnauthorizedOperation.
The maximum number of items to return for this request.\n To get the next page of items, make another request with the token returned in the output.\n\t For more information, see Pagination.
" + } + }, + "NextToken": { + "target": "com.amazonaws.ec2#NextToken", + "traits": { + "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
" + } + }, + "Filters": { + "target": "com.amazonaws.ec2#FilterList", + "traits": { + "smithy.api#documentation": "One or more filters.
\n\n instance-connect-endpoint-id - The ID of the EC2 Instance Connect Endpoint.
\n state - The state of the EC2 Instance Connect Endpoint (create-in-progress | create-complete | create-failed | \n delete-in-progress | delete-complete | delete-failed).
\n subnet-id - The ID of the subnet in which the EC2 Instance\n Connect Endpoint was created.
\n tag:Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
\n tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
\n tag-value - The value of a tag assigned to the resource. Use this filter to find all resources \n that have a tag with a specific value, regardless of tag key.
\n vpc-id - The ID of the VPC in which the EC2 Instance Connect\n Endpoint was created.
One or more EC2 Instance Connect Endpoint IDs.
", + "smithy.api#xmlName": "InstanceConnectEndpointId" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.ec2#DescribeInstanceConnectEndpointsResult": { + "type": "structure", + "members": { + "InstanceConnectEndpoints": { + "target": "com.amazonaws.ec2#InstanceConnectEndpointSet", + "traits": { + "aws.protocols#ec2QueryName": "InstanceConnectEndpointSet", + "smithy.api#documentation": "Information about the EC2 Instance Connect Endpoints.
", + "smithy.api#xmlName": "instanceConnectEndpointSet" + } + }, + "NextToken": { + "target": "com.amazonaws.ec2#NextToken", + "traits": { + "aws.protocols#ec2QueryName": "NextToken", + "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
Describes your Elastic IP addresses that are being moved to the EC2-VPC platform, or that are being restored to the EC2-Classic platform. This request does not return information about any other Elastic IP addresses in your account.
", + "smithy.api#documentation": "This action is deprecated.
\nDescribes your Elastic IP addresses that are being moved from or being restored to the EC2-Classic platform. \n This request does not return information about any other Elastic IP addresses in your account.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -40736,7 +40972,7 @@ "target": "smithy.api#Unit" }, "traits": { - "smithy.api#documentation": "Disassociates an Elastic IP address from the instance or network interface it's associated with.
\nAn Elastic IP address is for use in either the EC2-Classic platform or in a VPC. For more\n\t\t\tinformation, see Elastic IP\n\t\t\t\tAddresses in the Amazon Elastic Compute Cloud User Guide.
\nWe are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.
\nThis is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error.
" + "smithy.api#documentation": "Disassociates an Elastic IP address from the instance or network interface it's associated with.
\nThis is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error.
" } }, "com.amazonaws.ec2#DisassociateAddressRequest": { @@ -40745,13 +40981,13 @@ "AssociationId": { "target": "com.amazonaws.ec2#ElasticIpAssociationId", "traits": { - "smithy.api#documentation": "[EC2-VPC] The association ID. Required for EC2-VPC.
" + "smithy.api#documentation": "The association ID. This parameter is required.
" } }, "PublicIp": { "target": "com.amazonaws.ec2#EipAllocationPublicIp", "traits": { - "smithy.api#documentation": "[EC2-Classic] The Elastic IP address. Required for EC2-Classic.
" + "smithy.api#documentation": "Deprecated.
" } }, "DryRun": { @@ -42319,6 +42555,177 @@ } } }, + "com.amazonaws.ec2#Ec2InstanceConnectEndpoint": { + "type": "structure", + "members": { + "OwnerId": { + "target": "com.amazonaws.ec2#String", + "traits": { + "aws.protocols#ec2QueryName": "OwnerId", + "smithy.api#documentation": "The ID of the Amazon Web Services account that created the EC2 Instance Connect Endpoint.
", + "smithy.api#xmlName": "ownerId" + } + }, + "InstanceConnectEndpointId": { + "target": "com.amazonaws.ec2#InstanceConnectEndpointId", + "traits": { + "aws.protocols#ec2QueryName": "InstanceConnectEndpointId", + "smithy.api#documentation": "The ID of the EC2 Instance Connect Endpoint.
", + "smithy.api#xmlName": "instanceConnectEndpointId" + } + }, + "InstanceConnectEndpointArn": { + "target": "com.amazonaws.ec2#ResourceArn", + "traits": { + "aws.protocols#ec2QueryName": "InstanceConnectEndpointArn", + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the EC2 Instance Connect Endpoint.
", + "smithy.api#xmlName": "instanceConnectEndpointArn" + } + }, + "State": { + "target": "com.amazonaws.ec2#Ec2InstanceConnectEndpointState", + "traits": { + "aws.protocols#ec2QueryName": "State", + "smithy.api#documentation": "The current state of the EC2 Instance Connect Endpoint.
", + "smithy.api#xmlName": "state" + } + }, + "StateMessage": { + "target": "com.amazonaws.ec2#String", + "traits": { + "aws.protocols#ec2QueryName": "StateMessage", + "smithy.api#documentation": "The message for the current state of the EC2 Instance Connect Endpoint. \n Can include a failure message.
", + "smithy.api#xmlName": "stateMessage" + } + }, + "DnsName": { + "target": "com.amazonaws.ec2#String", + "traits": { + "aws.protocols#ec2QueryName": "DnsName", + "smithy.api#documentation": "The DNS name of the EC2 Instance Connect Endpoint.
", + "smithy.api#xmlName": "dnsName" + } + }, + "FipsDnsName": { + "target": "com.amazonaws.ec2#String", + "traits": { + "aws.protocols#ec2QueryName": "FipsDnsName", + "smithy.api#documentation": "", + "smithy.api#xmlName": "fipsDnsName" + } + }, + "NetworkInterfaceIds": { + "target": "com.amazonaws.ec2#NetworkInterfaceIdSet", + "traits": { + "aws.protocols#ec2QueryName": "NetworkInterfaceIdSet", + "smithy.api#documentation": "The ID of the elastic network interface that Amazon EC2 automatically created when creating the EC2\n Instance Connect Endpoint.
", + "smithy.api#xmlName": "networkInterfaceIdSet" + } + }, + "VpcId": { + "target": "com.amazonaws.ec2#VpcId", + "traits": { + "aws.protocols#ec2QueryName": "VpcId", + "smithy.api#documentation": "The ID of the VPC in which the EC2 Instance Connect Endpoint was created.
", + "smithy.api#xmlName": "vpcId" + } + }, + "AvailabilityZone": { + "target": "com.amazonaws.ec2#String", + "traits": { + "aws.protocols#ec2QueryName": "AvailabilityZone", + "smithy.api#documentation": "The Availability Zone of the EC2 Instance Connect Endpoint.
", + "smithy.api#xmlName": "availabilityZone" + } + }, + "CreatedAt": { + "target": "com.amazonaws.ec2#MillisecondDateTime", + "traits": { + "aws.protocols#ec2QueryName": "CreatedAt", + "smithy.api#documentation": "The date and time that the EC2 Instance Connect Endpoint was created.
", + "smithy.api#xmlName": "createdAt" + } + }, + "SubnetId": { + "target": "com.amazonaws.ec2#SubnetId", + "traits": { + "aws.protocols#ec2QueryName": "SubnetId", + "smithy.api#documentation": "The ID of the subnet in which the EC2 Instance Connect Endpoint was created.
", + "smithy.api#xmlName": "subnetId" + } + }, + "PreserveClientIp": { + "target": "com.amazonaws.ec2#Boolean", + "traits": { + "aws.protocols#ec2QueryName": "PreserveClientIp", + "smithy.api#clientOptional": {}, + "smithy.api#default": false, + "smithy.api#documentation": "Indicates whether your client's IP address is preserved as the source. The value is true or false.
If true, your client's IP address is used when you connect to a resource.
If false, the elastic network interface IP address is used when you connect to a resource.
Default: true\n
The security groups associated with the endpoint. If you didn't specify a security group, \n the default security group for your VPC is associated with the endpoint.
", + "smithy.api#xmlName": "securityGroupIdSet" + } + }, + "Tags": { + "target": "com.amazonaws.ec2#TagList", + "traits": { + "aws.protocols#ec2QueryName": "TagSet", + "smithy.api#documentation": "The tags assigned to the EC2 Instance Connect Endpoint.
", + "smithy.api#xmlName": "tagSet" + } + } + }, + "traits": { + "smithy.api#documentation": "The EC2 Instance Connect Endpoint.
" + } + }, + "com.amazonaws.ec2#Ec2InstanceConnectEndpointState": { + "type": "enum", + "members": { + "create_in_progress": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "create-in-progress" + } + }, + "create_complete": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "create-complete" + } + }, + "create_failed": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "create-failed" + } + }, + "delete_in_progress": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "delete-in-progress" + } + }, + "delete_complete": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "delete-complete" + } + }, + "delete_failed": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "delete-failed" + } + } + } + }, "com.amazonaws.ec2#EfaInfo": { "type": "structure", "members": { @@ -48734,7 +49141,7 @@ "target": "com.amazonaws.ec2#GetIpamPoolAllocationsResult" }, "traits": { - "smithy.api#documentation": "Get a list of all the CIDR allocations in an IPAM pool.
\nIf you use this action after AllocateIpamPoolCidr or ReleaseIpamPoolAllocation, note that all EC2 API actions follow an eventual consistency model.
\nGet a list of all the CIDR allocations in an IPAM pool. The Region you use should be the IPAM pool locale. The locale is the Amazon Web Services Region where this IPAM pool is available for allocations.
\nIf you use this action after AllocateIpamPoolCidr or ReleaseIpamPoolAllocation, note that all EC2 API actions follow an eventual consistency model.
\nInformation about the number of instances that can be launched onto the Dedicated\n Host.
" } }, + "com.amazonaws.ec2#InstanceConnectEndpointId": { + "type": "string" + }, + "com.amazonaws.ec2#InstanceConnectEndpointMaxResults": { + "type": "integer", + "traits": { + "smithy.api#default": 0, + "smithy.api#range": { + "min": 1, + "max": 50 + } + } + }, + "com.amazonaws.ec2#InstanceConnectEndpointSet": { + "type": "list", + "member": { + "target": "com.amazonaws.ec2#Ec2InstanceConnectEndpoint", + "traits": { + "smithy.api#xmlName": "item" + } + } + }, "com.amazonaws.ec2#InstanceCount": { "type": "structure", "members": { @@ -73654,7 +74083,7 @@ "target": "com.amazonaws.ec2#MoveAddressToVpcResult" }, "traits": { - "smithy.api#documentation": "Moves an Elastic IP address from the EC2-Classic platform to the EC2-VPC platform. The\n Elastic IP address must be allocated to your account for more than 24 hours, and it must not\n be associated with an instance. After the Elastic IP address is moved, it is no longer\n available for use in the EC2-Classic platform, unless you move it back using the\n RestoreAddressToClassic request. You cannot move an Elastic IP address that was\n originally allocated for use in the EC2-VPC platform to the EC2-Classic platform.
\nWe are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.
\nThis action is deprecated.
\nMoves an Elastic IP address from the EC2-Classic platform to the EC2-VPC platform. The\n Elastic IP address must be allocated to your account for more than 24 hours, and it must not\n be associated with an instance. After the Elastic IP address is moved, it is no longer\n available for use in the EC2-Classic platform, unless you move it back using the\n RestoreAddressToClassic request. You cannot move an Elastic IP address that was\n originally allocated for use in the EC2-VPC platform to the EC2-Classic platform.
" } }, "com.amazonaws.ec2#MoveAddressToVpcRequest": { @@ -73801,7 +74230,7 @@ "target": "com.amazonaws.ec2#MoveStatus", "traits": { "aws.protocols#ec2QueryName": "MoveStatus", - "smithy.api#documentation": "The status of the Elastic IP address that's being moved to the EC2-VPC platform, or restored to the EC2-Classic platform.
", + "smithy.api#documentation": "The status of the Elastic IP address that's being moved or restored.
", "smithy.api#xmlName": "moveStatus" } }, @@ -73815,7 +74244,7 @@ } }, "traits": { - "smithy.api#documentation": "Describes the status of a moving Elastic IP address.
\nWe are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.
\nThis action is deprecated.
\nDescribes the status of a moving Elastic IP address.
" } }, "com.amazonaws.ec2#MovingAddressStatusSet": { @@ -75609,6 +76038,15 @@ } } }, + "com.amazonaws.ec2#NetworkInterfaceIdSet": { + "type": "list", + "member": { + "target": "com.amazonaws.ec2#String", + "traits": { + "smithy.api#xmlName": "item" + } + } + }, "com.amazonaws.ec2#NetworkInterfaceIpv6Address": { "type": "structure", "members": { @@ -80357,7 +80795,7 @@ "target": "smithy.api#Unit" }, "traits": { - "smithy.api#documentation": "Releases the specified Elastic IP address.
\n[EC2-Classic, default VPC] Releasing an Elastic IP address automatically disassociates it\n\t\t\t\tfrom any instance that it's associated with. To disassociate an Elastic IP address without\n\t\t\t\treleasing it, use DisassociateAddress.
\nWe are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.
\n[Nondefault VPC] You must use DisassociateAddress to disassociate the Elastic IP address\n\t\t\t before you can release it. Otherwise, Amazon EC2 returns an error (InvalidIPAddress.InUse).
After releasing an Elastic IP address, it is released to the IP address pool. \n Be sure to update your DNS records and any servers or devices that communicate with the address. \n If you attempt to release an Elastic IP address that you already released, you'll get an\n AuthFailure error if the address is already allocated to another Amazon Web Services account.
[EC2-VPC] After you release an Elastic IP address for use in a VPC, you might be able to recover it.\n For more information, see AllocateAddress.
\nFor more\n information, see Elastic IP\n Addresses in the Amazon Elastic Compute Cloud User Guide.
" + "smithy.api#documentation": "Releases the specified Elastic IP address.
\n[Default VPC] Releasing an Elastic IP address automatically disassociates it\n\t\t\t\tfrom any instance that it's associated with. To disassociate an Elastic IP address without\n\t\t\t\treleasing it, use DisassociateAddress.
\n[Nondefault VPC] You must use DisassociateAddress to disassociate the Elastic IP address\n\t\t\t before you can release it. Otherwise, Amazon EC2 returns an error (InvalidIPAddress.InUse).
After releasing an Elastic IP address, it is released to the IP address pool. \n Be sure to update your DNS records and any servers or devices that communicate with the address. \n If you attempt to release an Elastic IP address that you already released, you'll get an\n AuthFailure error if the address is already allocated to another Amazon Web Services account.
After you release an Elastic IP address, you might be able to recover it.\n For more information, see AllocateAddress.
" } }, "com.amazonaws.ec2#ReleaseAddressRequest": { @@ -80366,13 +80804,13 @@ "AllocationId": { "target": "com.amazonaws.ec2#AllocationId", "traits": { - "smithy.api#documentation": "[EC2-VPC] The allocation ID. Required for EC2-VPC.
" + "smithy.api#documentation": "The allocation ID. This parameter is required.
" } }, "PublicIp": { "target": "com.amazonaws.ec2#String", "traits": { - "smithy.api#documentation": "[EC2-Classic] The Elastic IP address. Required for EC2-Classic.
" + "smithy.api#documentation": "Deprecated.
" } }, "NetworkBorderGroup": { @@ -80459,7 +80897,7 @@ "target": "com.amazonaws.ec2#ReleaseIpamPoolAllocationResult" }, "traits": { - "smithy.api#documentation": "Release an allocation within an IPAM pool. You can only use this action to release manual allocations. To remove an allocation for a resource without deleting the resource, set its monitored state to false using ModifyIpamResourceCidr. For more information, see Release an allocation in the Amazon VPC IPAM User Guide.\n
\nAll EC2 API actions follow an eventual consistency model.
\nRelease an allocation within an IPAM pool. The Region you use should be the IPAM pool locale. The locale is the Amazon Web Services Region where this IPAM pool is available for allocations. You can only use this action to release manual allocations. To remove an allocation for a resource without deleting the resource, set its monitored state to false using ModifyIpamResourceCidr. For more information, see Release an allocation in the Amazon VPC IPAM User Guide.\n
\nAll EC2 API actions follow an eventual consistency model.
\nRestores an Elastic IP address that was previously moved to the EC2-VPC platform back to the EC2-Classic platform. You cannot move an Elastic IP address that was originally allocated for use in EC2-VPC. The Elastic IP address must not be associated with an instance or network interface.
\nWe are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.
\nThis action is deprecated.
\nRestores an Elastic IP address that was previously moved to the EC2-VPC platform back to the EC2-Classic platform. You cannot move an Elastic IP address that was originally allocated for use in EC2-VPC. The Elastic IP address must not be associated with an instance or network interface.
" } }, "com.amazonaws.ec2#RestoreAddressToClassicRequest": { @@ -87246,6 +87690,15 @@ } } }, + "com.amazonaws.ec2#SecurityGroupIdSet": { + "type": "list", + "member": { + "target": "com.amazonaws.ec2#SecurityGroupId", + "traits": { + "smithy.api#xmlName": "item" + } + } + }, "com.amazonaws.ec2#SecurityGroupIdStringList": { "type": "list", "member": { @@ -87255,6 +87708,21 @@ } } }, + "com.amazonaws.ec2#SecurityGroupIdStringListRequest": { + "type": "list", + "member": { + "target": "com.amazonaws.ec2#SecurityGroupId", + "traits": { + "smithy.api#xmlName": "SecurityGroupId" + } + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 16 + } + } + }, "com.amazonaws.ec2#SecurityGroupIdentifier": { "type": "structure", "members": { diff --git a/codegen/sdk/aws-models/efs.json b/codegen/sdk/aws-models/efs.json index 06ecf5bb09a..56f669179d9 100644 --- a/codegen/sdk/aws-models/efs.json +++ b/codegen/sdk/aws-models/efs.json @@ -321,7 +321,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates an EFS access point. An access point is an application-specific view into an EFS\n file system that applies an operating system user and group, and a file system path, to any\n file system request made through the access point. The operating system user and group\n override any identity information provided by the NFS client. The file system path is exposed\n as the access point's root directory. Applications using the access point can only access data in\n the application's own directory and any subdirectories. To learn more, see Mounting a file system using EFS access\n points.
\nIf multiple requests to create access points on the same file system are sent in quick\n succession, and the file system is near the limit of 1000 access points, you may experience\n a throttling response for these requests. This is to ensure that the file system does not\n exceed the stated access point limit.
\nThis operation requires permissions for the elasticfilesystem:CreateAccessPoint action.
Creates an EFS access point. An access point is an application-specific view into an EFS\n file system that applies an operating system user and group, and a file system path, to any\n file system request made through the access point. The operating system user and group\n override any identity information provided by the NFS client. The file system path is exposed\n as the access point's root directory. Applications using the access point can only access data in\n the application's own directory and any subdirectories. To learn more, see Mounting a file system using EFS access\n points.
\nIf multiple requests to create access points on the same file system are sent in quick\n succession, and the file system is near the limit of 1,000 access points, you may experience\n a throttling response for these requests. This is to ensure that the file system does not\n exceed the stated access point limit.
\nThis operation requires permissions for the elasticfilesystem:CreateAccessPoint action.
Access points can be tagged on creation. If tags are specified in the creation action, IAM\n performs additional authorization on the elasticfilesystem:TagResource action to\n verify if users have permissions to create tags. Therefore, you must grant explicit\n permissions to use the elasticfilesystem:TagResource action. For more\n information, see Granting\n permissions to tag resources during creation.
Creates a new, empty file system. The operation requires a creation token in the\n request that Amazon EFS uses to ensure idempotent creation (calling the operation with same\n creation token has no effect). If a file system does not currently exist that is owned by the\n caller's Amazon Web Services account with the specified creation token, this operation does the\n following:
\nCreates a new, empty file system. The file system will have an Amazon EFS assigned\n ID, and an initial lifecycle state creating.
Returns with the description of the created file system.
\nOtherwise, this operation returns a FileSystemAlreadyExists error with the\n ID of the existing file system.
For basic use cases, you can use a randomly generated UUID for the creation\n token.
\n The idempotent operation allows you to retry a CreateFileSystem call without\n risk of creating an extra file system. This can happen when an initial call fails in a way\n that leaves it uncertain whether or not a file system was actually created. An example might\n be that a transport level timeout occurred or your connection was reset. As long as you use\n the same creation token, if the initial call had succeeded in creating a file system, the\n client can learn of its existence from the FileSystemAlreadyExists error.
For more information, see \n Creating a file system\n in the Amazon EFS User Guide.
\nThe CreateFileSystem call returns while the file system's lifecycle\n state is still creating. You can check the file system creation status by\n calling the DescribeFileSystems operation, which among other things returns the file\n system state.
This operation accepts an optional PerformanceMode parameter that you\n choose for your file system. We recommend generalPurpose performance mode for\n most file systems. File systems using the maxIO performance mode can scale to\n higher levels of aggregate throughput and operations per second with a tradeoff of slightly\n higher latencies for most file operations. The performance mode can't be changed after\n the file system has been created. For more information, see Amazon EFS performance\n modes.
You can set the throughput mode for the file system using the ThroughputMode parameter.
After the file system is fully created, Amazon EFS sets its lifecycle state to\n available, at which point you can create one or more mount targets for the file\n system in your VPC. For more information, see CreateMountTarget. You mount your Amazon EFS file system on an EC2 instances in\n your VPC by using the mount target. For more information, see Amazon EFS: How it Works.
This operation requires permissions for the\n elasticfilesystem:CreateFileSystem action.
Creates a new, empty file system. The operation requires a creation token in the\n request that Amazon EFS uses to ensure idempotent creation (calling the operation with same\n creation token has no effect). If a file system does not currently exist that is owned by the\n caller's Amazon Web Services account with the specified creation token, this operation does the\n following:
\nCreates a new, empty file system. The file system will have an Amazon EFS assigned\n ID, and an initial lifecycle state creating.
Returns with the description of the created file system.
\nOtherwise, this operation returns a FileSystemAlreadyExists error with the\n ID of the existing file system.
For basic use cases, you can use a randomly generated UUID for the creation\n token.
\n The idempotent operation allows you to retry a CreateFileSystem call without\n risk of creating an extra file system. This can happen when an initial call fails in a way\n that leaves it uncertain whether or not a file system was actually created. An example might\n be that a transport level timeout occurred or your connection was reset. As long as you use\n the same creation token, if the initial call had succeeded in creating a file system, the\n client can learn of its existence from the FileSystemAlreadyExists error.
For more information, see \n Creating a file system\n in the Amazon EFS User Guide.
\nThe CreateFileSystem call returns while the file system's lifecycle\n state is still creating. You can check the file system creation status by\n calling the DescribeFileSystems operation, which among other things returns the file\n system state.
This operation accepts an optional PerformanceMode parameter that you\n choose for your file system. We recommend generalPurpose performance mode for\n most file systems. File systems using the maxIO performance mode can scale to\n higher levels of aggregate throughput and operations per second with a tradeoff of slightly\n higher latencies for most file operations. The performance mode can't be changed after\n the file system has been created. For more information, see Amazon EFS performance\n modes.
You can set the throughput mode for the file system using the ThroughputMode parameter.
After the file system is fully created, Amazon EFS sets its lifecycle state to\n available, at which point you can create one or more mount targets for the file\n system in your VPC. For more information, see CreateMountTarget. You mount your Amazon EFS file system on an EC2 instances in\n your VPC by using the mount target. For more information, see Amazon EFS: How it Works.
This operation requires permissions for the\n elasticfilesystem:CreateFileSystem action.
File systems can be tagged on creation. If tags are specified in the creation action, IAM\n performs additional authorization on the elasticfilesystem:TagResource action to\n verify if users have permissions to create tags. Therefore, you must grant explicit\n permissions to use the elasticfilesystem:TagResource action. For more\n information, see Granting permissions to tag resources during creation.
Describes the status of the destination Amazon EFS file system. If the status is\n ERROR, the destination file system in the replication configuration is in a\n failed state and is unrecoverable. To access the file system data, restore a backup of the\n failed file system to a new file system.
Describes the status of the destination Amazon EFS file system.
\nThe Paused state occurs as a result of opting out of the source or\n destination Region after the replication configuration was created. To resume replication\n for the file system, you need to again opt in to the Amazon Web Services Region. For more\n information, see Managing Amazon Web Services Regions in the Amazon Web Services General Reference\n Guide.
The Error state occurs when either the source or the destination file\n system (or both) is in a failed state and is unrecoverable. For more information, see\n Monitoring\n replication status in the Amazon EFS User Guide. You must delete the replication configuration, and then\n restore the most recent backup of the failed file system (either the source or the\n destination) to a new file system.
Creates an Amazon FSx for Lustre data repository association (DRA). A data\n repository association is a link between a directory on the file system and\n an Amazon S3 bucket or prefix. You can have a maximum of 8 data repository\n associations on a file system. Data repository associations are supported\n for all file systems except for Scratch_1 deployment type.
Each data repository association must have a unique Amazon FSx file\n system directory and a unique S3 bucket or prefix associated with it. You\n can configure a data repository association for automatic import only,\n for automatic export only, or for both. To learn more about linking a\n data repository to your file system, see \n Linking your file system to an S3 bucket.
\n\n CreateDataRepositoryAssociation isn't supported\n on Amazon File Cache resources. To create a DRA on Amazon File Cache,\n use the CreateFileCache operation.
Creates an Amazon FSx for Lustre data repository association (DRA). A data\n repository association is a link between a directory on the file system and\n an Amazon S3 bucket or prefix. You can have a maximum of 8 data repository\n associations on a file system. Data repository associations are supported\n on all FSx for Lustre 2.12 and newer file systems, excluding\n scratch_1 deployment type.
Each data repository association must have a unique Amazon FSx file\n system directory and a unique S3 bucket or prefix associated with it. You\n can configure a data repository association for automatic import only,\n for automatic export only, or for both. To learn more about linking a\n data repository to your file system, see \n Linking your file system to an S3 bucket.
\n\n CreateDataRepositoryAssociation isn't supported\n on Amazon File Cache resources. To create a DRA on Amazon File Cache,\n use the CreateFileCache operation.
Specifies the file system deployment type. Single AZ deployment types are configured\n for redundancy within a single Availability Zone in an Amazon Web Services Region .\n Valid values are the following:
\n\n SINGLE_AZ_1- (Default) Creates file systems with throughput capacities of 64 - 4,096 MB/s.\n Single_AZ_1 is available in all Amazon Web Services Regions where Amazon FSx \n for OpenZFS is available, except US West (Oregon).
\n SINGLE_AZ_2- Creates file systems with throughput capacities of 160 - 10,240 MB/s\n using an NVMe L2ARC cache. Single_AZ_2 is available only in the US East (N. Virginia), US East (Ohio), \n US West (Oregon), and Europe (Ireland) Amazon Web Services Regions.
For more information, see: Deployment type availability\n and File system performance\n in the Amazon FSx for OpenZFS User Guide.
", + "smithy.api#documentation": "Specifies the file system deployment type. Single AZ deployment types are configured\n for redundancy within a single Availability Zone in an Amazon Web Services Region .\n Valid values are the following:
\n\n SINGLE_AZ_1- (Default) Creates file systems with throughput capacities of 64 - 4,096 MBps.\n Single_AZ_1 is available in all Amazon Web Services Regions where Amazon FSx \n for OpenZFS is available, except US West (Oregon).
\n SINGLE_AZ_2- Creates file systems with throughput capacities of 160 - 10,240 MBps\n using an NVMe L2ARC cache. Single_AZ_2 is available only in the US East (N. Virginia), US East (Ohio), \n US West (Oregon), and Europe (Ireland) Amazon Web Services Regions.
For more information, see: Deployment type availability\n and File system performance\n in the Amazon FSx for OpenZFS User Guide.
", "smithy.api#required": {} } }, "ThroughputCapacity": { "target": "com.amazonaws.fsx#MegabytesPerSecond", "traits": { - "smithy.api#documentation": "Specifies the throughput of an Amazon FSx for OpenZFS file system, measured in megabytes per second (MB/s). Valid values depend on the DeploymentType you choose, as follows:
\nFor SINGLE_AZ_1, valid values are 64, 128, 256, 512, 1024, 2048, 3072, or 4096 MB/s.
For SINGLE_AZ_2, valid values are 160, 320, 640, 1280, 2560, 3840, 5120, 7680, or 10240 MB/s.
You pay for additional throughput capacity that you provision.
", + "smithy.api#documentation": "Specifies the throughput of an Amazon FSx for OpenZFS file system, measured in megabytes per second (MBps). Valid values depend on the DeploymentType you choose, as follows:
\nFor SINGLE_AZ_1, valid values are 64, 128, 256, 512, 1024, 2048, 3072, or 4096 MBps.
For SINGLE_AZ_2, valid values are 160, 320, 640, 1280, 2560, 3840, 5120, 7680, or 10240 MBps.
You pay for additional throughput capacity that you provision.
", "smithy.api#required": {} } }, @@ -3717,7 +3717,7 @@ "com.amazonaws.fsx#DNSName": { "type": "string", "traits": { - "smithy.api#documentation": "The Domain Name Service (DNS) name for the file system. You can mount your file\n system using its DNS name.
", + "smithy.api#documentation": "The file system's DNS name. You can mount your file\n system using its DNS name.
", "smithy.api#length": { "min": 16, "max": 275 @@ -3839,7 +3839,7 @@ } }, "traits": { - "smithy.api#documentation": "The configuration of a data repository association that links\n an Amazon FSx for Lustre file system to an Amazon S3 bucket\n or an Amazon File Cache resource to an Amazon S3 bucket or an NFS file system.\n The data repository association configuration object is returned\n in the response of the following operations:
\n\n CreateDataRepositoryAssociation\n
\n UpdateDataRepositoryAssociation\n
\n DescribeDataRepositoryAssociations\n
Data repository associations are supported on Amazon File Cache resources and\n all Amazon FSx for Lustre file systems excluding Scratch_1 deployment\n types.
The configuration of a data repository association that links\n an Amazon FSx for Lustre file system to an Amazon S3 bucket\n or an Amazon File Cache resource to an Amazon S3 bucket or an NFS file system.\n The data repository association configuration object is returned\n in the response of the following operations:
\n\n CreateDataRepositoryAssociation\n
\n UpdateDataRepositoryAssociation\n
\n DescribeDataRepositoryAssociations\n
Data repository associations are supported on Amazon File Cache resources and\n all FSx for Lustre 2.12 and newer file systems, excluding\n scratch_1 deployment type.
Deletes a data repository association on an Amazon FSx for Lustre\n file system. Deleting the data repository association unlinks the\n file system from the Amazon S3 bucket. When deleting a data repository\n association, you have the option of deleting the data in the file system\n that corresponds to the data repository association. Data repository\n associations are supported for all file systems except for Scratch_1\n deployment type.
Deletes a data repository association on an Amazon FSx for Lustre\n file system. Deleting the data repository association unlinks the\n file system from the Amazon S3 bucket. When deleting a data repository\n association, you have the option of deleting the data in the file system\n that corresponds to the data repository association. Data repository\n associations are supported on all FSx for Lustre 2.12 and newer file\n systems, excluding scratch_1 deployment type.
Returns the description of specific Amazon FSx for Lustre or Amazon File Cache\n data repository associations, if one or more AssociationIds values\n are provided in the request, or if filters are used in the request. Data repository\n associations are supported on Amazon File Cache resources and all Amazon FSx for\n Lustre file systems excluding Scratch_1 deployment types.
You can use filters to narrow the response to include just data repository\n associations for specific file systems (use the file-system-id filter with\n the ID of the file system) or caches (use the file-cache-id filter with\n the ID of the cache), or data repository associations for a specific repository type\n (use the data-repository-type filter with a value of S3\n or NFS). If you don't use filters, the response returns all data\n repository associations owned by your Amazon Web Services account in the Amazon Web Services Region\n of the endpoint that you're calling.
When retrieving all data repository associations, you can paginate the response by using\n the optional MaxResults parameter to limit the number of data repository associations\n returned in a response. If more data repository associations remain, a\n NextToken value is returned in the response. In this case, send a later\n request with the NextToken request parameter set to the value of\n NextToken from the last response.
Returns the description of specific Amazon FSx for Lustre or Amazon File Cache\n data repository associations, if one or more AssociationIds values\n are provided in the request, or if filters are used in the request. Data repository\n associations are supported on Amazon File Cache resources and all FSx for Lustre\n 2.12 and newer file systems, excluding scratch_1 deployment type.
You can use filters to narrow the response to include just data repository\n associations for specific file systems (use the file-system-id filter with\n the ID of the file system) or caches (use the file-cache-id filter with\n the ID of the cache), or data repository associations for a specific repository type\n (use the data-repository-type filter with a value of S3\n or NFS). If you don't use filters, the response returns all data\n repository associations owned by your Amazon Web Services account in the Amazon Web Services Region\n of the endpoint that you're calling.
When retrieving all data repository associations, you can paginate the response by using\n the optional MaxResults parameter to limit the number of data repository associations\n returned in a response. If more data repository associations remain, a\n NextToken value is returned in the response. In this case, send a later\n request with the NextToken request parameter set to the value of\n NextToken from the last response.
Specifies whether the number of IOPS for the file system is\n using the system default (AUTOMATIC) or was\n provisioned by the customer (USER_PROVISIONED).
Specifies whether the file system is \n using the AUTOMATIC setting of SSD IOPS of 3 IOPS per GB of storage capacity, , or \n if it using a USER_PROVISIONED value.
The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for NetApp ONTAP or Amazon FSx for OpenZFS file system. The\n default is 3 IOPS per GB of storage capacity, but you can provision additional IOPS per\n GB of storage. The configuration consists of the total number of provisioned SSD IOPS\n and how the amount was provisioned (by the customer or by the system).
" + "smithy.api#documentation": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for NetApp ONTAP or FSx for OpenZFS file system. By default, Amazon FSx \n automatically provisions 3 IOPS per GB of storage capacity. You can provision additional IOPS per\n GB of storage. The configuration consists of the total number of provisioned SSD IOPS\n and how it is was provisioned, or the mode (by the customer or by Amazon FSx).
" } }, "com.amazonaws.fsx#DiskIopsConfigurationMode": { @@ -7773,6 +7776,12 @@ }, "WeeklyMaintenanceStartTime": { "target": "com.amazonaws.fsx#WeeklyTime" + }, + "FsxAdminPassword": { + "target": "com.amazonaws.fsx#AdminPassword", + "traits": { + "smithy.api#documentation": "You can use the fsxadmin user account to access the NetApp ONTAP CLI and \n REST API. The password value is always redacted in the response.
The current percent of progress of an asynchronous task.
", + "smithy.api#documentation": "Displays the current percent of progress of an asynchronous task.
", "smithy.api#range": { "min": 0, "max": 100 @@ -8796,7 +8805,7 @@ } }, "traits": { - "smithy.api#documentation": "The configuration that Amazon FSx uses to join a FSx for Windows File Server file system or an ONTAP storage virtual machine (SVM) to\n a self-managed (including on-premises) Microsoft Active Directory (AD)\n directory. For more information, see \n \n Using Amazon FSx with your self-managed Microsoft Active Directory or \n Managing SVMs.
" + "smithy.api#documentation": "The configuration that Amazon FSx uses to join a FSx for Windows File Server file system or an FSx for ONTAP storage virtual machine (SVM) to\n a self-managed (including on-premises) Microsoft Active Directory (AD)\n directory. For more information, see \n \n Using Amazon FSx for Windows with your self-managed Microsoft Active Directory or \n Managing FSx for ONTAP SVMs.
" } }, "com.amazonaws.fsx#SelfManagedActiveDirectoryConfigurationUpdates": { @@ -8805,24 +8814,42 @@ "UserName": { "target": "com.amazonaws.fsx#DirectoryUserName", "traits": { - "smithy.api#documentation": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to\n your AD domain. This account must have the permission to join\n computers to the domain in the organizational unit provided in\n OrganizationalUnitDistinguishedName.
Specifies the updated user name for the service account on your self-managed AD domain.\n Amazon FSx uses this account to join to your self-managed AD domain.
\nThis account must have the permissions required to join\n computers to the domain in the organizational unit provided in\n OrganizationalUnitDistinguishedName.
The password for the service account on your self-managed AD domain that Amazon FSx will use to join to\n your AD domain.
" + "smithy.api#documentation": "Specifies the updated password for the service account on your self-managed AD domain. \n Amazon FSx uses this account to join to your self-managed AD domain.
" } }, "DnsIps": { "target": "com.amazonaws.fsx#DnsIps", "traits": { - "smithy.api#documentation": "A list of up to three IP addresses of DNS servers or domain controllers in the\n self-managed AD directory.
" + "smithy.api#documentation": "A list of up to three DNS server or domain controller IP addresses in your\n self-managed AD domain.
" + } + }, + "DomainName": { + "target": "com.amazonaws.fsx#ActiveDirectoryFullyQualifiedName", + "traits": { + "smithy.api#documentation": "Specifies an updated fully qualified domain name of your self-managed AD configuration.
" + } + }, + "OrganizationalUnitDistinguishedName": { + "target": "com.amazonaws.fsx#OrganizationalUnitDistinguishedName", + "traits": { + "smithy.api#documentation": "Specifies an updated fully qualified distinguished name of the organization unit within your self-managed AD.
" + } + }, + "FileSystemAdministratorsGroup": { + "target": "com.amazonaws.fsx#FileSystemAdministratorsGroupName", + "traits": { + "smithy.api#documentation": "Specifies the updated name of the self-managed AD domain group whose members are granted administrative privileges\n for the Amazon FSx resource.
" } } }, "traits": { - "smithy.api#documentation": "The configuration that Amazon FSx uses to join the Windows File Server instance to a\n self-managed Microsoft Active Directory (AD) directory.
" + "smithy.api#documentation": "Specifies changes you are making to the self-managed Microsoft Active Directory (AD) configuration to which \n an FSx for Windows File Server file system or an FSx for ONTAP SVM is joined.
" } }, "com.amazonaws.fsx#ServiceLimit": { @@ -9193,7 +9220,7 @@ "com.amazonaws.fsx#StorageCapacity": { "type": "integer", "traits": { - "smithy.api#documentation": "The storage capacity for your Amazon FSx file system, in gibibytes.
", + "smithy.api#documentation": "Specifies the file system's storage capacity, in gibibytes (GiB).
", "smithy.api#range": { "min": 0, "max": 2147483647 @@ -9217,7 +9244,7 @@ } }, "traits": { - "smithy.api#documentation": "The storage type for your Amazon FSx file system.
" + "smithy.api#documentation": "Specifies the file system's storage type.
" } }, "com.amazonaws.fsx#StorageVirtualMachine": { @@ -9553,7 +9580,7 @@ "NetBiosName": { "target": "com.amazonaws.fsx#NetBiosAlias", "traits": { - "smithy.api#documentation": "The NetBIOS name of the Active Directory computer object that is joined to your SVM.
" + "smithy.api#documentation": "The NetBIOS name of the AD computer object to which the SVM is joined.
" } }, "SelfManagedActiveDirectoryConfiguration": { @@ -9561,7 +9588,7 @@ } }, "traits": { - "smithy.api#documentation": "Describes the configuration of the Microsoft Active Directory (AD) \n directory to which the Amazon FSx for ONTAP storage virtual machine (SVM) is joined.\n Pleae note, account credentials are not returned in the response payload.
" + "smithy.api#documentation": "Describes the Microsoft Active Directory (AD) directory configuration to which the FSx for ONTAP storage virtual machine (SVM) is joined.\n Note that account credentials are not returned in the response payload.
" } }, "com.amazonaws.fsx#SvmEndpoint": { @@ -9927,7 +9954,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates the configuration of an existing data repository association\n on an Amazon FSx for Lustre file system. Data repository associations\n are supported for all file systems except for Scratch_1\n deployment type.
Updates the configuration of an existing data repository association\n on an Amazon FSx for Lustre file system. Data repository associations\n are supported on all FSx for Lustre 2.12 and newer file systems,\n excluding scratch_1 deployment type.
The ONTAP administrative password for the fsxadmin user.
Update the password for the fsxadmin user by entering a new password. \n You use the fsxadmin user to access the NetApp ONTAP CLI and REST API to manage your file system resources. \n For more information, see \n Managing resources using NetApp Applicaton.
The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for NetApp ONTAP file system. The default is 3 IOPS per GB of storage capacity,\n but you can provision additional IOPS per GB of storage. The configuration consists\n of an IOPS mode (AUTOMATIC or USER_PROVISIONED), and in\n the case of USER_PROVISIONED IOPS, the total number of SSD IOPS provisioned.
The SSD IOPS (input output operations per second) configuration for an Amazon FSx for NetApp ONTAP file system. The default is 3 IOPS per GB of storage capacity,\n but you can provision additional IOPS per GB of storage. The configuration consists\n of an IOPS mode (AUTOMATIC or USER_PROVISIONED), and in\n the case of USER_PROVISIONED IOPS, the total number of SSD IOPS provisioned. \n For more information, see \n Updating SSD storage capacity and IOPS.
Specifies the throughput of an FSx for NetApp ONTAP file system, measured in megabytes per second\n (MBps). Valid values are 128, 256, 512, 1024, 2048, and 4096 MBps.
" + "smithy.api#documentation": "Enter a new value to change the amount of throughput capacity for the file system. Throughput capacity is measured in megabytes per second\n (MBps). Valid values are 128, 256, 512, 1024, 2048, and 4096 MBps. For more information, see \n Managing throughput capacity \n in the FSx for ONTAP User Guide.
" } }, "AddRouteTableIds": { @@ -10253,7 +10280,7 @@ "StorageCapacity": { "target": "com.amazonaws.fsx#StorageCapacity", "traits": { - "smithy.api#documentation": "Use this parameter to increase the storage capacity of an FSx for Windows File Server,\n FSx for Lustre, FSx for OpenZFS, or FSx for ONTAP file system.\n Specifies the storage capacity target value, in GiB, to increase the storage capacity for\n the file system that you're updating.
\nYou can't make a storage capacity increase request if there is an existing storage\n capacity increase request in progress.
\nFor Lustre file systems, the storage capacity target value can be the following:
\nFor SCRATCH_2, PERSISTENT_1, and PERSISTENT_2 SSD deployment types, valid values\n are in multiples of 2400 GiB. The value must be greater than the current storage capacity.
For PERSISTENT HDD file systems, valid values are multiples of 6000 GiB for\n 12-MBps throughput per TiB file systems and multiples of 1800 GiB for 40-MBps throughput\n per TiB file systems. The values must be greater than the current storage capacity.
For SCRATCH_1 file systems, you can't increase the storage capacity.
For more information, see Managing storage and throughput\n capacity in the FSx for Lustre User Guide.
\nFor FSx for OpenZFS file systems, the storage capacity target value must be at least 10 percent\n greater than the current storage capacity value. For more information, see\n Managing storage capacity in the FSx for OpenZFS User\n Guide.
\nFor Windows file systems, the storage capacity target value must be at least 10 percent\n greater than the current storage capacity value. To increase storage capacity, the file system\n must have at least 16 MBps of throughput capacity. For more information, see Managing storage\n capacity in the Amazon FSx for Windows File Server User\n Guide.
\nFor ONTAP file systems, the storage capacity target value must be at least 10 percent\n greater than the current storage capacity value. For more information, see\n Managing storage capacity and provisioned IOPS in the Amazon FSx for NetApp ONTAP User\n Guide.
" + "smithy.api#documentation": "Use this parameter to increase the storage capacity of an FSx for Windows File Server,\n FSx for Lustre, FSx for OpenZFS, or FSx for ONTAP file system.\n Specifies the storage capacity target value, in GiB, to increase the storage capacity for\n the file system that you're updating.
\nYou can't make a storage capacity increase request if there is an existing storage\n capacity increase request in progress.
\nFor Lustre file systems, the storage capacity target value can be the following:
\nFor SCRATCH_2, PERSISTENT_1, and PERSISTENT_2 SSD deployment types, valid values\n are in multiples of 2400 GiB. The value must be greater than the current storage capacity.
For PERSISTENT HDD file systems, valid values are multiples of 6000 GiB for\n 12-MBps throughput per TiB file systems and multiples of 1800 GiB for 40-MBps throughput\n per TiB file systems. The values must be greater than the current storage capacity.
For SCRATCH_1 file systems, you can't increase the storage capacity.
For more information, see Managing storage and throughput\n capacity in the FSx for Lustre User Guide.
\nFor FSx for OpenZFS file systems, the storage capacity target value must be at least 10 percent\n greater than the current storage capacity value. For more information, see\n Managing storage capacity in the FSx for OpenZFS User\n Guide.
\nFor Windows file systems, the storage capacity target value must be at least 10 percent\n greater than the current storage capacity value. To increase storage capacity, the file system\n must have at least 16 MBps of throughput capacity. For more information, see Managing storage\n capacity in the Amazon FSxfor Windows File Server User\n Guide.
\nFor ONTAP file systems, the storage capacity target value must be at least 10 percent\n greater than the current storage capacity value. For more information, see\n Managing storage capacity and provisioned IOPS in the Amazon FSx for NetApp ONTAP User\n Guide.
" } }, "WindowsConfiguration": { @@ -10271,7 +10298,7 @@ "OpenZFSConfiguration": { "target": "com.amazonaws.fsx#UpdateFileSystemOpenZFSConfiguration", "traits": { - "smithy.api#documentation": "The configuration updates for an Amazon FSx for OpenZFS file system.
" + "smithy.api#documentation": "The configuration updates for an FSx for OpenZFS file system.
" } } }, @@ -10531,7 +10558,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates an Amazon FSx for ONTAP storage virtual machine (SVM).
" + "smithy.api#documentation": "Updates an FSx for ONTAP storage virtual machine (SVM).
" } }, "com.amazonaws.fsx#UpdateStorageVirtualMachineRequest": { @@ -10540,7 +10567,7 @@ "ActiveDirectoryConfiguration": { "target": "com.amazonaws.fsx#UpdateSvmActiveDirectoryConfiguration", "traits": { - "smithy.api#documentation": "Updates the Microsoft Active Directory (AD) configuration for an SVM that is joined to an AD.
" + "smithy.api#documentation": "Specifies updates to an SVM's Microsoft Active Directory (AD) configuration.
" } }, "ClientRequestToken": { @@ -10559,7 +10586,7 @@ "SvmAdminPassword": { "target": "com.amazonaws.fsx#AdminPassword", "traits": { - "smithy.api#documentation": "Enter a new SvmAdminPassword if you are updating it.
" + "smithy.api#documentation": "Specifies a new SvmAdminPassword.
" } } }, @@ -10583,10 +10610,16 @@ "members": { "SelfManagedActiveDirectoryConfiguration": { "target": "com.amazonaws.fsx#SelfManagedActiveDirectoryConfigurationUpdates" + }, + "NetBiosName": { + "target": "com.amazonaws.fsx#NetBiosAlias", + "traits": { + "smithy.api#documentation": "Specifies an updated NetBIOS name of the AD computer object NetBiosName to which an SVM is joined.
Updates the Microsoft Active Directory (AD) configuration of an SVM joined to an AD. \n Please note, account credentials are not returned in the response payload.
" + "smithy.api#documentation": "Specifies updates to an FSx for ONTAP storage virtual machine's (SVM) Microsoft Active Directory (AD) configuration. \n Note that account credentials are not returned in the response payload.
" } }, "com.amazonaws.fsx#UpdateVolume": { diff --git a/codegen/sdk/aws-models/guardduty.json b/codegen/sdk/aws-models/guardduty.json index 7b0205f4cee..e3faf72bfb2 100644 --- a/codegen/sdk/aws-models/guardduty.json +++ b/codegen/sdk/aws-models/guardduty.json @@ -1790,7 +1790,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates member accounts of the current Amazon Web Services account by specifying a list of Amazon Web Services account\n IDs. This step is a prerequisite for managing the associated member accounts either by\n invitation or through an organization.
\nWhen using Create Members as an organizations delegated administrator this\n action will enable GuardDuty in the added member accounts, with the exception of the\n organization delegated administrator account, which must enable GuardDuty prior to being added\n as a member.
If you are adding accounts by invitation, use this action after GuardDuty has bee enabled in\n potential member accounts and before using InviteMembers.
", + "smithy.api#documentation": "Creates member accounts of the current Amazon Web Services account by specifying a list of Amazon Web Services account\n IDs. This step is a prerequisite for managing the associated member accounts either by\n invitation or through an organization.
\nAs a delegated administrator, using CreateMembers will enable GuardDuty in \n the added member accounts, with the exception of the\n organization delegated administrator account. A delegated administrator must enable GuardDuty \n prior to being added as a member.
If you are adding accounts by invitation, before using InviteMembers, use \n CreateMembers after GuardDuty has been enabled in potential member accounts.
If you disassociate a member from a GuardDuty \n delegated administrator, the member account details \n obtained from this API, including the associated email addresses, will be retained. \n This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To \n remove the details associated with a member account, the delegated administrator must invoke the \n DeleteMembers API.
", "smithy.api#http": { "method": "POST", "uri": "/detector/{DetectorId}/member", @@ -3606,7 +3606,7 @@ } ], "traits": { - "smithy.api#documentation": "Disassociates the current GuardDuty member account from its administrator account.
\nWith autoEnableOrganizationMembers configuration for your organization set to\n ALL, you'll receive an error if you attempt to disable GuardDuty in a member\n account.
Disassociates the current GuardDuty member account from its administrator account.
\nWhen you \n disassociate an invited member from a GuardDuty delegated administrator, the member account details \n obtained from the CreateMembers API, including the associated email addresses, are retained. This is \n done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To \n remove the details associated with a member account, the delegated administrator must invoke the \n DeleteMembers API.
\nWith autoEnableOrganizationMembers configuration for your organization set to\n ALL, you'll receive an error if you attempt to disable GuardDuty in a member\n account.
Disassociates the current GuardDuty member account from its administrator account.
", + "smithy.api#documentation": "Disassociates the current GuardDuty member account from its administrator account.
\nWhen you \n disassociate an invited member from a GuardDuty delegated administrator, the member account details \n obtained from the CreateMembers API, including the associated email addresses, are retained. This is \n done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To \n remove the details associated with a member account, the delegated administrator must invoke the \n DeleteMembers API.
", "smithy.api#http": { "method": "POST", "uri": "/detector/{DetectorId}/master/disassociate", @@ -3713,7 +3713,7 @@ } ], "traits": { - "smithy.api#documentation": "Disassociates GuardDuty member accounts (to the current administrator account) specified\n by the account IDs.
\nWith autoEnableOrganizationMembers configuration for your organization set to\n ALL, you'll receive an error if you attempt to disassociate a member account\n before removing them from your Amazon Web Services organization.
Disassociates GuardDuty member accounts (from the current administrator account) specified\n by the account IDs.
\nWhen you \n disassociate an invited member from a GuardDuty delegated administrator, the member account details \n obtained from the CreateMembers API, including the associated email addresses, are retained. This is \n done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To \n remove the details associated with a member account, the delegated administrator must invoke the \n DeleteMembers API.
\nWith autoEnableOrganizationMembers configuration for your organization set to\n ALL, you'll receive an error if you attempt to disassociate a member account\n before removing them from your Amazon Web Services organization.
The domain information for the API request.
", + "smithy.api#documentation": "The domain information for the DNS query.
", "smithy.api#jsonName": "domain" } }, @@ -7538,7 +7538,7 @@ } ], "traits": { - "smithy.api#documentation": "Invites other Amazon Web Services accounts (created as members of the current Amazon Web Services account by\n CreateMembers) to enable GuardDuty, and allow the current Amazon Web Services account to view and manage\n these accounts' findings on their behalf as the GuardDuty administrator account.
", + "smithy.api#documentation": "Invites Amazon Web Services accounts to become members of an organization administered by the Amazon Web Services account \n that invokes this API. If you are using Amazon Web Services Organizations to manager your GuardDuty environment, this step is not \n needed. For more information, see Managing accounts with Amazon Web Services Organizations.
\nTo invite Amazon Web Services accounts, the first step is \n to ensure that GuardDuty has been enabled in the potential member accounts. You can now invoke this API\n to add accounts by invitation. The \n invited accounts can either accept or decline the invitation from their GuardDuty accounts. Each invited Amazon Web Services account can \n choose to accept the invitation from only one Amazon Web Services account. For more information, see \n Managing GuardDuty accounts \n by invitation.
\nAfter the invite has been accepted and you choose to disassociate a member account \n (by using DisassociateMembers) from your account, \n the details of the member account obtained by invoking CreateMembers, including the \n associated email addresses, will be retained. \n This is done so that you can invoke InviteMembers without the need to invoke \n CreateMembers again. To \n remove the details associated with a member account, you must also invoke \n DeleteMembers.
", "smithy.api#http": { "method": "POST", "uri": "/detector/{DetectorId}/member/invite", diff --git a/codegen/sdk/aws-models/iam.json b/codegen/sdk/aws-models/iam.json index 9b8cc5be237..3f222206c62 100644 --- a/codegen/sdk/aws-models/iam.json +++ b/codegen/sdk/aws-models/iam.json @@ -9101,7 +9101,7 @@ } ], "traits": { - "smithy.api#documentation": "Lists the IAM roles that have the specified path prefix. If there are none, the\n operation returns an empty list. For more information about roles, see Working with\n roles.
\nIAM resource-listing operations return a subset of the available \n attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for a role, see GetRole.
\nYou can paginate the results using the MaxItems and Marker\n parameters.
Lists the IAM roles that have the specified path prefix. If there are none, the\n operation returns an empty list. For more information about roles, see Working with\n roles.
\nIAM resource-listing operations return a subset of the available \n attributes for the resource. This operation does not return the following attributes, even though they are an attribute of the returned object:
\nPermissionsBoundary
\nRoleLastUsed
\nTags
\nTo view all of the information for a role, see GetRole.
\nYou can paginate the results using the MaxItems and Marker\n parameters.
Lists the IAM users that have the specified path prefix. If no path prefix is\n specified, the operation returns all users in the Amazon Web Services account. If there are none, the\n operation returns an empty list.
\nIAM resource-listing operations return a subset of the available \n attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for a user, see GetUser.
\nYou can paginate the results using the MaxItems and Marker\n parameters.
Lists the IAM users that have the specified path prefix. If no path prefix is\n specified, the operation returns all users in the Amazon Web Services account. If there are none, the\n operation returns an empty list.
\nIAM resource-listing operations return a subset of the available \n attributes for the resource. This operation does not return the following attributes, even though they are an attribute of the returned object:
\nPermissionsBoundary
\nTags
\nTo view all of the information for a user, see GetUser.
\nYou can paginate the results using the MaxItems and Marker\n parameters.
Contains parameter details for each of the parameters that the component document\n\t\t\tdefined for the component.
" + "smithy.api#documentation": "Contains parameter details for each of the parameters that the component document \n\t\t\tdefined for the component.
" } }, "owner": { @@ -449,14 +449,14 @@ "publisher": { "target": "com.amazonaws.imagebuilder#NonEmptyString", "traits": { - "smithy.api#documentation": "Contains the name of the publisher if this is a third-party component. Otherwise, this\n\t\t\tproperty is empty.
" + "smithy.api#documentation": "Contains the name of the publisher if this is a third-party component. Otherwise, \n\t\t\tthis property is empty.
" } }, "obfuscate": { "target": "com.amazonaws.imagebuilder#Boolean", "traits": { "smithy.api#default": false, - "smithy.api#documentation": "Indicates whether component source is hidden from view in the console, and from\n\t\t\tcomponent detail results for API, CLI, or SDK operations.
" + "smithy.api#documentation": "Indicates whether component source is hidden from view in the console, and from \n\t\t\tcomponent detail results for API, CLI, or SDK operations.
" } } }, @@ -743,14 +743,14 @@ "publisher": { "target": "com.amazonaws.imagebuilder#NonEmptyString", "traits": { - "smithy.api#documentation": "Contains the name of the publisher if this is a third-party component. Otherwise, this\n\t\t\tproperty is empty.
" + "smithy.api#documentation": "Contains the name of the publisher if this is a third-party component. Otherwise, \n\t\t\tthis property is empty.
" } }, "obfuscate": { "target": "com.amazonaws.imagebuilder#Boolean", "traits": { "smithy.api#default": false, - "smithy.api#documentation": "Indicates whether component source is hidden from view in the console, and from\n\t\t\tcomponent detail results for API, CLI, or SDK operations.
" + "smithy.api#documentation": "Indicates whether component source is hidden from view in the console, \n\t\t\tand from component detail results for API, CLI, or SDK operations.
" } } }, @@ -4561,13 +4561,13 @@ "enhancedImageMetadataEnabled": { "target": "com.amazonaws.imagebuilder#NullableBoolean", "traits": { - "smithy.api#documentation": "Indicates whether Image Builder collects additional information about the image, such as the\n\t\t\toperating system (OS) version and package list.
" + "smithy.api#documentation": "Indicates whether Image Builder collects additional information about the image, such as \n\t\t\tthe operating system (OS) version and package list.
" } }, "osVersion": { "target": "com.amazonaws.imagebuilder#OsVersion", "traits": { - "smithy.api#documentation": "The operating system version for instances that launch from this image. For example,\n\t\t\tAmazon Linux 2, Ubuntu 18, or Microsoft Windows Server 2019.
" + "smithy.api#documentation": "The operating system version for instances that launch from this image. For example, \n\t\t\tAmazon Linux 2, Ubuntu 18, or Microsoft Windows Server 2019.
" } }, "state": { @@ -4579,13 +4579,13 @@ "imageRecipe": { "target": "com.amazonaws.imagebuilder#ImageRecipe", "traits": { - "smithy.api#documentation": "For images that distribute an AMI, this is the image recipe that Image Builder used to create\n\t\t\tthe image. For container images, this is empty.
" + "smithy.api#documentation": "For images that distribute an AMI, this is the image recipe that Image Builder used to \n\t\t\tcreate the image. For container images, this is empty.
" } }, "containerRecipe": { "target": "com.amazonaws.imagebuilder#ContainerRecipe", "traits": { - "smithy.api#documentation": "For container images, this is the container recipe that Image Builder used to create the image.\n\t\t\tFor images that distribute an AMI, this is empty.
" + "smithy.api#documentation": "For container images, this is the container recipe that Image Builder used to create the \n\t\t\timage. For images that distribute an AMI, this is empty.
" } }, "sourcePipelineName": { @@ -4828,7 +4828,7 @@ "dateNextRun": { "target": "com.amazonaws.imagebuilder#DateTime", "traits": { - "smithy.api#documentation": "This is no longer supported, and does not return a value.
" + "smithy.api#documentation": "The next date when the pipeline is scheduled to run.
" } }, "tags": { @@ -5463,7 +5463,7 @@ "osVersion": { "target": "com.amazonaws.imagebuilder#OsVersion", "traits": { - "smithy.api#documentation": "The operating system version of the instances that launch from this image. For\n\t\t\texample, Amazon Linux 2, Ubuntu 18, or Microsoft Windows Server 2019.
" + "smithy.api#documentation": "The operating system version of the instances that launch from this image. For \n\t\t\texample, Amazon Linux 2, Ubuntu 18, or Microsoft Windows Server 2019.
" } }, "state": { @@ -5595,7 +5595,7 @@ "platform": { "target": "com.amazonaws.imagebuilder#Platform", "traits": { - "smithy.api#documentation": "The operating system platform of the image version, for example \"Windows\" or\n\t\t\t\"Linux\".
" + "smithy.api#documentation": "The operating system platform of the image version, for example \"Windows\" or \n\t\t\t\"Linux\".
" } }, "osVersion": { diff --git a/codegen/sdk/aws-models/lightsail.json b/codegen/sdk/aws-models/lightsail.json index 0e53b5e4554..6aa25950b36 100644 --- a/codegen/sdk/aws-models/lightsail.json +++ b/codegen/sdk/aws-models/lightsail.json @@ -586,6 +586,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#AppCategory": { @@ -673,6 +676,9 @@ "smithy.api#documentation": "An object that describes the result of the action, such as the status of the request, the\n timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#AttachDisk": { @@ -759,6 +765,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#AttachInstancesToLoadBalancer": { @@ -832,6 +841,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#AttachLoadBalancerTlsCertificate": { @@ -905,6 +917,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
\nThese SSL/TLS certificates are only usable by Lightsail load balancers. You can't get\n the certificate and use it for another purpose.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#AttachStaticIp": { @@ -978,6 +993,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#AttachedDisk": { @@ -1873,7 +1891,7 @@ } }, "traits": { - "smithy.api#documentation": "Describes the full details of an Amazon Lightsail SSL/TLS certificate.
\nTo get a summary of a certificate, use the GetCertificates action and ommit\n includeCertificateDetails from your request. The response will include only\n the certificate Amazon Resource Name (ARN), certificate name, domain name, and tags.
Describes the full details of an Amazon Lightsail SSL/TLS certificate.
\nTo get a summary of a certificate, use the GetCertificates action and omit\n includeCertificateDetails from your request. The response will include only\n the certificate Amazon Resource Name (ARN), certificate name, domain name, and tags.
An object that describes the result of the action, such as the status of the request, the\n timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CloudFormationStackRecord": { @@ -3128,6 +3149,9 @@ "smithy.api#documentation": "An array of objects that describe one or more container services.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CookieObject": { @@ -3245,6 +3269,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CostEstimate": { @@ -3368,6 +3395,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateBucketRequest": { @@ -3419,6 +3449,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateCertificate": { @@ -3504,6 +3537,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateCloudFormationStack": { @@ -3570,6 +3606,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateContactMethod": { @@ -3640,6 +3679,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateContainerService": { @@ -3747,6 +3789,9 @@ "smithy.api#documentation": "An object that describes a container service.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateContainerServiceRegistryLogin": { @@ -3799,6 +3844,9 @@ "smithy.api#documentation": "An object that describes the log in information for the container service registry of your\n Lightsail account.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateContainerServiceRequest": { @@ -3863,6 +3911,9 @@ "smithy.api#documentation": "An object that describes a container service.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateDisk": { @@ -4019,6 +4070,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateDiskRequest": { @@ -4071,6 +4125,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateDiskSnapshot": { @@ -4155,6 +4212,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateDistribution": { @@ -4269,6 +4329,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateDomain": { @@ -4382,6 +4445,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateDomainRequest": { @@ -4414,6 +4480,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateGUISessionAccessDetails": { @@ -4498,6 +4567,9 @@ "smithy.api#documentation": "Returns information about the specified NICE DCV GUI session.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateInstanceSnapshot": { @@ -4577,6 +4649,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateInstances": { @@ -4757,6 +4832,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateInstancesRequest": { @@ -4841,6 +4919,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateKeyPair": { @@ -4931,6 +5012,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateLoadBalancer": { @@ -5047,6 +5131,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateLoadBalancerTlsCertificate": { @@ -5139,6 +5226,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateRelationalDatabase": { @@ -5293,6 +5383,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateRelationalDatabaseRequest": { @@ -5383,6 +5476,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#CreateRelationalDatabaseSnapshot": { @@ -5462,6 +5558,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#Currency": { @@ -5536,6 +5635,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DeleteAutoSnapshot": { @@ -5606,6 +5708,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DeleteBucket": { @@ -5707,6 +5812,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DeleteBucketRequest": { @@ -5739,6 +5847,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DeleteCertificate": { @@ -5799,6 +5910,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DeleteContactMethod": { @@ -5862,6 +5976,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DeleteContainerImage": { @@ -5924,7 +6041,10 @@ }, "com.amazonaws.lightsail#DeleteContainerImageResult": { "type": "structure", - "members": {} + "members": {}, + "traits": { + "smithy.api#output": {} + } }, "com.amazonaws.lightsail#DeleteContainerService": { "type": "operation", @@ -5978,7 +6098,10 @@ }, "com.amazonaws.lightsail#DeleteContainerServiceResult": { "type": "structure", - "members": {} + "members": {}, + "traits": { + "smithy.api#output": {} + } }, "com.amazonaws.lightsail#DeleteDisk": { "type": "operation", @@ -6050,6 +6173,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DeleteDiskSnapshot": { @@ -6116,6 +6242,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DeleteDistribution": { @@ -6178,6 +6307,9 @@ "smithy.api#documentation": "An object that describes the result of the action, such as the status of the request, the\n timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DeleteDomain": { @@ -6291,6 +6423,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DeleteDomainRequest": { @@ -6317,6 +6452,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DeleteInstance": { @@ -6389,6 +6527,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DeleteInstanceSnapshot": { @@ -6455,6 +6596,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DeleteKeyPair": { @@ -6527,6 +6671,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DeleteKnownHostKeys": { @@ -6593,6 +6740,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DeleteLoadBalancer": { @@ -6659,6 +6809,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DeleteLoadBalancerTlsCertificate": { @@ -6738,6 +6891,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DeleteRelationalDatabase": { @@ -6816,6 +6972,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DeleteRelationalDatabaseSnapshot": { @@ -6882,6 +7041,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DestinationInfo": { @@ -6965,6 +7127,9 @@ "smithy.api#documentation": "An object that describes the result of the action, such as the status of the request, the\n timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DetachDisk": { @@ -7031,6 +7196,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DetachInstancesFromLoadBalancer": { @@ -7104,6 +7272,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DetachStaticIp": { @@ -7170,6 +7341,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#DisableAddOn": { @@ -7240,6 +7414,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#Disk": { @@ -7995,6 +8172,9 @@ "smithy.api#documentation": "The timestamp when the default key pair was created.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#EligibleToRenew": { @@ -8068,6 +8248,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#EndpointRequest": { @@ -8350,6 +8533,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#ForwardValues": { @@ -8444,6 +8630,9 @@ "smithy.api#documentation": "The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetActiveNames request and\n specify the next page token using the pageToken parameter.
The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetAlarms request and\n specify the next page token using the pageToken parameter.
An array of objects that describe the automatic snapshots that are available for the\n specified source instance or disk.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetBlueprints": { @@ -8682,6 +8877,9 @@ "smithy.api#documentation": "The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetBlueprints request and\n specify the next page token using the pageToken parameter.
An object that describes the access keys for the specified bucket.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetBucketBundles": { @@ -8798,6 +8999,9 @@ "smithy.api#documentation": "An object that describes bucket bundles.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetBucketMetricData": { @@ -8907,6 +9111,9 @@ "smithy.api#documentation": "An array of objects that describe the metric data returned.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetBuckets": { @@ -8990,6 +9197,9 @@ "smithy.api#documentation": "An object that describes the synchronization status of the Amazon S3 account-level\n block public access feature for your Lightsail buckets.
\nFor more information about this feature and how it affects Lightsail buckets, see Block public access for buckets in Amazon Lightsail.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetBundles": { @@ -9073,6 +9283,9 @@ "smithy.api#documentation": "The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetBundles request and\n specify the next page token using the pageToken parameter.
Returns information about one or more Amazon Lightsail SSL/TLS certificates.
\nTo get a summary of a certificate, ommit includeCertificateDetails from\n your request. The response will include only the certificate Amazon Resource Name (ARN),\n certificate name, domain name, and tags.
Returns information about one or more Amazon Lightsail SSL/TLS certificates.
\nTo get a summary of a certificate, omit includeCertificateDetails from\n your request. The response will include only the certificate Amazon Resource Name (ARN),\n certificate name, domain name, and tags.
The name for the certificate for which to return information.
\nWhen omitted, the response includes all of your certificates in the Amazon Web Services\n Region where the request is made.
" } + }, + "pageToken": { + "target": "com.amazonaws.lightsail#string", + "traits": { + "smithy.api#documentation": "The token to advance to the next page of results from your request.
\nTo get a page token, perform an initial GetCertificates request. If your results are paginated, the response will return a next page token that you can specify as the page token in a subsequent request.
An object that describes certificates.
" } + }, + "nextPageToken": { + "target": "com.amazonaws.lightsail#string", + "traits": { + "smithy.api#documentation": "If NextPageToken is returned there are more results available. The value of NextPageToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page. Keep all other arguments unchanged.
The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another\n GetCloudFormationStackRecords request and specify the next page token using the\n pageToken parameter.
An array of objects that describe the contact methods.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetContainerAPIMetadata": { @@ -9324,6 +9558,9 @@ "smithy.api#documentation": "Metadata about Lightsail containers, such as the current version of the Lightsail\n Control (lightsailctl) plugin.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetContainerImages": { @@ -9385,6 +9622,9 @@ "smithy.api#documentation": "An array of objects that describe container images that are registered to the container\n service.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetContainerLog": { @@ -9488,6 +9728,9 @@ "smithy.api#documentation": "The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetContainerLog request and\n specify the next page token using the pageToken parameter.
An array of objects that describe deployments for a container service.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetContainerServiceMetricData": { @@ -9657,6 +9903,9 @@ "smithy.api#documentation": "An array of objects that describe the metric data returned.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetContainerServicePowers": { @@ -9709,6 +9958,9 @@ "smithy.api#documentation": "An array of objects that describe the powers that can be specified for a container\n service.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetContainerServices": { @@ -9807,14 +10059,14 @@ "startTime": { "target": "com.amazonaws.lightsail#IsoDate", "traits": { - "smithy.api#documentation": "The cost estimate start time.
\nConstraints:
\nSpecified in Coordinated Universal Time (UTC).
\nSpecified in the Unix time format.
\nFor example, if you wish to use a start time of October 1, 2018, at 8 PM UTC, specify\n 1538424000 as the start time.
You can convert a human-friendly time to Unix time format using a converter like Epoch converter.
", + "smithy.api#documentation": "The cost estimate start time.
\nConstraints:
\nSpecified in Coordinated Universal Time (UTC).
\nSpecified in the Unix time format.
\nFor example, if you want to use a start time of October 1, 2018, at 8 PM UTC, specify\n 1538424000 as the start time.
You can convert a human-friendly time to Unix time format using a converter like Epoch converter.
", "smithy.api#required": {} } }, "endTime": { "target": "com.amazonaws.lightsail#IsoDate", "traits": { - "smithy.api#documentation": "The cost estimate end time.
\nConstraints:
\nSpecified in Coordinated Universal Time (UTC).
\nSpecified in the Unix time format.
\nFor example, if you wish to use an end time of October 1, 2018, at 9 PM UTC, specify\n 1538427600 as the end time.
You can convert a human-friendly time to Unix time format using a converter like Epoch converter.
", + "smithy.api#documentation": "The cost estimate end time.
\nConstraints:
\nSpecified in Coordinated Universal Time (UTC).
\nSpecified in the Unix time format.
\nFor example, if you want to use an end time of October 1, 2018, at 9 PM UTC, specify\n 1538427600 as the end time.
You can convert a human-friendly time to Unix time format using a converter like Epoch converter.
", "smithy.api#required": {} } } @@ -9832,6 +10084,9 @@ "smithy.api#documentation": "Returns the estimate's forecasted cost or usage.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetDisk": { @@ -9898,6 +10153,9 @@ "smithy.api#documentation": "An object containing information about the disk.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetDiskSnapshot": { @@ -9964,6 +10222,9 @@ "smithy.api#documentation": "An object containing information about the disk snapshot.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetDiskSnapshots": { @@ -10035,6 +10296,9 @@ "smithy.api#documentation": "The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetDiskSnapshots request and\n specify the next page token using the pageToken parameter.
The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetDisks request and specify\n the next page token using the pageToken parameter.
An object that describes a distribution bundle.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetDistributionLatestCacheReset": { @@ -10229,6 +10499,9 @@ "smithy.api#documentation": "The timestamp of the last cache reset (e.g., 1479734909.17) in Unix time\n format.
An array of objects that describe the metric data returned.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetDistributions": { @@ -10415,6 +10691,9 @@ "smithy.api#documentation": "The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetDistributions request and\n specify the next page token using the pageToken parameter.
An array of key-value pairs containing information about your get domain request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetDomains": { @@ -10552,6 +10834,9 @@ "smithy.api#documentation": "The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetDomains request and\n specify the next page token using the pageToken parameter.
The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetExportSnapshotRecords\n request and specify the next page token using the pageToken parameter.
An array of key-value pairs containing information about a get instance access\n request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetInstanceMetricData": { @@ -10850,6 +11141,9 @@ "smithy.api#documentation": "An array of objects that describe the metric data returned.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetInstancePortStates": { @@ -10916,6 +11210,9 @@ "smithy.api#documentation": "An array of objects that describe the firewall port states for the specified\n instance.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetInstanceRequest": { @@ -10942,6 +11239,9 @@ "smithy.api#documentation": "An array of key-value pairs containing information about the specified instance.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetInstanceSnapshot": { @@ -11008,6 +11308,9 @@ "smithy.api#documentation": "An array of key-value pairs containing information about the results of your get instance\n snapshot request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetInstanceSnapshots": { @@ -11079,6 +11382,9 @@ "smithy.api#documentation": "The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetInstanceSnapshots request\n and specify the next page token using the pageToken parameter.
The state of the instance.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetInstances": { @@ -11216,6 +11525,9 @@ "smithy.api#documentation": "The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetInstances request and\n specify the next page token using the pageToken parameter.
An array of key-value pairs containing information about the key pair.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetKeyPairs": { @@ -11359,6 +11674,9 @@ "smithy.api#documentation": "The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetKeyPairs request and\n specify the next page token using the pageToken parameter.
An array of objects that describe the metric data returned.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetLoadBalancerRequest": { @@ -11540,6 +11861,9 @@ "smithy.api#documentation": "An object containing information about your load balancer.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetLoadBalancerTlsCertificates": { @@ -11606,6 +11930,9 @@ "smithy.api#documentation": "An array of LoadBalancerTlsCertificate objects describing your SSL/TLS\n certificates.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetLoadBalancerTlsPolicies": { @@ -11671,6 +11998,9 @@ "smithy.api#documentation": "The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetLoadBalancerTlsPolicies\n request and specify the next page token using the pageToken parameter.
The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetLoadBalancers request and\n specify the next page token using the pageToken parameter.
An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetOperations": { @@ -11933,6 +12269,9 @@ "smithy.api#documentation": "The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetOperationsForResource\n request and specify the next page token using the pageToken parameter.
The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetOperations request and\n specify the next page token using the pageToken parameter.
An array of key-value pairs containing information about your get regions request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetRelationalDatabase": { @@ -12146,6 +12491,9 @@ "smithy.api#documentation": "The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another\n GetRelationalDatabaseBlueprints request and specify the next page token using\n the pageToken parameter.
The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetRelationalDatabaseBundles\n request and specify the next page token using the pageToken parameter.
The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetRelationalDatabaseEvents\n request and specify the next page token using the pageToken parameter.
A token used for advancing to the next page of results from your get relational database\n log events request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetRelationalDatabaseLogStreams": { @@ -12482,6 +12839,9 @@ "smithy.api#documentation": "An object describing the result of your get relational database log streams\n request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetRelationalDatabaseMasterUserPassword": { @@ -12560,6 +12920,9 @@ "smithy.api#documentation": "The timestamp when the specified version of the master user password was created.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetRelationalDatabaseMetricData": { @@ -12675,6 +13038,9 @@ "smithy.api#documentation": "An array of objects that describe the metric data returned.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetRelationalDatabaseParameters": { @@ -12753,6 +13119,9 @@ "smithy.api#documentation": "The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another\n GetRelationalDatabaseParameters request and specify the next page token using\n the pageToken parameter.
An object describing the specified database.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetRelationalDatabaseSnapshot": { @@ -12845,6 +13217,9 @@ "smithy.api#documentation": "An object describing the specified database snapshot.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetRelationalDatabaseSnapshots": { @@ -12916,6 +13291,9 @@ "smithy.api#documentation": "The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another\n GetRelationalDatabaseSnapshots request and specify the next page token using\n the pageToken parameter.
The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetRelationalDatabases\n request and specify the next page token using the pageToken parameter.
An array of key-value pairs containing information about the requested static IP.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#GetStaticIps": { @@ -13124,6 +13508,9 @@ "smithy.api#documentation": "The token to advance to the next page of results from your request.
\nA next page token is not returned if there are no more results to display.
\nTo get the next page of results, perform another GetStaticIps request and\n specify the next page token using the pageToken parameter.
An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#InUseResourceCount": { @@ -14508,6 +14898,9 @@ "smithy.api#documentation": "Returns true if the Lightsail VPC is peered; otherwise,\n false.
An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#Operation": { @@ -18376,6 +18772,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#PendingMaintenanceAction": { @@ -18765,6 +19164,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#PutInstancePublicPorts": { @@ -18838,6 +19240,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#QueryStringObject": { @@ -18973,6 +19378,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#RebootRelationalDatabase": { @@ -19039,6 +19447,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#RecordState": { @@ -19282,6 +19693,9 @@ "smithy.api#documentation": "An object that describes a container image that is registered to a Lightsail container\n service
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#RegisteredDomainDelegationInfo": { @@ -19981,6 +20395,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#RenewalStatus": { @@ -20122,6 +20539,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#ResourceArn": { @@ -20458,6 +20878,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#SensitiveNonEmptyString": { @@ -20608,6 +21031,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#SetResourceAccessForBucket": { @@ -20682,6 +21108,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#StartGUISession": { @@ -20742,6 +21171,9 @@ "smithy.api#documentation": "The available API operations.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#StartInstance": { @@ -20808,6 +21240,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#StartRelationalDatabase": { @@ -20874,6 +21309,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#StaticIp": { @@ -21084,6 +21522,9 @@ "smithy.api#documentation": "The available API operations.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#StopInstance": { @@ -21176,6 +21617,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#StopRelationalDatabase": { @@ -21248,6 +21692,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#StringList": { @@ -21383,6 +21830,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#TagValue": { @@ -21456,6 +21906,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#TimeOfDay": { @@ -21591,6 +22044,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#UntagResource": { @@ -21670,6 +22126,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#UpdateBucket": { @@ -21771,6 +22230,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#UpdateBucketRequest": { @@ -21827,6 +22289,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#UpdateContainerService": { @@ -21918,6 +22383,9 @@ "smithy.api#documentation": "An object that describes a container service.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#UpdateDistribution": { @@ -22023,6 +22491,9 @@ "smithy.api#documentation": "An object that describes the result of the action, such as the status of the request, the\n timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#UpdateDistributionRequest": { @@ -22079,6 +22550,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#UpdateDomainEntry": { @@ -22152,6 +22626,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#UpdateInstanceMetadataOptions": { @@ -22242,6 +22719,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#UpdateLoadBalancerAttribute": { @@ -22322,6 +22802,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#UpdateRelationalDatabase": { @@ -22435,6 +22918,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#UpdateRelationalDatabaseRequest": { @@ -22515,6 +23001,9 @@ "smithy.api#documentation": "An array of objects that describe the result of the action, such as the status of the\n request, the timestamp of the request, and the resources affected by the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.lightsail#boolean": { diff --git a/codegen/sdk/aws-models/location.json b/codegen/sdk/aws-models/location.json index e2b650b049d..0602e2c087c 100644 --- a/codegen/sdk/aws-models/location.json +++ b/codegen/sdk/aws-models/location.json @@ -98,7 +98,7 @@ "smithy.api#documentation": "A list of allowed actions that an API key resource grants permissions to\n perform
\nCurrently, the only valid action is geo:GetMap* as an input to the\n list. For example, [\"geo:GetMap*\"] is valid but\n [\"geo:GetMapTile\"] is not.
Contains the details of the position of the geofence. Can be either a \n polygon or a circle. Including both will return a validation error.
\nEach \n geofence polygon can have a maximum of 1,000 vertices.
\nSpecifies additional user-defined properties to store with the Geofence. An array \n of key-value pairs.
" + } } }, "traits": { @@ -875,7 +881,7 @@ } ], "traits": { - "smithy.api#documentation": "Uploads position update data for one or more devices to a tracker resource. Amazon Location\n uses the data when it reports the last known device position and position history. Amazon Location retains location data for 30 \n days.
\nPosition updates are handled based on the PositionFiltering property of the tracker. \n When PositionFiltering is set to TimeBased, updates are evaluated against linked geofence collections, \n and location data is stored at a maximum of one position per 30 second interval. If your update frequency is more often than \n every 30 seconds, only one update per 30 seconds is stored for each unique device ID.
When PositionFiltering is set to DistanceBased filtering, location data is stored and evaluated against linked geofence \n collections only if the device has moved more than 30 m (98.4 ft).
When PositionFiltering is set to AccuracyBased filtering,\n location data is stored and evaluated against linked geofence collections only if the\n device has moved more than the measured accuracy. For example, if two consecutive\n updates from a device have a horizontal accuracy of 5 m and 10 m, the second update\n is neither stored or evaluated if the device has moved less than 15 m. If\n PositionFiltering is set to AccuracyBased filtering, Amazon Location\n uses the default value { \"Horizontal\": 0} when accuracy is not provided on\n a DevicePositionUpdate.
Uploads position update data for one or more devices to a tracker resource (up to \n 10 devices per batch). Amazon Location uses the data when it reports the last known device \n position and position history. Amazon Location retains location data for 30 days.
\nPosition updates are handled based on the PositionFiltering \n property of the tracker. When PositionFiltering is set to \n TimeBased, updates are evaluated against linked geofence collections, \n and location data is stored at a maximum of one position per 30 second interval. \n If your update frequency is more often than every 30 seconds, only one update per \n 30 seconds is stored for each unique device ID.
When PositionFiltering is set to DistanceBased \n filtering, location data is stored and evaluated against linked geofence \n collections only if the device has moved more than 30 m (98.4 ft).
When PositionFiltering is set to AccuracyBased \n filtering, location data is stored and evaluated against linked geofence \n collections only if the device has moved more than the measured accuracy. For \n example, if two consecutive updates from a device have a horizontal accuracy of \n 5 m and 10 m, the second update is neither stored or evaluated if the device has \n moved less than 15 m. If PositionFiltering is set to \n AccuracyBased filtering, Amazon Location uses the default value \n { \"Horizontal\": 0} when accuracy is not provided on a\n DevicePositionUpdate.
Contains the position update details for each device.
", + "smithy.api#documentation": "Contains the position update details for each device, up to 10 devices.
", "smithy.api#length": { "min": 1, "max": 10 @@ -3415,6 +3421,18 @@ ] } }, + "com.amazonaws.location#FilterPlaceCategoryList": { + "type": "list", + "member": { + "target": "com.amazonaws.location#PlaceCategory" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 5 + } + } + }, "com.amazonaws.location#GenericResource": { "type": "resource", "identifiers": { @@ -3830,6 +3848,12 @@ "smithy.api#documentation": "The timestamp for when the geofence collection was last updated in ISO 8601\n format: YYYY-MM-DDThh:mm:ss.sssZ\n
Contains additional user-defined properties stored with the geofence. An array of \n key-value pairs.
" + } } } }, @@ -4796,6 +4820,12 @@ "smithy.api#documentation": "The timestamp for when the geofence was last updated in ISO 8601\n format: YYYY-MM-DDThh:mm:ss.sssZ\n
Contains additional user-defined properties stored with the geofence. An array of \n key-value pairs.
" + } } }, "traits": { @@ -6606,19 +6636,31 @@ "TimeZone": { "target": "com.amazonaws.location#TimeZone", "traits": { - "smithy.api#documentation": "The time zone in which the Place is located. Returned only when using\n HERE as the selected partner.
The time zone in which the Place is located. Returned only when using\n HERE or Grab as the selected partner.
For addresses with a UnitNumber, the type of unit. For example,\n Apartment.
For addresses with a UnitNumber, the type of unit. For example,\n Apartment.
Returned only for a place index that uses Esri as a data provider.
\nFor addresses with multiple units, the unit identifier. Can include numbers and\n letters, for example 3B or Unit 123.
Returned only for a place index that uses Esri as a data provider. Is not returned\n for SearchPlaceIndexForPosition.
For addresses with multiple units, the unit identifier. Can include numbers and\n letters, for example 3B or Unit 123.
Returned only for a place index that uses Esri or Grab as a data provider. Is \n not returned for SearchPlaceIndexForPosition.
The Amazon Location categories that describe this Place.
\nFor more information about using categories, including a list of Amazon Location\n categories, see Categories and filtering, in the Amazon Location Service Developer \n Guide.
" + } + }, + "SupplementalCategories": { + "target": "com.amazonaws.location#PlaceSupplementalCategoryList", + "traits": { + "smithy.api#documentation": "Categories from the data provider that describe the Place that are not mapped\n to any Amazon Location categories.
" } } }, @@ -6626,6 +6668,26 @@ "smithy.api#documentation": "Contains details about addresses or points of interest that match the search\n criteria.
\nNot all details are included with all responses. Some details may only be returned by\n specific data partners.
" } }, + "com.amazonaws.location#PlaceCategory": { + "type": "string", + "traits": { + "smithy.api#length": { + "max": 35 + } + } + }, + "com.amazonaws.location#PlaceCategoryList": { + "type": "list", + "member": { + "target": "com.amazonaws.location#PlaceCategory" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 10 + } + } + }, "com.amazonaws.location#PlaceGeometry": { "type": "structure", "members": { @@ -6696,6 +6758,26 @@ } } }, + "com.amazonaws.location#PlaceSupplementalCategory": { + "type": "string", + "traits": { + "smithy.api#length": { + "max": 35 + } + } + }, + "com.amazonaws.location#PlaceSupplementalCategoryList": { + "type": "list", + "member": { + "target": "com.amazonaws.location#PlaceSupplementalCategory" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 10 + } + } + }, "com.amazonaws.location#Position": { "type": "list", "member": { @@ -6867,6 +6949,12 @@ "smithy.api#documentation": "Contains the details to specify the position of the geofence. Can be either a \n polygon or a circle. Including both will return a validation error.
\nEach \n geofence polygon can have a maximum of 1,000 vertices.
\nSpecifies additional user-defined properties to store with the Geofence. An array \n of key-value pairs.
" + } } } }, @@ -7124,7 +7212,19 @@ "PlaceId": { "target": "com.amazonaws.location#PlaceId", "traits": { - "smithy.api#documentation": "The unique identifier of the place. You can use this with the GetPlace\n operation to find the place again later.
For SearchPlaceIndexForSuggestions operations, the\n PlaceId is returned by place indexes that use Esri, Grab, or HERE\n as data providers.
The unique identifier of the Place. You can use this with the GetPlace\n operation to find the place again later, or to get full information for the Place.
The GetPlace request must use the same PlaceIndex \n resource as the SearchPlaceIndexForSuggestions that generated the Place \n ID.
For SearchPlaceIndexForSuggestions operations, the\n PlaceId is returned by place indexes that use Esri, Grab, or HERE\n as data providers.
The Amazon Location categories that describe the Place.
\nFor more information about using categories, including a list of Amazon Location\n categories, see Categories and filtering, in the Amazon Location Service Developer \n Guide.
" + } + }, + "SupplementalCategories": { + "target": "com.amazonaws.location#PlaceSupplementalCategoryList", + "traits": { + "smithy.api#documentation": "Categories from the data provider that describe the Place that are not mapped\n to any Amazon Location categories.
" } } }, @@ -7400,6 +7500,12 @@ "traits": { "smithy.api#documentation": "The preferred language used to return results. The value must be a valid BCP 47 language tag, for example,\n en for English.
This setting affects the languages used in the results. If no language is specified,\n or not supported for a particular result, the partner automatically chooses a language\n for the result.
\nFor an example, we'll use the Greek language. You search for Athens, Gr\n to get suggestions with the language parameter set to en. The\n results found will most likely be returned as Athens, Greece.
If you set the language parameter to el, for Greek, then the\n result found will more likely be returned as Αθήνα, Ελλάδα.
If the data provider does not have a value for Greek, the result will be in a language\n that the provider does support.
" } + }, + "FilterCategories": { + "target": "com.amazonaws.location#FilterPlaceCategoryList", + "traits": { + "smithy.api#documentation": "A list of one or more Amazon Location categories to filter the returned places. If you \n include more than one category, the results will include results that match \n any of the categories listed.
\nFor more information about using categories, including a list of Amazon Location\n categories, see Categories and filtering, in the Amazon Location Service Developer \n Guide.
" + } } } }, @@ -7468,6 +7574,12 @@ "traits": { "smithy.api#documentation": "The preferred language used to return results. Matches the language in the request.\n The value is a valid BCP 47\n language tag, for example, en for English.
The optional category filter specified in the request.
" + } } }, "traits": { @@ -7563,6 +7675,12 @@ "traits": { "smithy.api#documentation": "The preferred language used to return results. The value must be a valid BCP 47 language tag, for example,\n en for English.
This setting affects the languages used in the results, but not the results\n themselves. If no language is specified, or not supported for a particular result, the\n partner automatically chooses a language for the result.
\nFor an example, we'll use the Greek language. You search for Athens,\n Greece, with the language parameter set to en. The\n result found will most likely be returned as Athens.
If you set the language parameter to el, for Greek, then the\n result found will more likely be returned as Αθήνα.
If the data provider does not have a value for Greek, the result will be in a language\n that the provider does support.
" } + }, + "FilterCategories": { + "target": "com.amazonaws.location#FilterPlaceCategoryList", + "traits": { + "smithy.api#documentation": "A list of one or more Amazon Location categories to filter the returned places. If you \n include more than one category, the results will include results that match \n any of the categories listed.
\nFor more information about using categories, including a list of Amazon Location\n categories, see Categories and filtering, in the Amazon Location Service Developer \n Guide.
" + } } } }, @@ -7638,6 +7756,12 @@ "traits": { "smithy.api#documentation": "The preferred language used to return results. Matches the language in the request.\n The value is a valid BCP 47\n language tag, for example, en for English.
The optional category filter specified in the request.
" + } } }, "traits": { diff --git a/codegen/sdk/aws-models/opensearch.json b/codegen/sdk/aws-models/opensearch.json index 4929aa573e0..bcce7710be5 100644 --- a/codegen/sdk/aws-models/opensearch.json +++ b/codegen/sdk/aws-models/opensearch.json @@ -2766,7 +2766,13 @@ "Endpoint": { "target": "com.amazonaws.opensearch#Endpoint", "traits": { - "smithy.api#documentation": "The endpoint of the remote domain.
" + "smithy.api#documentation": "The Endpoint attribute cannot be modified.
\nThe endpoint of the remote domain. Applicable for VPC_ENDPOINT connection mode.
" + } + }, + "CrossClusterSearch": { + "target": "com.amazonaws.opensearch#CrossClusterSearchConnectionProperties", + "traits": { + "smithy.api#documentation": "The connection properties for cross cluster search.
" } } }, @@ -3009,6 +3015,12 @@ "traits": { "smithy.api#documentation": "The connection mode.
" } + }, + "ConnectionProperties": { + "target": "com.amazonaws.opensearch#ConnectionProperties", + "traits": { + "smithy.api#documentation": "The ConnectionProperties for the outbound connection.
Status of SkipUnavailable param for outbound connection.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Cross cluster search specific connection properties.
" + } + }, "com.amazonaws.opensearch#DeleteDomain": { "type": "operation", "input": { @@ -4597,11 +4623,6 @@ "type": "list", "member": { "target": "com.amazonaws.opensearch#DescribePackagesFilterValue" - }, - "traits": { - "smithy.api#length": { - "min": 1 - } } }, "com.amazonaws.opensearch#DescribePackagesRequest": { @@ -9929,6 +9950,26 @@ "smithy.api#documentation": "The domain endpoint to which index and search requests are submitted. For example,\n search-imdb-movies-oopcnjfn6ugo.eu-west-1.es.amazonaws.com or\n doc-imdb-movies-oopcnjfn6u.eu-west-1.es.amazonaws.com.
Status of SkipUnavailable param for outbound connection.
\n\n ENABLED - The SkipUnavailable param is enabled\n for the connection.
\n\n DISABLED - The SkipUnavailable param is disabled\n for the connection.
\nAssociates one or more faces with an existing UserID. Takes an array of\n FaceIds. Each FaceId that are present in the FaceIds\n list is associated with the provided UserID. The maximum number of total FaceIds\n per UserID is 100.
The UserMatchThreshold parameter specifies the minimum user match confidence\n required for the face to be associated with a UserID that has at least one FaceID\n already associated. This ensures that the FaceIds are associated with the right\n UserID. The value ranges from 0-100 and default value is 75.
If successful, an array of AssociatedFace objects containing the associated\n FaceIds is returned. If a given face is already associated with the given\n UserID, it will be ignored and will not be returned in the response. If a given\n face is already associated to a different UserID, isn't found in the collection,\n doesn’t meet the UserMatchThreshold, or there are already 100 faces associated\n with the UserID, it will be returned as part of an array of\n UnsuccessfulFaceAssociations.\n
The UserStatus reflects the status of an operation which updates a UserID\n representation with a list of given faces. The UserStatus can be:
ACTIVE - All associations or disassociations of FaceID(s) for a UserID are\n complete.
\nCREATED - A UserID has been created, but has no FaceID(s) associated with it.
\nUPDATING - A UserID is being updated and there are current associations or\n disassociations of FaceID(s) taking place.
\nThe ID of an existing collection containing the UserID.
", + "smithy.api#required": {} + } + }, + "UserId": { + "target": "com.amazonaws.rekognition#UserId", + "traits": { + "smithy.api#documentation": "The ID for the existing UserID.
", + "smithy.api#required": {} + } + }, + "FaceIds": { + "target": "com.amazonaws.rekognition#UserFaceIdList", + "traits": { + "smithy.api#documentation": "An array of FaceIDs to associate with the UserID.
", + "smithy.api#required": {} + } + }, + "UserMatchThreshold": { + "target": "com.amazonaws.rekognition#Percent", + "traits": { + "smithy.api#documentation": "An optional value specifying the minimum confidence in the UserID match to return. The\n default value is 75.
" + } + }, + "ClientRequestToken": { + "target": "com.amazonaws.rekognition#ClientRequestToken", + "traits": { + "smithy.api#documentation": "Idempotent token used to identify the request to AssociateFaces. If you use\n the same token with multiple AssociateFaces requests, the same response is returned.\n Use ClientRequestToken to prevent the same request from being processed more than\n once.
An array of AssociatedFace objects containing FaceIDs that are successfully associated\n with the UserID is returned. Returned if the AssociateFaces action is successful.
" + } + }, + "UnsuccessfulFaceAssociations": { + "target": "com.amazonaws.rekognition#UnsuccessfulFaceAssociationList", + "traits": { + "smithy.api#documentation": "An array of UnsuccessfulAssociation objects containing FaceIDs that are not successfully\n associated along with the reasons. Returned if the AssociateFaces action is successful.
" + } + }, + "UserStatus": { + "target": "com.amazonaws.rekognition#UserStatus", + "traits": { + "smithy.api#documentation": "The status of an update made to a UserID. Reflects if the UserID has been updated for\n every requested change.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.rekognition#AssociatedFace": { + "type": "structure", + "members": { + "FaceId": { + "target": "com.amazonaws.rekognition#FaceId", + "traits": { + "smithy.api#documentation": "Unique identifier assigned to the face.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Provides face metadata for the faces that are associated to a specific UserID.
" + } + }, + "com.amazonaws.rekognition#AssociatedFacesList": { + "type": "list", + "member": { + "target": "com.amazonaws.rekognition#AssociatedFace" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 100 + } + } + }, "com.amazonaws.rekognition#Attribute": { "type": "enum", "members": { @@ -589,7 +765,53 @@ } ], "traits": { - "smithy.api#documentation": "Compares a face in the source input image with each of the 100\n largest faces detected in the target input image.
\nIf the source image contains multiple faces, the service detects the largest face and\n compares it with each face detected in the target image.
\nCompareFaces uses machine learning algorithms, which are probabilistic. A false negative\n is an incorrect prediction that a face in the target image has a low similarity confidence\n score when compared to the face in the source image. To reduce the probability of false\n negatives, we recommend that you compare the target image against multiple source images. If\n you plan to use CompareFaces to make a decision that impacts an individual's\n rights, privacy, or access to services, we recommend that you pass the result to a human for\n review and further validation before taking action.
You pass the input and target images either as base64-encoded image bytes or as\n references to images in an Amazon S3 bucket. If you use the\n AWS\n CLI to call Amazon Rekognition operations, passing image bytes isn't\n supported. The image must be formatted as a PNG or JPEG file.
\nIn response, the operation returns an array of face matches ordered by similarity score\n in descending order. For each face match, the response provides a bounding box of the face,\n facial landmarks, pose details (pitch, roll, and yaw), quality (brightness and sharpness), and\n confidence value (indicating the level of confidence that the bounding box contains a face).\n The response also provides a similarity score, which indicates how closely the faces match.
\nBy default, only faces with a similarity score of greater than or equal to 80% are\n returned in the response. You can change this value by specifying the\n SimilarityThreshold parameter.
\n CompareFaces also returns an array of faces that don't match the source\n image. For each face, it returns a bounding box, confidence value, landmarks, pose details,\n and quality. The response also returns information about the face in the source image,\n including the bounding box of the face and confidence value.
The QualityFilter input parameter allows you to filter out detected faces\n that don’t meet a required quality bar. The quality bar is based on a variety of common use\n cases. Use QualityFilter to set the quality bar by specifying LOW,\n MEDIUM, or HIGH. If you do not want to filter detected faces,\n specify NONE. The default value is NONE.
If the image doesn't contain Exif metadata, CompareFaces returns\n orientation information for the source and target images. Use these values to display the\n images with the correct image orientation.
If no faces are detected in the source or target images, CompareFaces\n returns an InvalidParameterException error.
This is a stateless API operation. That is, data returned by this operation doesn't\n persist.
\nFor an example, see Comparing Faces in Images in the Amazon Rekognition Developer\n Guide.
\nThis operation requires permissions to perform the\n rekognition:CompareFaces action.
Compares a face in the source input image with each of the 100\n largest faces detected in the target input image.
\nIf the source image contains multiple faces, the service detects the largest face and\n compares it with each face detected in the target image.
\nCompareFaces uses machine learning algorithms, which are probabilistic. A false negative\n is an incorrect prediction that a face in the target image has a low similarity confidence\n score when compared to the face in the source image. To reduce the probability of false\n negatives, we recommend that you compare the target image against multiple source images. If\n you plan to use CompareFaces to make a decision that impacts an individual's\n rights, privacy, or access to services, we recommend that you pass the result to a human for\n review and further validation before taking action.
You pass the input and target images either as base64-encoded image bytes or as\n references to images in an Amazon S3 bucket. If you use the\n AWS\n CLI to call Amazon Rekognition operations, passing image bytes isn't\n supported. The image must be formatted as a PNG or JPEG file.
\nIn response, the operation returns an array of face matches ordered by similarity score\n in descending order. For each face match, the response provides a bounding box of the face,\n facial landmarks, pose details (pitch, roll, and yaw), quality (brightness and sharpness), and\n confidence value (indicating the level of confidence that the bounding box contains a face).\n The response also provides a similarity score, which indicates how closely the faces match.
\nBy default, only faces with a similarity score of greater than or equal to 80% are\n returned in the response. You can change this value by specifying the\n SimilarityThreshold parameter.
\n CompareFaces also returns an array of faces that don't match the source\n image. For each face, it returns a bounding box, confidence value, landmarks, pose details,\n and quality. The response also returns information about the face in the source image,\n including the bounding box of the face and confidence value.
The QualityFilter input parameter allows you to filter out detected faces\n that don’t meet a required quality bar. The quality bar is based on a variety of common use\n cases. Use QualityFilter to set the quality bar by specifying LOW,\n MEDIUM, or HIGH. If you do not want to filter detected faces,\n specify NONE. The default value is NONE.
If the image doesn't contain Exif metadata, CompareFaces returns\n orientation information for the source and target images. Use these values to display the\n images with the correct image orientation.
If no faces are detected in the source or target images, CompareFaces\n returns an InvalidParameterException error.
This is a stateless API operation. That is, data returned by this operation doesn't\n persist.
\nFor an example, see Comparing Faces in Images in the Amazon Rekognition Developer\n Guide.
\nThis operation requires permissions to perform the\n rekognition:CompareFaces action.
Type that describes the face Amazon Rekognition chose to compare with the faces in the target.\n This contains a bounding box for the selected face and confidence level that the bounding box\n contains a face. Note that Amazon Rekognition selects the largest face in the source image for this\n comparison.
" } }, + "com.amazonaws.rekognition#ConflictException": { + "type": "structure", + "members": { + "Message": { + "target": "com.amazonaws.rekognition#String" + }, + "Code": { + "target": "com.amazonaws.rekognition#String" + }, + "Logref": { + "target": "com.amazonaws.rekognition#String", + "traits": { + "smithy.api#documentation": "A universally unique identifier (UUID) for the request.
" + } + } + }, + "traits": { + "smithy.api#documentation": "\n A User with the same Id already exists within the collection, or the update or deletion of the User caused an inconsistent state. ** \n
", + "smithy.api#error": "client" + } + }, "com.amazonaws.rekognition#ConnectedHomeLabel": { "type": "string" }, @@ -974,7 +1217,30 @@ } ], "traits": { - "smithy.api#documentation": "Copies a version of an Amazon Rekognition Custom Labels model from a source project to a destination project. The source and\n destination projects can be in different AWS accounts but must be in the same AWS Region.\n You can't copy a model to another AWS service.\n \n
\nTo copy a model version to a different AWS account, you need to create a resource-based policy known as a\n project policy. You attach the project policy to the\n source project by calling PutProjectPolicy. The project policy\n gives permission to copy the model version from a trusting AWS account to a trusted account.
\nFor more information creating and attaching a project policy, see Attaching a project policy (SDK)\n in the Amazon Rekognition Custom Labels Developer Guide.\n
\nIf you are copying a model version to a project in the same AWS account, you don't need to create a project policy.
\nTo copy a model, the destination project, source project, and source model version must already exist.
\nCopying a model version takes a while to complete. To get the current status, call DescribeProjectVersions and check the value of Status in the\n ProjectVersionDescription object. The copy operation has finished when\n the value of Status is COPYING_COMPLETED.
This operation requires permissions to perform the rekognition:CopyProjectVersion action.
Copies a version of an Amazon Rekognition Custom Labels model from a source project to a destination project. The source and\n destination projects can be in different AWS accounts but must be in the same AWS Region.\n You can't copy a model to another AWS service.\n \n
\nTo copy a model version to a different AWS account, you need to create a resource-based policy known as a\n project policy. You attach the project policy to the\n source project by calling PutProjectPolicy. The project policy\n gives permission to copy the model version from a trusting AWS account to a trusted account.
\nFor more information creating and attaching a project policy, see Attaching a project policy (SDK)\n in the Amazon Rekognition Custom Labels Developer Guide.\n
\nIf you are copying a model version to a project in the same AWS account, you don't need to create a project policy.
\nTo copy a model, the destination project, source project, and source model version must already exist.
\nCopying a model version takes a while to complete. To get the current status, call DescribeProjectVersions and check the value of Status in the\n ProjectVersionDescription object. The copy operation has finished when\n the value of Status is COPYING_COMPLETED.
This operation requires permissions to perform the rekognition:CopyProjectVersion action.
Creates a collection in an AWS Region. You can add faces to the collection using the\n IndexFaces operation.
\nFor example, you might create collections, one for each of your application users. A\n user can then index faces using the IndexFaces operation and persist results in a\n specific collection. Then, a user can search the collection for faces in the user-specific\n container.
When you create a collection, it is associated with the latest version of the face model\n version.
\nCollection names are case-sensitive.
\nThis operation requires permissions to perform the\n rekognition:CreateCollection action. If you want to tag your collection, you\n also require permission to perform the rekognition:TagResource\n operation.
Creates a collection in an AWS Region. You can add faces to the collection using the\n IndexFaces operation.
\nFor example, you might create collections, one for each of your application users. A\n user can then index faces using the IndexFaces operation and persist results in a\n specific collection. Then, a user can search the collection for faces in the user-specific\n container.
When you create a collection, it is associated with the latest version of the face model\n version.
\nCollection names are case-sensitive.
\nThis operation requires permissions to perform the\n rekognition:CreateCollection action. If you want to tag your collection, you\n also require permission to perform the rekognition:TagResource\n operation.
Creates a new User within a collection specified by CollectionId. Takes\n UserId as a parameter, which is a user provided ID which should be unique\n within the collection. The provided UserId will alias the system generated\n UUID to make the UserId more user friendly.
Uses a ClientToken, an idempotency token that ensures a call to\n CreateUser completes only once. If the value is not supplied, the AWS SDK\n generates an idempotency token for the requests. This prevents retries after a network\n error results from making multiple CreateUser calls.
The ID of an existing collection to which the new UserID needs to be created.
", + "smithy.api#required": {} + } + }, + "UserId": { + "target": "com.amazonaws.rekognition#UserId", + "traits": { + "smithy.api#documentation": "ID for the UserID to be created. This ID needs to be unique within the collection.
", + "smithy.api#required": {} + } + }, + "ClientRequestToken": { + "target": "com.amazonaws.rekognition#ClientRequestToken", + "traits": { + "smithy.api#documentation": "Idempotent token used to identify the request to CreateUser. If you use the\n same token with multiple CreateUser requests, the same response is returned. \n Use ClientRequestToken to prevent the same request from being processed more than\n once.
Deletes the specified collection. Note that this operation removes all faces in the\n collection. For an example, see Deleting a\n collection.
\nThis operation requires permissions to perform the\n rekognition:DeleteCollection action.
Deletes the specified collection. Note that this operation removes all faces in the\n collection. For an example, see Deleting a\n collection.
\nThis operation requires permissions to perform the\n rekognition:DeleteCollection action.
Deletes faces from a collection. You specify a collection ID and an array of face IDs\n to remove from the collection.
\nThis operation requires permissions to perform the rekognition:DeleteFaces\n action.
Deletes faces from a collection. You specify a collection ID and an array of face IDs\n to remove from the collection.
\nThis operation requires permissions to perform the rekognition:DeleteFaces\n action.
An array of strings (face IDs) of the faces that were deleted.
" } + }, + "UnsuccessfulFaceDeletions": { + "target": "com.amazonaws.rekognition#UnsuccessfulFaceDeletionsList", + "traits": { + "smithy.api#documentation": "An array of any faces that weren't deleted.
" + } } }, "traits": { @@ -2256,7 +2657,19 @@ } ], "traits": { - "smithy.api#documentation": "Deletes an existing project policy.
\nTo get a list of project policies attached to a project, call ListProjectPolicies. To attach a project policy to a project, call PutProjectPolicy.
\nThis operation requires permissions to perform the rekognition:DeleteProjectPolicy action.
Deletes an existing project policy.
\nTo get a list of project policies attached to a project, call ListProjectPolicies. To attach a project policy to a project, call PutProjectPolicy.
\nThis operation requires permissions to perform the rekognition:DeleteProjectPolicy action.
Describes the specified collection. You can use DescribeCollection to get\n information, such as the number of faces indexed into a collection and the version of the\n model used by the collection for face detection.
For more information, see Describing a Collection in the \n Amazon Rekognition Developer Guide.
" + "smithy.api#documentation": "Deletes the specified UserID within the collection. Faces that are associated with the\n UserID are disassociated from the UserID before deleting the specified UserID. If the\n specified Collection or UserID is already deleted or not found, a\n ResourceNotFoundException will be thrown. If the action is successful with a\n 200 response, an empty HTTP body is returned.
The ID of the collection to describe.
", + "smithy.api#documentation": "The ID of an existing collection from which the UserID needs to be deleted.
", "smithy.api#required": {} } - } - }, - "traits": { - "smithy.api#input": {} - } - }, + }, + "UserId": { + "target": "com.amazonaws.rekognition#UserId", + "traits": { + "smithy.api#documentation": "ID for the UserID to be deleted.
", + "smithy.api#required": {} + } + }, + "ClientRequestToken": { + "target": "com.amazonaws.rekognition#ClientRequestToken", + "traits": { + "smithy.api#documentation": "Idempotent token used to identify the request to DeleteUser. If you use the\n same token with multiple DeleteUser requests, the same response is returned. \n Use ClientRequestToken to prevent the same request from being processed more than\n once.
Describes the specified collection. You can use DescribeCollection to get\n information, such as the number of faces indexed into a collection and the version of the\n model used by the collection for face detection.
For more information, see Describing a Collection in the \n Amazon Rekognition Developer Guide.
" + } + }, + "com.amazonaws.rekognition#DescribeCollectionRequest": { + "type": "structure", + "members": { + "CollectionId": { + "target": "com.amazonaws.rekognition#CollectionId", + "traits": { + "smithy.api#documentation": "The ID of the collection to describe.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, "com.amazonaws.rekognition#DescribeCollectionResponse": { "type": "structure", "members": { @@ -2517,6 +3015,12 @@ "traits": { "smithy.api#documentation": "The number of milliseconds since the Unix epoch time until the creation of the collection.\n The Unix epoch time is 00:00:00 Coordinated Universal Time (UTC), Thursday, 1 January 1970.
" } + }, + "UserCount": { + "target": "com.amazonaws.rekognition#ULong", + "traits": { + "smithy.api#documentation": "The number of UserIDs assigned to the specified colleciton.
" + } } }, "traits": { @@ -3081,7 +3585,71 @@ } ], "traits": { - "smithy.api#documentation": "Detects faces within an image that is provided as input.
\n\n DetectFaces detects the 100 largest faces in the image. For each face\n detected, the operation returns face details. These details include a bounding box of the\n face, a confidence value (that the bounding box contains a face), and a fixed set of\n attributes such as facial landmarks (for example, coordinates of eye and mouth), pose,\n presence of facial occlusion, and so on.
The face-detection algorithm is most effective on frontal faces. For non-frontal or\n obscured faces, the algorithm might not detect the faces or might detect faces with lower\n confidence.
\nYou pass the input image either as base64-encoded image bytes or as a reference to an\n image in an Amazon S3 bucket. If you use the AWS CLI to call Amazon Rekognition operations,\n passing image bytes is not supported. The image must be either a PNG or JPEG formatted file.
\nThis is a stateless API operation. That is, the operation does not persist any\n data.
\nThis operation requires permissions to perform the rekognition:DetectFaces\n action.
Detects faces within an image that is provided as input.
\n\n DetectFaces detects the 100 largest faces in the image. For each face\n detected, the operation returns face details. These details include a bounding box of the\n face, a confidence value (that the bounding box contains a face), and a fixed set of\n attributes such as facial landmarks (for example, coordinates of eye and mouth), pose,\n presence of facial occlusion, and so on.
The face-detection algorithm is most effective on frontal faces. For non-frontal or\n obscured faces, the algorithm might not detect the faces or might detect faces with lower\n confidence.
\nYou pass the input image either as base64-encoded image bytes or as a reference to an\n image in an Amazon S3 bucket. If you use the AWS CLI to call Amazon Rekognition operations,\n passing image bytes is not supported. The image must be either a PNG or JPEG formatted file.
\nThis is a stateless API operation. That is, the operation does not persist any\n data.
\nThis operation requires permissions to perform the rekognition:DetectFaces\n action.
Detects instances of real-world entities within an image (JPEG or PNG) provided as\n input. This includes objects like flower, tree, and table; events like wedding, graduation,\n and birthday party; and concepts like landscape, evening, and nature.
\nFor an example, see Analyzing images stored in an Amazon S3 bucket in the\n Amazon Rekognition Developer Guide.
\nYou pass the input image as base64-encoded image bytes or as a reference to an image in\n an Amazon S3 bucket. If you use the\n AWS\n CLI to call Amazon Rekognition operations, passing image bytes is not\n supported. The image must be either a PNG or JPEG formatted file.
\n\n Optional Parameters\n
\nYou can specify one or both of the GENERAL_LABELS and\n IMAGE_PROPERTIES feature types when calling the DetectLabels API. Including\n GENERAL_LABELS will ensure the response includes the labels detected in the\n input image, while including IMAGE_PROPERTIES will ensure the response includes\n information about the image quality and color.
When using GENERAL_LABELS and/or IMAGE_PROPERTIES you can\n provide filtering criteria to the Settings parameter. You can filter with sets of individual\n labels or with label categories. You can specify inclusive filters, exclusive filters, or a\n combination of inclusive and exclusive filters. For more information on filtering see Detecting\n Labels in an Image.
You can specify MinConfidence to control the confidence threshold for the\n labels returned. The default is 55%. You can also add the MaxLabels parameter to\n limit the number of labels returned. The default and upper limit is 1000 labels.
\n Response Elements\n
\nFor each object, scene, and concept the API returns one or more labels. The API\n returns the following types of information about labels:
\nName - The name of the detected label.
\nConfidence - The level of confidence in the label assigned to a detected object.\n
\nParents - The ancestor labels for a detected label. DetectLabels returns a\n hierarchical taxonomy of detected labels. For example, a detected car might be assigned\n the label car. The label car has two parent labels: Vehicle (its parent) and\n Transportation (its grandparent). The response includes the all ancestors for a label,\n where every ancestor is a unique label. In the previous example, Car, Vehicle, and\n Transportation are returned as unique labels in the response.
\nAliases - Possible Aliases for the label.
\nCategories - The label categories that the detected label belongs to.
\nBoundingBox — Bounding boxes are described for all instances of detected common\n object labels, returned in an array of Instance objects. An Instance object contains a\n BoundingBox object, describing the location of the label on the input image. It also\n includes the confidence for the accuracy of the detected bounding box.
\nThe API returns the following information regarding the image, as part of the\n ImageProperties structure:
\nQuality - Information about the Sharpness, Brightness, and Contrast of the input\n image, scored between 0 to 100. Image quality is returned for the entire image, as well as\n the background and the foreground.
\nDominant Color - An array of the dominant colors in the image.
\nForeground - Information about the sharpness, brightness, and dominant colors of the input image’s foreground.
\nBackground - Information about the sharpness, brightness, and dominant colors of the input image’s background.
\nThe list of returned labels will include at least one label for every detected object,\n along with information about that label. In the following example, suppose the input image has\n a lighthouse, the sea, and a rock. The response includes all three labels, one for each\n object, as well as the confidence in the label:
\n\n {Name: lighthouse, Confidence: 98.4629}\n
\n {Name: rock,Confidence: 79.2097}\n
\n {Name: sea,Confidence: 75.061}\n
The list of labels can include multiple labels for the same object. For example, if the\n input image shows a flower (for example, a tulip), the operation might return the following\n three labels.
\n\n {Name: flower,Confidence: 99.0562}\n
\n {Name: plant,Confidence: 99.0562}\n
\n {Name: tulip,Confidence: 99.0562}\n
In this example, the detection algorithm more precisely identifies the flower as a\n tulip.
\nIf the object detected is a person, the operation doesn't provide the same facial\n details that the DetectFaces operation provides.
\nThis is a stateless API operation that doesn't return any data.
\nThis operation requires permissions to perform the\n rekognition:DetectLabels action.
Detects instances of real-world entities within an image (JPEG or PNG) provided as\n input. This includes objects like flower, tree, and table; events like wedding, graduation,\n and birthday party; and concepts like landscape, evening, and nature.
\nFor an example, see Analyzing images stored in an Amazon S3 bucket in the\n Amazon Rekognition Developer Guide.
\nYou pass the input image as base64-encoded image bytes or as a reference to an image in\n an Amazon S3 bucket. If you use the\n AWS\n CLI to call Amazon Rekognition operations, passing image bytes is not\n supported. The image must be either a PNG or JPEG formatted file.
\n\n Optional Parameters\n
\nYou can specify one or both of the GENERAL_LABELS and\n IMAGE_PROPERTIES feature types when calling the DetectLabels API. Including\n GENERAL_LABELS will ensure the response includes the labels detected in the\n input image, while including IMAGE_PROPERTIES will ensure the response includes\n information about the image quality and color.
When using GENERAL_LABELS and/or IMAGE_PROPERTIES you can\n provide filtering criteria to the Settings parameter. You can filter with sets of individual\n labels or with label categories. You can specify inclusive filters, exclusive filters, or a\n combination of inclusive and exclusive filters. For more information on filtering see Detecting\n Labels in an Image.
You can specify MinConfidence to control the confidence threshold for the\n labels returned. The default is 55%. You can also add the MaxLabels parameter to\n limit the number of labels returned. The default and upper limit is 1000 labels.
\n Response Elements\n
\nFor each object, scene, and concept the API returns one or more labels. The API\n returns the following types of information about labels:
\nName - The name of the detected label.
\nConfidence - The level of confidence in the label assigned to a detected object.\n
\nParents - The ancestor labels for a detected label. DetectLabels returns a\n hierarchical taxonomy of detected labels. For example, a detected car might be assigned\n the label car. The label car has two parent labels: Vehicle (its parent) and\n Transportation (its grandparent). The response includes the all ancestors for a label,\n where every ancestor is a unique label. In the previous example, Car, Vehicle, and\n Transportation are returned as unique labels in the response.
\nAliases - Possible Aliases for the label.
\nCategories - The label categories that the detected label belongs to.
\nBoundingBox — Bounding boxes are described for all instances of detected common\n object labels, returned in an array of Instance objects. An Instance object contains a\n BoundingBox object, describing the location of the label on the input image. It also\n includes the confidence for the accuracy of the detected bounding box.
\nThe API returns the following information regarding the image, as part of the\n ImageProperties structure:
\nQuality - Information about the Sharpness, Brightness, and Contrast of the input\n image, scored between 0 to 100. Image quality is returned for the entire image, as well as\n the background and the foreground.
\nDominant Color - An array of the dominant colors in the image.
\nForeground - Information about the sharpness, brightness, and dominant colors of the input image’s foreground.
\nBackground - Information about the sharpness, brightness, and dominant colors of the input image’s background.
\nThe list of returned labels will include at least one label for every detected object,\n along with information about that label. In the following example, suppose the input image has\n a lighthouse, the sea, and a rock. The response includes all three labels, one for each\n object, as well as the confidence in the label:
\n\n {Name: lighthouse, Confidence: 98.4629}\n
\n {Name: rock,Confidence: 79.2097}\n
\n {Name: sea,Confidence: 75.061}\n
The list of labels can include multiple labels for the same object. For example, if the\n input image shows a flower (for example, a tulip), the operation might return the following\n three labels.
\n\n {Name: flower,Confidence: 99.0562}\n
\n {Name: plant,Confidence: 99.0562}\n
\n {Name: tulip,Confidence: 99.0562}\n
In this example, the detection algorithm more precisely identifies the flower as a\n tulip.
\nIf the object detected is a person, the operation doesn't provide the same facial\n details that the DetectFaces operation provides.
\nThis is a stateless API operation that doesn't return any data.
\nThis operation requires permissions to perform the\n rekognition:DetectLabels action.
A set of parameters that allow you to filter out certain results from your returned results.
" } }, + "com.amazonaws.rekognition#DisassociateFaces": { + "type": "operation", + "input": { + "target": "com.amazonaws.rekognition#DisassociateFacesRequest" + }, + "output": { + "target": "com.amazonaws.rekognition#DisassociateFacesResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rekognition#AccessDeniedException" + }, + { + "target": "com.amazonaws.rekognition#ConflictException" + }, + { + "target": "com.amazonaws.rekognition#IdempotentParameterMismatchException" + }, + { + "target": "com.amazonaws.rekognition#InternalServerError" + }, + { + "target": "com.amazonaws.rekognition#InvalidParameterException" + }, + { + "target": "com.amazonaws.rekognition#ProvisionedThroughputExceededException" + }, + { + "target": "com.amazonaws.rekognition#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.rekognition#ThrottlingException" + } + ], + "traits": { + "smithy.api#documentation": "Removes the association between a Face supplied in an array of\n FaceIds and the User. If the User is not present already, then a\n ResourceNotFound exception is thrown. If successful, an array of faces that are\n disassociated from the User is returned. If a given face is already disassociated from the\n given UserID, it will be ignored and not be returned in the response. If a given face is\n already associated with a different User or not found in the collection it will be returned as\n part of UnsuccessfulDisassociations. You can remove 1 - 100 face IDs from a user\n at one time.
The ID of an existing collection containing the UserID.
", + "smithy.api#required": {} + } + }, + "UserId": { + "target": "com.amazonaws.rekognition#UserId", + "traits": { + "smithy.api#documentation": "ID for the existing UserID.
", + "smithy.api#required": {} + } + }, + "ClientRequestToken": { + "target": "com.amazonaws.rekognition#ClientRequestToken", + "traits": { + "smithy.api#documentation": "Idempotent token used to identify the request to DisassociateFaces. If you\n use the same token with multiple DisassociateFaces requests, the same response is\n returned. Use ClientRequestToken to prevent the same request from being processed more than\n once.
An array of face IDs to disassociate from the UserID.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.rekognition#DisassociateFacesResponse": { + "type": "structure", + "members": { + "DisassociatedFaces": { + "target": "com.amazonaws.rekognition#DisassociatedFacesList", + "traits": { + "smithy.api#documentation": "An array of DissociatedFace objects containing FaceIds that are successfully disassociated\n with the UserID is returned. Returned if the DisassociatedFaces action is successful.
" + } + }, + "UnsuccessfulFaceDisassociations": { + "target": "com.amazonaws.rekognition#UnsuccessfulFaceDisassociationList", + "traits": { + "smithy.api#documentation": "An array of UnsuccessfulDisassociation objects containing FaceIds that are not\n successfully associated, along with the reasons for the failure to associate. Returned if the\n DisassociateFaces action is successful.
" + } + }, + "UserStatus": { + "target": "com.amazonaws.rekognition#UserStatus", + "traits": { + "smithy.api#documentation": "The status of an update made to a User. Reflects if the User has been updated for every requested change.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.rekognition#DisassociatedFace": { + "type": "structure", + "members": { + "FaceId": { + "target": "com.amazonaws.rekognition#FaceId", + "traits": { + "smithy.api#documentation": "Unique identifier assigned to the face.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Provides face metadata for the faces that are disassociated from a specific UserID.
" + } + }, + "com.amazonaws.rekognition#DisassociatedFacesList": { + "type": "list", + "member": { + "target": "com.amazonaws.rekognition#DisassociatedFace" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 100 + } + } + }, "com.amazonaws.rekognition#DistributeDataset": { "type": "structure", "members": { @@ -4115,6 +4869,12 @@ "traits": { "smithy.api#documentation": "The version of the face detect and storage model that was used when indexing the face\n vector.
" } + }, + "UserId": { + "target": "com.amazonaws.rekognition#UserId", + "traits": { + "smithy.api#documentation": "Unique identifier assigned to the user.
" + } } }, "traits": { @@ -6087,7 +6847,145 @@ } ], "traits": { - "smithy.api#documentation": "Detects faces in the input image and adds them to the specified collection.
\nAmazon Rekognition doesn't save the actual faces that are detected. Instead, the underlying\n detection algorithm first detects the faces in the input image. For each face, the algorithm\n extracts facial features into a feature vector, and stores it in the backend database.\n Amazon Rekognition uses feature vectors when it performs face match and search operations using the\n SearchFaces and SearchFacesByImage operations.
\nFor more information, see Adding faces to a collection in the Amazon Rekognition\n Developer Guide.
\nTo get the number of faces in a collection, call DescribeCollection.
\nIf you're using version 1.0 of the face detection model, IndexFaces\n indexes the 15 largest faces in the input image. Later versions of the face detection model\n index the 100 largest faces in the input image.
If you're using version 4 or later of the face model, image orientation information is not\n returned in the OrientationCorrection field.
To determine which version of the model you're using, call DescribeCollection and supply the collection ID. You can also get the model\n version from the value of FaceModelVersion in the response from\n IndexFaces\n
For more information, see Model Versioning in the Amazon Rekognition Developer\n Guide.
\nIf you provide the optional ExternalImageId for the input image you\n provided, Amazon Rekognition associates this ID with all faces that it detects. When you call the ListFaces operation, the response returns the external ID. You can use this\n external image ID to create a client-side index to associate the faces with each image. You\n can then use the index to find all faces in an image.
You can specify the maximum number of faces to index with the MaxFaces input\n parameter. This is useful when you want to index the largest faces in an image and don't want\n to index smaller faces, such as those belonging to people standing in the background.
The QualityFilter input parameter allows you to filter out detected faces\n that don’t meet a required quality bar. The quality bar is based on a variety of common use\n cases. By default, IndexFaces chooses the quality bar that's used to filter\n faces. You can also explicitly choose the quality bar. Use QualityFilter, to set\n the quality bar by specifying LOW, MEDIUM, or HIGH. If\n you do not want to filter detected faces, specify NONE.
To use quality filtering, you need a collection associated with version 3 of the face\n model or higher. To get the version of the face model associated with a collection, call\n DescribeCollection.
\nInformation about faces detected in an image, but not indexed, is returned in an array of\n UnindexedFace objects, UnindexedFaces. Faces aren't indexed\n for reasons such as:
The number of faces detected exceeds the value of the MaxFaces request\n parameter.
The face is too small compared to the image dimensions.
\nThe face is too blurry.
\nThe image is too dark.
\nThe face has an extreme pose.
\nThe face doesn’t have enough detail to be suitable for face search.
\nIn response, the IndexFaces operation returns an array of metadata for all\n detected faces, FaceRecords. This includes:
The bounding box, BoundingBox, of the detected face.
A confidence value, Confidence, which indicates the confidence that the\n bounding box contains a face.
A face ID, FaceId, assigned by the service for each face that's detected\n and stored.
An image ID, ImageId, assigned by the service for the input image.
If you request ALL or specific facial attributes (e.g.,\n FACE_OCCLUDED) by using the detectionAttributes parameter, Amazon Rekognition\n returns detailed facial attributes, such as facial landmarks (for example, location of eye and\n mouth), facial occlusion, and other facial attributes.
If you provide the same image, specify the same collection, and use the same external ID\n in the IndexFaces operation, Amazon Rekognition doesn't save duplicate face\n metadata.
The input image is passed either as base64-encoded image bytes, or as a reference to an\n image in an Amazon S3 bucket. If you use the AWS CLI to call Amazon Rekognition operations,\n passing image bytes isn't supported. The image must be formatted as a PNG or JPEG file.
\nThis operation requires permissions to perform the rekognition:IndexFaces\n action.
Detects faces in the input image and adds them to the specified collection.
\nAmazon Rekognition doesn't save the actual faces that are detected. Instead, the underlying\n detection algorithm first detects the faces in the input image. For each face, the algorithm\n extracts facial features into a feature vector, and stores it in the backend database.\n Amazon Rekognition uses feature vectors when it performs face match and search operations using the\n SearchFaces and SearchFacesByImage operations.
\nFor more information, see Adding faces to a collection in the Amazon Rekognition\n Developer Guide.
\nTo get the number of faces in a collection, call DescribeCollection.
\nIf you're using version 1.0 of the face detection model, IndexFaces\n indexes the 15 largest faces in the input image. Later versions of the face detection model\n index the 100 largest faces in the input image.
If you're using version 4 or later of the face model, image orientation information is not\n returned in the OrientationCorrection field.
To determine which version of the model you're using, call DescribeCollection and supply the collection ID. You can also get the model\n version from the value of FaceModelVersion in the response from\n IndexFaces\n
For more information, see Model Versioning in the Amazon Rekognition Developer\n Guide.
\nIf you provide the optional ExternalImageId for the input image you\n provided, Amazon Rekognition associates this ID with all faces that it detects. When you call the ListFaces operation, the response returns the external ID. You can use this\n external image ID to create a client-side index to associate the faces with each image. You\n can then use the index to find all faces in an image.
You can specify the maximum number of faces to index with the MaxFaces input\n parameter. This is useful when you want to index the largest faces in an image and don't want\n to index smaller faces, such as those belonging to people standing in the background.
The QualityFilter input parameter allows you to filter out detected faces\n that don’t meet a required quality bar. The quality bar is based on a variety of common use\n cases. By default, IndexFaces chooses the quality bar that's used to filter\n faces. You can also explicitly choose the quality bar. Use QualityFilter, to set\n the quality bar by specifying LOW, MEDIUM, or HIGH. If\n you do not want to filter detected faces, specify NONE.
To use quality filtering, you need a collection associated with version 3 of the face\n model or higher. To get the version of the face model associated with a collection, call\n DescribeCollection.
\nInformation about faces detected in an image, but not indexed, is returned in an array of\n UnindexedFace objects, UnindexedFaces. Faces aren't indexed\n for reasons such as:
The number of faces detected exceeds the value of the MaxFaces request\n parameter.
The face is too small compared to the image dimensions.
\nThe face is too blurry.
\nThe image is too dark.
\nThe face has an extreme pose.
\nThe face doesn’t have enough detail to be suitable for face search.
\nIn response, the IndexFaces operation returns an array of metadata for all\n detected faces, FaceRecords. This includes:
The bounding box, BoundingBox, of the detected face.
A confidence value, Confidence, which indicates the confidence that the\n bounding box contains a face.
A face ID, FaceId, assigned by the service for each face that's detected\n and stored.
An image ID, ImageId, assigned by the service for the input image.
If you request ALL or specific facial attributes (e.g.,\n FACE_OCCLUDED) by using the detectionAttributes parameter, Amazon Rekognition\n returns detailed facial attributes, such as facial landmarks (for example, location of eye and\n mouth), facial occlusion, and other facial attributes.
If you provide the same image, specify the same collection, and use the same external ID\n in the IndexFaces operation, Amazon Rekognition doesn't save duplicate face\n metadata.
The input image is passed either as base64-encoded image bytes, or as a reference to an\n image in an Amazon S3 bucket. If you use the AWS CLI to call Amazon Rekognition operations,\n passing image bytes isn't supported. The image must be formatted as a PNG or JPEG file.
\nThis operation requires permissions to perform the rekognition:IndexFaces\n action.
Returns list of collection IDs in your account. If the result is truncated, the\n response also provides a NextToken that you can use in the subsequent request to\n fetch the next set of collection IDs.
For an example, see Listing collections in the Amazon Rekognition Developer\n Guide.
\nThis operation requires permissions to perform the\n rekognition:ListCollections action.
Returns metadata for faces in the specified collection. This metadata\n includes information such as the bounding box coordinates, the confidence (that the bounding\n box contains a face), and face ID. For an example, see Listing Faces in a Collection in the\n Amazon Rekognition Developer Guide.
\nThis operation requires permissions to perform the rekognition:ListFaces\n action.
Maximum number of faces to return.
" } - } - }, - "traits": { + }, + "UserId": { + "target": "com.amazonaws.rekognition#UserId", + "traits": { + "smithy.api#documentation": "An array of user IDs to match when listing faces in a collection.
" + } + }, + "FaceIds": { + "target": "com.amazonaws.rekognition#FaceIdList", + "traits": { + "smithy.api#documentation": "An array of face IDs to match when listing faces in a collection.
" + } + } + }, + "traits": { "smithy.api#input": {} } }, @@ -7576,6 +8549,116 @@ "smithy.api#output": {} } }, + "com.amazonaws.rekognition#ListUsers": { + "type": "operation", + "input": { + "target": "com.amazonaws.rekognition#ListUsersRequest" + }, + "output": { + "target": "com.amazonaws.rekognition#ListUsersResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rekognition#AccessDeniedException" + }, + { + "target": "com.amazonaws.rekognition#InternalServerError" + }, + { + "target": "com.amazonaws.rekognition#InvalidPaginationTokenException" + }, + { + "target": "com.amazonaws.rekognition#InvalidParameterException" + }, + { + "target": "com.amazonaws.rekognition#ProvisionedThroughputExceededException" + }, + { + "target": "com.amazonaws.rekognition#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.rekognition#ThrottlingException" + } + ], + "traits": { + "smithy.api#documentation": "Returns metadata of the User such as UserID in the specified collection.\n Anonymous User (to reserve faces without any identity) is not returned as part of this\n request. The results are sorted by system generated primary key ID. If the response is\n truncated, NextToken is returned in the response that can be used in the\n subsequent request to retrieve the next set of identities.
The ID of an existing collection.
", + "smithy.api#required": {} + } + }, + "MaxResults": { + "target": "com.amazonaws.rekognition#MaxUserResults", + "traits": { + "smithy.api#documentation": "Maximum number of UsersID to return.
" + } + }, + "NextToken": { + "target": "com.amazonaws.rekognition#PaginationToken", + "traits": { + "smithy.api#documentation": "Pagingation token to receive the next set of UsersID.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.rekognition#ListUsersResponse": { + "type": "structure", + "members": { + "Users": { + "target": "com.amazonaws.rekognition#UserList", + "traits": { + "smithy.api#documentation": "List of UsersID associated with the specified collection.
" + } + }, + "NextToken": { + "target": "com.amazonaws.rekognition#PaginationToken", + "traits": { + "smithy.api#documentation": "A pagination token to be used with the subsequent request if the response is truncated.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.rekognition#LivenessImageBlob": { "type": "blob", "traits": { @@ -7683,6 +8766,26 @@ "smithy.api#error": "client" } }, + "com.amazonaws.rekognition#MatchedUser": { + "type": "structure", + "members": { + "UserId": { + "target": "com.amazonaws.rekognition#UserId", + "traits": { + "smithy.api#documentation": "A provided ID for the UserID. Unique within the collection.
" + } + }, + "UserStatus": { + "target": "com.amazonaws.rekognition#UserStatus", + "traits": { + "smithy.api#documentation": "The status of the user matched to a provided FaceID.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains metadata for a UserID matched with a given face.
" + } + }, "com.amazonaws.rekognition#MaxDurationInSecondsULong": { "type": "long", "traits": { @@ -7726,6 +8829,15 @@ } } }, + "com.amazonaws.rekognition#MaxUserResults": { + "type": "integer", + "traits": { + "smithy.api#range": { + "min": 1, + "max": 500 + } + } + }, "com.amazonaws.rekognition#MinCoveragePercentage": { "type": "float", "traits": { @@ -8683,7 +9795,22 @@ } ], "traits": { - "smithy.api#documentation": "Attaches a project policy to a Amazon Rekognition Custom Labels project in a trusting AWS account. A\n project policy specifies that a trusted AWS account can copy a model version from a\n trusting AWS account to a project in the trusted AWS account. To copy a model version you use\n the CopyProjectVersion operation.
\nFor more information about the format of a project policy document, see Attaching a project policy (SDK)\n in the Amazon Rekognition Custom Labels Developer Guide.\n
\nThe response from PutProjectPolicy is a revision ID for the project policy.\n You can attach multiple project policies to a project. You can also update an existing\n project policy by specifying the policy revision ID of the existing policy.
To remove a project policy from a project, call DeleteProjectPolicy.\n To get a list of project policies attached to a project, call ListProjectPolicies.
\nYou copy a model version by calling CopyProjectVersion.
\nThis operation requires permissions to perform the rekognition:PutProjectPolicy action.
Attaches a project policy to a Amazon Rekognition Custom Labels project in a trusting AWS account. A\n project policy specifies that a trusted AWS account can copy a model version from a\n trusting AWS account to a project in the trusted AWS account. To copy a model version you use\n the CopyProjectVersion operation.
\nFor more information about the format of a project policy document, see Attaching a project policy (SDK)\n in the Amazon Rekognition Custom Labels Developer Guide.\n
\nThe response from PutProjectPolicy is a revision ID for the project policy.\n You can attach multiple project policies to a project. You can also update an existing\n project policy by specifying the policy revision ID of the existing policy.
To remove a project policy from a project, call DeleteProjectPolicy.\n To get a list of project policies attached to a project, call ListProjectPolicies.
\nYou copy a model version by calling CopyProjectVersion.
\nThis operation requires permissions to perform the rekognition:PutProjectPolicy action.
This is the API Reference for Amazon Rekognition Image, Amazon Rekognition Custom Labels,\n Amazon Rekognition Stored\n Video, Amazon Rekognition Streaming Video. It provides descriptions of actions, data types, common\n parameters, and common errors.
\n\n Amazon Rekognition Image\n
\n\n CompareFaces\n
\n\n CreateCollection\n
\n\n DeleteCollection\n
\n\n DeleteFaces\n
\n\n DescribeCollection\n
\n\n DetectFaces\n
\n\n DetectLabels\n
\n\n DetectText\n
\n\n GetCelebrityInfo\n
\n\n IndexFaces\n
\n\n ListCollections\n
\n\n ListFaces\n
\n\n RecognizeCelebrities\n
\n\n SearchFaces\n
\n\n SearchFacesByImage\n
\n\n Amazon Rekognition Custom Labels\n
\n\n CopyProjectVersion\n
\n\n CreateDataset\n
\n\n CreateProject\n
\n\n CreateProjectVersion\n
\n\n DeleteDataset\n
\n\n DeleteProject\n
\n\n DeleteProjectPolicy\n
\n\n DeleteProjectVersion\n
\n\n DescribeDataset\n
\n\n DescribeProjects\n
\n\n DetectCustomLabels\n
\n\n ListDatasetEntries\n
\n\n ListDatasetLabels\n
\n\n ListProjectPolicies\n
\n\n PutProjectPolicy\n
\n\n StartProjectVersion\n
\n\n StopProjectVersion\n
\n\n UpdateDatasetEntries\n
\n\n Amazon Rekognition Video Stored Video\n
\n\n GetContentModeration\n
\n\n GetFaceDetection\n
\n\n GetFaceSearch\n
\n\n GetLabelDetection\n
\n\n GetPersonTracking\n
\n\n GetSegmentDetection\n
\n\n GetTextDetection\n
\n\n StartFaceDetection\n
\n\n StartFaceSearch\n
\n\n StartLabelDetection\n
\n\n StartPersonTracking\n
\n\n StartTextDetection\n
\n\n Amazon Rekognition Video Streaming Video\n
\n\n ListStreamProcessors\n
\n\n StartStreamProcessor\n
\n\n StopStreamProcessor\n
\nThis is the API Reference for Amazon Rekognition Image, Amazon Rekognition Custom Labels,\n Amazon Rekognition Stored\n Video, Amazon Rekognition Streaming Video. It provides descriptions of actions, data types, common\n parameters, and common errors.
\n\n Amazon Rekognition Image\n
\n\n AssociateFaces\n
\n\n CompareFaces\n
\n\n CreateCollection\n
\n\n CreateUser\n
\n\n DeleteCollection\n
\n\n DeleteFaces\n
\n\n DeleteUser\n
\n\n DescribeCollection\n
\n\n DetectFaces\n
\n\n DetectLabels\n
\n\n DetectText\n
\n\n DisassociateFaces\n
\n\n GetCelebrityInfo\n
\n\n IndexFaces\n
\n\n ListCollections\n
\n\n ListFaces\n
\n\n ListUsers\n
\n\n RecognizeCelebrities\n
\n\n SearchFaces\n
\n\n SearchFacesByImage\n
\n\n SearchUsers\n
\n\n SearchUsersByImage\n
\n\n Amazon Rekognition Custom Labels\n
\n\n CopyProjectVersion\n
\n\n CreateDataset\n
\n\n CreateProject\n
\n\n CreateProjectVersion\n
\n\n DeleteDataset\n
\n\n DeleteProject\n
\n\n DeleteProjectPolicy\n
\n\n DeleteProjectVersion\n
\n\n DescribeDataset\n
\n\n DescribeProjects\n
\n\n DetectCustomLabels\n
\n\n ListDatasetEntries\n
\n\n ListDatasetLabels\n
\n\n ListProjectPolicies\n
\n\n PutProjectPolicy\n
\n\n StartProjectVersion\n
\n\n StopProjectVersion\n
\n\n UpdateDatasetEntries\n
\n\n Amazon Rekognition Video Stored Video\n
\n\n GetContentModeration\n
\n\n GetFaceDetection\n
\n\n GetFaceSearch\n
\n\n GetLabelDetection\n
\n\n GetPersonTracking\n
\n\n GetSegmentDetection\n
\n\n GetTextDetection\n
\n\n StartFaceDetection\n
\n\n StartFaceSearch\n
\n\n StartLabelDetection\n
\n\n StartPersonTracking\n
\n\n StartTextDetection\n
\n\n Amazon Rekognition Video Streaming Video\n
\n\n ListStreamProcessors\n
\n\n StartStreamProcessor\n
\n\n StopStreamProcessor\n
\nFor a given input face ID, searches for matching faces in the collection the face\n belongs to. You get a face ID when you add a face to the collection using the IndexFaces operation. The operation compares the features of the input face with\n faces in the specified collection.
\nYou can also search faces without indexing faces by using the\n SearchFacesByImage operation.
The operation response returns an array of faces that match, ordered by similarity\n score with the highest similarity first. More specifically, it is an array of metadata for\n each face match that is found. Along with the metadata, the response also includes a\n confidence value for each face match, indicating the confidence that the\n specific face matches the input face.
For an example, see Searching for a face using its face ID in the Amazon Rekognition\n Developer Guide.
\nThis operation requires permissions to perform the rekognition:SearchFaces\n action.
For a given input face ID, searches for matching faces in the collection the face\n belongs to. You get a face ID when you add a face to the collection using the IndexFaces operation. The operation compares the features of the input face with\n faces in the specified collection.
\nYou can also search faces without indexing faces by using the\n SearchFacesByImage operation.
The operation response returns an array of faces that match, ordered by similarity\n score with the highest similarity first. More specifically, it is an array of metadata for\n each face match that is found. Along with the metadata, the response also includes a\n confidence value for each face match, indicating the confidence that the\n specific face matches the input face.
For an example, see Searching for a face using its face ID in the Amazon Rekognition\n Developer Guide.
\nThis operation requires permissions to perform the rekognition:SearchFaces\n action.
For a given input image, first detects the largest face in the image, and then searches\n the specified collection for matching faces. The operation compares the features of the input\n face with faces in the specified collection.
\nTo search for all faces in an input image, you might first call the IndexFaces operation, and then use the face IDs returned in subsequent calls\n to the SearchFaces operation.
\n You can also call the DetectFaces operation and use the bounding boxes\n in the response to make face crops, which then you can pass in to the\n SearchFacesByImage operation.
You pass the input image either as base64-encoded image bytes or as a reference to an\n image in an Amazon S3 bucket. If you use the\n AWS\n CLI to call Amazon Rekognition operations, passing image bytes is not\n supported. The image must be either a PNG or JPEG formatted file.
\n The response returns an array of faces that match, ordered by similarity score with\n the highest similarity first. More specifically, it is an array of metadata for each face\n match found. Along with the metadata, the response also includes a similarity\n indicating how similar the face is to the input face. In the response, the operation also\n returns the bounding box (and a confidence level that the bounding box contains a face) of the\n face that Amazon Rekognition used for the input image.
If no faces are detected in the input image, SearchFacesByImage returns an\n InvalidParameterException error.
For an example, Searching for a Face Using an Image in the Amazon Rekognition\n Developer Guide.
\nThe QualityFilter input parameter allows you to filter out detected faces\n that don’t meet a required quality bar. The quality bar is based on a variety of common use\n cases. Use QualityFilter to set the quality bar for filtering by specifying\n LOW, MEDIUM, or HIGH. If you do not want to filter\n detected faces, specify NONE. The default value is NONE.
To use quality filtering, you need a collection associated with version 3 of the face\n model or higher. To get the version of the face model associated with a collection, call\n DescribeCollection.
\nThis operation requires permissions to perform the\n rekognition:SearchFacesByImage action.
For a given input image, first detects the largest face in the image, and then searches\n the specified collection for matching faces. The operation compares the features of the input\n face with faces in the specified collection.
\nTo search for all faces in an input image, you might first call the IndexFaces operation, and then use the face IDs returned in subsequent calls\n to the SearchFaces operation.
\n You can also call the DetectFaces operation and use the bounding boxes\n in the response to make face crops, which then you can pass in to the\n SearchFacesByImage operation.
You pass the input image either as base64-encoded image bytes or as a reference to an\n image in an Amazon S3 bucket. If you use the\n AWS\n CLI to call Amazon Rekognition operations, passing image bytes is not\n supported. The image must be either a PNG or JPEG formatted file.
\n The response returns an array of faces that match, ordered by similarity score with\n the highest similarity first. More specifically, it is an array of metadata for each face\n match found. Along with the metadata, the response also includes a similarity\n indicating how similar the face is to the input face. In the response, the operation also\n returns the bounding box (and a confidence level that the bounding box contains a face) of the\n face that Amazon Rekognition used for the input image.
If no faces are detected in the input image, SearchFacesByImage returns an\n InvalidParameterException error.
For an example, Searching for a Face Using an Image in the Amazon Rekognition\n Developer Guide.
\nThe QualityFilter input parameter allows you to filter out detected faces\n that don’t meet a required quality bar. The quality bar is based on a variety of common use\n cases. Use QualityFilter to set the quality bar for filtering by specifying\n LOW, MEDIUM, or HIGH. If you do not want to filter\n detected faces, specify NONE. The default value is NONE.
To use quality filtering, you need a collection associated with version 3 of the face\n model or higher. To get the version of the face model associated with a collection, call\n DescribeCollection.
\nThis operation requires permissions to perform the\n rekognition:SearchFacesByImage action.
Searches for UserIDs within a collection based on a FaceId or\n UserId. This API can be used to find the closest UserID (with a highest\n similarity) to associate a face. The request must be provided with either FaceId\n or UserId. The operation returns an array of UserID that match the\n FaceId or UserId, ordered by similarity score with the highest\n similarity first.
The type of the segment. Valid values are TECHNICAL_CUE and SHOT.
The start time of the detected segment in milliseconds from the start of the video. This value\n is rounded down. For example, if the actual timestamp is 100.6667 milliseconds, Amazon Rekognition Video returns a value of\n 100 millis.
" - } + { + "target": "com.amazonaws.rekognition#ImageTooLargeException" }, - "EndTimestampMillis": { - "target": "com.amazonaws.rekognition#Timestamp", - "traits": { - "smithy.api#default": 0, - "smithy.api#documentation": "The end time of the detected segment, in milliseconds, from the start of the video.\n This value is rounded down.
" - } + { + "target": "com.amazonaws.rekognition#InternalServerError" }, - "DurationMillis": { - "target": "com.amazonaws.rekognition#ULong", - "traits": { - "smithy.api#documentation": "The duration of the detected segment in milliseconds.
" - } + { + "target": "com.amazonaws.rekognition#InvalidImageFormatException" }, - "StartTimecodeSMPTE": { - "target": "com.amazonaws.rekognition#Timecode", - "traits": { - "smithy.api#documentation": "The frame-accurate SMPTE timecode, from the start of a video, for the start of a detected segment.\n StartTimecode is in HH:MM:SS:fr format\n (and ;fr for drop frame-rates).
The frame-accurate SMPTE timecode, from the start of a video, for the end of a detected segment. \n EndTimecode is in HH:MM:SS:fr format\n (and ;fr for drop frame-rates).
The duration of the timecode for the detected segment in SMPTE format.
" - } + { + "target": "com.amazonaws.rekognition#ProvisionedThroughputExceededException" }, - "TechnicalCueSegment": { - "target": "com.amazonaws.rekognition#TechnicalCueSegment", - "traits": { - "smithy.api#documentation": "If the segment is a technical cue, contains information about the technical cue.
" - } + { + "target": "com.amazonaws.rekognition#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.rekognition#ThrottlingException" + } + ], + "traits": { + "smithy.api#documentation": "Searches for UserIDs using a supplied image. It first detects the largest face in the\n image, and then searches a specified collection for matching UserIDs.
\nThe operation returns an array of UserIDs that match the face in the supplied image,\n ordered by similarity score with the highest similarity first. It also returns a bounding box\n for the face found in the input image.
\nInformation about faces detected in the supplied image, but not used for the search, is\n returned in an array of UnsearchedFace objects. If no valid face is detected\n in the image, the response will contain an empty UserMatches list and no\n SearchedFace object.
The ID of an existing collection containing the UserID.
", + "smithy.api#required": {} + } + }, + "Image": { + "target": "com.amazonaws.rekognition#Image", + "traits": { + "smithy.api#required": {} + } + }, + "UserMatchThreshold": { + "target": "com.amazonaws.rekognition#Percent", + "traits": { + "smithy.api#documentation": "Specifies the minimum confidence in the UserID match to return. Default value is\n 80.
" + } + }, + "MaxUsers": { + "target": "com.amazonaws.rekognition#MaxUserResults", + "traits": { + "smithy.api#documentation": "Maximum number of UserIDs to return.
" + } + }, + "QualityFilter": { + "target": "com.amazonaws.rekognition#QualityFilter", + "traits": { + "smithy.api#documentation": "A filter that specifies a quality bar for how much filtering is done to identify faces.\n Filtered faces aren't searched for in the collection. The default value is NONE.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.rekognition#SearchUsersByImageResponse": { + "type": "structure", + "members": { + "UserMatches": { + "target": "com.amazonaws.rekognition#UserMatchList", + "traits": { + "smithy.api#documentation": "An array of UserID objects that matched the input face, along with the confidence in the\n match. The returned structure will be empty if there are no matches. Returned if the\n SearchUsersByImageResponse action is successful.
" + } + }, + "FaceModelVersion": { + "target": "com.amazonaws.rekognition#String", + "traits": { + "smithy.api#documentation": "Version number of the face detection model associated with the input collection\n CollectionId.
" + } + }, + "SearchedFace": { + "target": "com.amazonaws.rekognition#SearchedFaceDetails", + "traits": { + "smithy.api#documentation": "A list of FaceDetail objects containing the BoundingBox for the largest face in image,\n as well as the confidence in the bounding box, that was searched for matches. If no valid\n face is detected in the image the response will contain no SearchedFace object.
" + } + }, + "UnsearchedFaces": { + "target": "com.amazonaws.rekognition#UnsearchedFacesList", + "traits": { + "smithy.api#documentation": "List of UnsearchedFace objects. Contains the face details infered from the specified\n image but not used for search. Contains reasons that describe why a face wasn't used for\n Search.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.rekognition#SearchUsersRequest": { + "type": "structure", + "members": { + "CollectionId": { + "target": "com.amazonaws.rekognition#CollectionId", + "traits": { + "smithy.api#documentation": "The ID of an existing collection containing the UserID, used with a UserId or FaceId. If a\n FaceId is provided, UserId isn’t required to be present in the Collection.
", + "smithy.api#required": {} + } + }, + "UserId": { + "target": "com.amazonaws.rekognition#UserId", + "traits": { + "smithy.api#documentation": "ID for the existing User.
" + } + }, + "FaceId": { + "target": "com.amazonaws.rekognition#FaceId", + "traits": { + "smithy.api#documentation": "ID for the existing face.
" + } + }, + "UserMatchThreshold": { + "target": "com.amazonaws.rekognition#Percent", + "traits": { + "smithy.api#documentation": "Optional value that specifies the minimum confidence in the matched UserID to return.\n Default value of 80.
" + } + }, + "MaxUsers": { + "target": "com.amazonaws.rekognition#MaxUserResults", + "traits": { + "smithy.api#documentation": "Maximum number of identities to return.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.rekognition#SearchUsersResponse": { + "type": "structure", + "members": { + "UserMatches": { + "target": "com.amazonaws.rekognition#UserMatchList", + "traits": { + "smithy.api#documentation": "An array of UserMatch objects that matched the input face along with the confidence in\n the match. Array will be empty if there are no matches.
" + } + }, + "FaceModelVersion": { + "target": "com.amazonaws.rekognition#String", + "traits": { + "smithy.api#documentation": "Version number of the face detection model associated with the input\n CollectionId.
" + } + }, + "SearchedFace": { + "target": "com.amazonaws.rekognition#SearchedFace", + "traits": { + "smithy.api#documentation": "Contains the ID of a face that was used to search for matches in a collection.
" + } + }, + "SearchedUser": { + "target": "com.amazonaws.rekognition#SearchedUser", + "traits": { + "smithy.api#documentation": "Contains the ID of the UserID that was used to search for matches in a collection.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.rekognition#SearchedFace": { + "type": "structure", + "members": { + "FaceId": { + "target": "com.amazonaws.rekognition#FaceId", + "traits": { + "smithy.api#documentation": "Unique identifier assigned to the face.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Provides face metadata such as FaceId, BoundingBox, Confidence of the input face used for search.
" + } + }, + "com.amazonaws.rekognition#SearchedFaceDetails": { + "type": "structure", + "members": { + "FaceDetail": { + "target": "com.amazonaws.rekognition#FaceDetail" + } + }, + "traits": { + "smithy.api#documentation": "Contains data regarding the input face used for a search.
" + } + }, + "com.amazonaws.rekognition#SearchedUser": { + "type": "structure", + "members": { + "UserId": { + "target": "com.amazonaws.rekognition#UserId", + "traits": { + "smithy.api#documentation": "A provided ID for the UserID. Unique within the collection.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains metadata about a User searched for within a collection.
" + } + }, + "com.amazonaws.rekognition#SegmentConfidence": { + "type": "float", + "traits": { + "smithy.api#range": { + "min": 50, + "max": 100 + } + } + }, + "com.amazonaws.rekognition#SegmentDetection": { + "type": "structure", + "members": { + "Type": { + "target": "com.amazonaws.rekognition#SegmentType", + "traits": { + "smithy.api#documentation": "The type of the segment. Valid values are TECHNICAL_CUE and SHOT.
The start time of the detected segment in milliseconds from the start of the video. This value\n is rounded down. For example, if the actual timestamp is 100.6667 milliseconds, Amazon Rekognition Video returns a value of\n 100 millis.
" + } + }, + "EndTimestampMillis": { + "target": "com.amazonaws.rekognition#Timestamp", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The end time of the detected segment, in milliseconds, from the start of the video.\n This value is rounded down.
" + } + }, + "DurationMillis": { + "target": "com.amazonaws.rekognition#ULong", + "traits": { + "smithy.api#documentation": "The duration of the detected segment in milliseconds.
" + } + }, + "StartTimecodeSMPTE": { + "target": "com.amazonaws.rekognition#Timecode", + "traits": { + "smithy.api#documentation": "The frame-accurate SMPTE timecode, from the start of a video, for the start of a detected segment.\n StartTimecode is in HH:MM:SS:fr format\n (and ;fr for drop frame-rates).
The frame-accurate SMPTE timecode, from the start of a video, for the end of a detected segment. \n EndTimecode is in HH:MM:SS:fr format\n (and ;fr for drop frame-rates).
The duration of the timecode for the detected segment in SMPTE format.
" + } + }, + "TechnicalCueSegment": { + "target": "com.amazonaws.rekognition#TechnicalCueSegment", + "traits": { + "smithy.api#documentation": "If the segment is a technical cue, contains information about the technical cue.
" + } }, "ShotSegment": { "target": "com.amazonaws.rekognition#ShotSegment", @@ -12526,42 +14124,319 @@ "target": "com.amazonaws.rekognition#UnindexedFace" } }, - "com.amazonaws.rekognition#UntagResource": { - "type": "operation", - "input": { - "target": "com.amazonaws.rekognition#UntagResourceRequest" - }, - "output": { - "target": "com.amazonaws.rekognition#UntagResourceResponse" - }, - "errors": [ - { - "target": "com.amazonaws.rekognition#AccessDeniedException" - }, - { - "target": "com.amazonaws.rekognition#InternalServerError" - }, - { - "target": "com.amazonaws.rekognition#InvalidParameterException" - }, - { - "target": "com.amazonaws.rekognition#ProvisionedThroughputExceededException" - }, - { - "target": "com.amazonaws.rekognition#ResourceNotFoundException" + "com.amazonaws.rekognition#UnsearchedFace": { + "type": "structure", + "members": { + "FaceDetails": { + "target": "com.amazonaws.rekognition#FaceDetail" }, - { - "target": "com.amazonaws.rekognition#ThrottlingException" + "Reasons": { + "target": "com.amazonaws.rekognition#UnsearchedFaceReasons", + "traits": { + "smithy.api#documentation": "Reasons why a face wasn't used for Search.
" + } } - ], + }, "traits": { - "smithy.api#documentation": "Removes one or more tags from an Amazon Rekognition collection, stream processor, or Custom Labels\n model.
\nThis operation requires permissions to perform the\n rekognition:UntagResource action.
Face details inferred from the image but not used for search. The response attribute\n contains reasons for why a face wasn't used for Search.
" } }, - "com.amazonaws.rekognition#UntagResourceRequest": { - "type": "structure", + "com.amazonaws.rekognition#UnsearchedFaceReason": { + "type": "enum", "members": { - "ResourceArn": { + "FACE_NOT_LARGEST": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FACE_NOT_LARGEST" + } + }, + "EXCEEDS_MAX_FACES": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "EXCEEDS_MAX_FACES" + } + }, + "EXTREME_POSE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "EXTREME_POSE" + } + }, + "LOW_BRIGHTNESS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "LOW_BRIGHTNESS" + } + }, + "LOW_SHARPNESS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "LOW_SHARPNESS" + } + }, + "LOW_CONFIDENCE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "LOW_CONFIDENCE" + } + }, + "SMALL_BOUNDING_BOX": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SMALL_BOUNDING_BOX" + } + }, + "LOW_FACE_QUALITY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "LOW_FACE_QUALITY" + } + } + } + }, + "com.amazonaws.rekognition#UnsearchedFaceReasons": { + "type": "list", + "member": { + "target": "com.amazonaws.rekognition#UnsearchedFaceReason" + } + }, + "com.amazonaws.rekognition#UnsearchedFacesList": { + "type": "list", + "member": { + "target": "com.amazonaws.rekognition#UnsearchedFace" + } + }, + "com.amazonaws.rekognition#UnsuccessfulFaceAssociation": { + "type": "structure", + "members": { + "FaceId": { + "target": "com.amazonaws.rekognition#FaceId", + "traits": { + "smithy.api#documentation": "A unique identifier assigned to the face.
" + } + }, + "UserId": { + "target": "com.amazonaws.rekognition#UserId", + "traits": { + "smithy.api#documentation": "A provided ID for the UserID. Unique within the collection.
" + } + }, + "Confidence": { + "target": "com.amazonaws.rekognition#Percent", + "traits": { + "smithy.api#documentation": "Match confidence with the UserID, provides information regarding if a face association was\n unsuccessful because it didn't meet UserMatchThreshold.
" + } + }, + "Reasons": { + "target": "com.amazonaws.rekognition#UnsuccessfulFaceAssociationReasons", + "traits": { + "smithy.api#documentation": "The reason why the association was unsuccessful.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains metadata like FaceId, UserID, and Reasons, for a face that was unsuccessfully associated.
" + } + }, + "com.amazonaws.rekognition#UnsuccessfulFaceAssociationList": { + "type": "list", + "member": { + "target": "com.amazonaws.rekognition#UnsuccessfulFaceAssociation" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 500 + } + } + }, + "com.amazonaws.rekognition#UnsuccessfulFaceAssociationReason": { + "type": "enum", + "members": { + "FACE_NOT_FOUND": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FACE_NOT_FOUND" + } + }, + "ASSOCIATED_TO_A_DIFFERENT_USER": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ASSOCIATED_TO_A_DIFFERENT_USER" + } + }, + "LOW_MATCH_CONFIDENCE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "LOW_MATCH_CONFIDENCE" + } + } + } + }, + "com.amazonaws.rekognition#UnsuccessfulFaceAssociationReasons": { + "type": "list", + "member": { + "target": "com.amazonaws.rekognition#UnsuccessfulFaceAssociationReason" + } + }, + "com.amazonaws.rekognition#UnsuccessfulFaceDeletion": { + "type": "structure", + "members": { + "FaceId": { + "target": "com.amazonaws.rekognition#FaceId", + "traits": { + "smithy.api#documentation": "A unique identifier assigned to the face.
" + } + }, + "UserId": { + "target": "com.amazonaws.rekognition#UserId", + "traits": { + "smithy.api#documentation": "A provided ID for the UserID. Unique within the collection.
" + } + }, + "Reasons": { + "target": "com.amazonaws.rekognition#UnsuccessfulFaceDeletionReasons", + "traits": { + "smithy.api#documentation": "The reason why the deletion was unsuccessful.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains metadata like FaceId, UserID, and Reasons, for a face that was unsuccessfully deleted.
" + } + }, + "com.amazonaws.rekognition#UnsuccessfulFaceDeletionReason": { + "type": "enum", + "members": { + "ASSOCIATED_TO_AN_EXISTING_USER": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ASSOCIATED_TO_AN_EXISTING_USER" + } + }, + "FACE_NOT_FOUND": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FACE_NOT_FOUND" + } + } + } + }, + "com.amazonaws.rekognition#UnsuccessfulFaceDeletionReasons": { + "type": "list", + "member": { + "target": "com.amazonaws.rekognition#UnsuccessfulFaceDeletionReason" + } + }, + "com.amazonaws.rekognition#UnsuccessfulFaceDeletionsList": { + "type": "list", + "member": { + "target": "com.amazonaws.rekognition#UnsuccessfulFaceDeletion" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 4096 + } + } + }, + "com.amazonaws.rekognition#UnsuccessfulFaceDisassociation": { + "type": "structure", + "members": { + "FaceId": { + "target": "com.amazonaws.rekognition#FaceId", + "traits": { + "smithy.api#documentation": "A unique identifier assigned to the face.
" + } + }, + "UserId": { + "target": "com.amazonaws.rekognition#UserId", + "traits": { + "smithy.api#documentation": "A provided ID for the UserID. Unique within the collection.
" + } + }, + "Reasons": { + "target": "com.amazonaws.rekognition#UnsuccessfulFaceDisassociationReasons", + "traits": { + "smithy.api#documentation": "The reason why the deletion was unsuccessful.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains metadata like FaceId, UserID, and Reasons, for a face that was unsuccessfully disassociated.
" + } + }, + "com.amazonaws.rekognition#UnsuccessfulFaceDisassociationList": { + "type": "list", + "member": { + "target": "com.amazonaws.rekognition#UnsuccessfulFaceDisassociation" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 500 + } + } + }, + "com.amazonaws.rekognition#UnsuccessfulFaceDisassociationReason": { + "type": "enum", + "members": { + "FACE_NOT_FOUND": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FACE_NOT_FOUND" + } + }, + "ASSOCIATED_TO_A_DIFFERENT_USER": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ASSOCIATED_TO_A_DIFFERENT_USER" + } + } + } + }, + "com.amazonaws.rekognition#UnsuccessfulFaceDisassociationReasons": { + "type": "list", + "member": { + "target": "com.amazonaws.rekognition#UnsuccessfulFaceDisassociationReason" + } + }, + "com.amazonaws.rekognition#UntagResource": { + "type": "operation", + "input": { + "target": "com.amazonaws.rekognition#UntagResourceRequest" + }, + "output": { + "target": "com.amazonaws.rekognition#UntagResourceResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rekognition#AccessDeniedException" + }, + { + "target": "com.amazonaws.rekognition#InternalServerError" + }, + { + "target": "com.amazonaws.rekognition#InvalidParameterException" + }, + { + "target": "com.amazonaws.rekognition#ProvisionedThroughputExceededException" + }, + { + "target": "com.amazonaws.rekognition#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.rekognition#ThrottlingException" + } + ], + "traits": { + "smithy.api#documentation": "Removes one or more tags from an Amazon Rekognition collection, stream processor, or Custom Labels\n model.
\nThis operation requires permissions to perform the\n rekognition:UntagResource action.
Amazon Resource Name (ARN) of the model, collection, or stream processor that you want to\n remove the tags from.
", @@ -12750,6 +14625,121 @@ } } }, + "com.amazonaws.rekognition#User": { + "type": "structure", + "members": { + "UserId": { + "target": "com.amazonaws.rekognition#UserId", + "traits": { + "smithy.api#documentation": "A provided ID for the User. Unique within the collection.
" + } + }, + "UserStatus": { + "target": "com.amazonaws.rekognition#UserStatus", + "traits": { + "smithy.api#documentation": "Communicates if the UserID has been updated with latest set of faces to be associated\n with the UserID.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Metadata of the user stored in a collection.
" + } + }, + "com.amazonaws.rekognition#UserFaceIdList": { + "type": "list", + "member": { + "target": "com.amazonaws.rekognition#FaceId" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 100 + } + } + }, + "com.amazonaws.rekognition#UserId": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 128 + }, + "smithy.api#pattern": "^[a-zA-Z0-9_.\\-:]+$" + } + }, + "com.amazonaws.rekognition#UserList": { + "type": "list", + "member": { + "target": "com.amazonaws.rekognition#User" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 500 + } + } + }, + "com.amazonaws.rekognition#UserMatch": { + "type": "structure", + "members": { + "Similarity": { + "target": "com.amazonaws.rekognition#Percent", + "traits": { + "smithy.api#documentation": "Describes the UserID metadata.
" + } + }, + "User": { + "target": "com.amazonaws.rekognition#MatchedUser", + "traits": { + "smithy.api#documentation": "Confidence in the match of this UserID with the input face.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Provides UserID metadata along with the confidence in the match of this UserID with the\n input face.
" + } + }, + "com.amazonaws.rekognition#UserMatchList": { + "type": "list", + "member": { + "target": "com.amazonaws.rekognition#UserMatch" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 500 + } + } + }, + "com.amazonaws.rekognition#UserStatus": { + "type": "enum", + "members": { + "ACTIVE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ACTIVE" + } + }, + "UPDATING": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "UPDATING" + } + }, + "CREATING": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "CREATING" + } + }, + "CREATED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "CREATED" + } + } + } + }, "com.amazonaws.rekognition#ValidationData": { "type": "structure", "members": { diff --git a/codegen/sdk/aws-models/s3.json b/codegen/sdk/aws-models/s3.json index a08417723f5..f0227a4af82 100644 --- a/codegen/sdk/aws-models/s3.json +++ b/codegen/sdk/aws-models/s3.json @@ -62,6 +62,18 @@ ], "traits": { "smithy.api#documentation": "This action aborts a multipart upload. After a multipart upload is aborted, no\n additional parts can be uploaded using that upload ID. The storage consumed by any\n previously uploaded parts will be freed. However, if any part uploads are currently in\n progress, those part uploads might or might not succeed. As a result, it might be necessary\n to abort a given multipart upload multiple times in order to completely free all storage\n consumed by all parts.
\nTo verify that all parts have been removed, so you don't get charged for the part\n storage, you should call the ListParts action and ensure that\n the parts list is empty.
\nFor information about permissions required to use the multipart upload, see Multipart Upload\n and Permissions.
\nThe following operations are related to AbortMultipartUpload:
\n UploadPart\n
\n\n ListParts\n
\n\n ListMultipartUploads\n
\nThe server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms).
The server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms).
If present, specifies the ID of the Amazon Web Services Key Management Service (Amazon Web Services KMS) symmetric\n encryption customer managed key that was used for the object.
", + "smithy.api#documentation": "If present, specifies the ID of the Key Management Service (KMS) symmetric encryption customer managed key\n that was used for the object.
", "smithy.api#httpHeader": "x-amz-server-side-encryption-aws-kms-key-id" } }, @@ -20053,7 +21541,7 @@ "target": "com.amazonaws.s3#BucketKeyEnabled", "traits": { "smithy.api#default": false, - "smithy.api#documentation": "Indicates whether the multipart upload uses an S3 Bucket Key for server-side encryption\n with Amazon Web Services KMS (SSE-KMS).
", + "smithy.api#documentation": "Indicates whether the multipart upload uses an S3 Bucket Key for server-side encryption\n with Key Management Service (KMS) keys (SSE-KMS).
", "smithy.api#httpHeader": "x-amz-server-side-encryption-bucket-key-enabled" } }, @@ -20335,7 +21823,24 @@ } ], "traits": { - "smithy.api#documentation": "Creates a copy of an object that is already stored in Amazon S3.
\nYou can store individual objects of up to 5 TB in Amazon S3. You create a copy of your\n object up to 5 GB in size in a single atomic action using this API. However, to copy an\n object greater than 5 GB, you must use the multipart upload Upload Part - Copy\n (UploadPartCopy) API. For more information, see Copy Object Using the\n REST Multipart Upload API.
\nAll copy requests must be authenticated. Additionally, you must have\n read access to the source object and write\n access to the destination bucket. For more information, see REST Authentication. Both the\n Region that you want to copy the object from and the Region that you want to copy the\n object to must be enabled for your account.
\nA copy request might return an error when Amazon S3 receives the copy request or while Amazon S3\n is copying the files. If the error occurs before the copy action starts, you receive a\n standard Amazon S3 error. If the error occurs during the copy operation, the error response is\n embedded in the 200 OK response. This means that a 200 OK\n response can contain either a success or an error. If you call the S3 API directly, make\n sure to design your application to parse the contents of the response and handle it\n appropriately. If you use Amazon Web Services SDKs, SDKs handle this condition. The SDKs detect the\n embedded error and apply error handling per your configuration settings (including\n automatically retrying the request as appropriate). If the condition persists, the SDKs\n throws an exception (or, for the SDKs that don't use exceptions, they return the\n error).
If the copy is successful, you receive a response with information about the copied\n object.
\nIf the request is an HTTP 1.1 request, the response is chunk encoded. If it were not,\n it would not contain the content-length, and you would need to read the entire\n body.
\nThe copy request charge is based on the storage class and Region that you specify for\n the destination object. For pricing information, see Amazon S3 pricing.
\nAmazon S3 transfer acceleration does not support cross-Region copies. If you request a\n cross-Region copy using a transfer acceleration endpoint, you get a 400 Bad\n Request error. For more information, see Transfer\n Acceleration.
When copying an object, you can preserve all metadata (default) or specify new metadata.\n However, the ACL is not preserved and is set to private for the user making the request. To\n override the default ACL setting, specify a new ACL when generating a copy request. For\n more information, see Using ACLs.
\nTo specify whether you want the object metadata copied from the source object or\n replaced with metadata provided in the request, you can optionally add the\n x-amz-metadata-directive header. When you grant permissions, you can use\n the s3:x-amz-metadata-directive condition key to enforce certain metadata\n behavior when objects are uploaded. For more information, see Specifying Conditions in a\n Policy in the Amazon S3 User Guide. For a complete list of\n Amazon S3-specific condition keys, see Actions, Resources, and Condition Keys for\n Amazon S3.
\n x-amz-website-redirect-location is unique to each object and must be\n specified in the request headers to copy the value.
To only copy an object under certain conditions, such as whether the Etag\n matches or whether the object was modified before or after a specified date, use the\n following request parameters:
\n x-amz-copy-source-if-match\n
\n x-amz-copy-source-if-none-match\n
\n x-amz-copy-source-if-unmodified-since\n
\n x-amz-copy-source-if-modified-since\n
If both the x-amz-copy-source-if-match and\n x-amz-copy-source-if-unmodified-since headers are present in the request\n and evaluate as follows, Amazon S3 returns 200 OK and copies the data:
\n x-amz-copy-source-if-match condition evaluates to true
\n x-amz-copy-source-if-unmodified-since condition evaluates to\n false
If both the x-amz-copy-source-if-none-match and\n x-amz-copy-source-if-modified-since headers are present in the request and\n evaluate as follows, Amazon S3 returns the 412 Precondition Failed response\n code:
\n x-amz-copy-source-if-none-match condition evaluates to false
\n x-amz-copy-source-if-modified-since condition evaluates to\n true
All headers with the x-amz- prefix, including\n x-amz-copy-source, must be signed.
Amazon S3 automatically encrypts all new objects that are copied to an S3 bucket. When\n copying an object, if you don't specify encryption information in your copy request, the\n encryption setting of the target object is set to the default encryption configuration of\n the destination bucket. By default, all buckets have a base level of encryption\n configuration that uses server-side encryption with Amazon S3 managed keys (SSE-S3). If the\n destination bucket has a default encryption configuration that uses server-side encryption\n with an Key Management Service (KMS) key (SSE-KMS), or a customer-provided encryption key (SSE-C),\n Amazon S3 uses the corresponding KMS key, or a customer-provided key to encrypt the target\n object copy.
\nWhen you perform a CopyObject operation, if you want to use a different type\n of encryption setting for the target object, you can use other appropriate\n encryption-related headers to encrypt the target object with a KMS key, an Amazon S3 managed\n key, or a customer-provided key. With server-side encryption, Amazon S3 encrypts your data as it\n writes it to disks in its data centers and decrypts the data when you access it. If the\n encryption setting in your request is different from the default encryption configuration\n of the destination bucket, the encryption setting in your request takes precedence. If the\n source object for the copy is stored in Amazon S3 using SSE-C, you must provide the necessary\n encryption information in your request so that Amazon S3 can decrypt the object for copying. For\n more information about server-side encryption, see Using Server-Side\n Encryption.
\nIf a target object uses SSE-KMS, you can enable an S3 Bucket Key for the object. For\n more information, see Amazon S3 Bucket Keys in the Amazon S3 User Guide.
\nWhen copying an object, you can optionally use headers to grant ACL-based permissions.\n By default, all objects are private. Only the owner has full access control. When adding a\n new object, you can grant permissions to individual Amazon Web Services accounts or to predefined groups\n defined by Amazon S3. These permissions are then added to the ACL on the object. For more\n information, see Access Control List (ACL) Overview and Managing ACLs Using the REST\n API.
\nIf the bucket that you're copying objects to uses the bucket owner enforced setting for\n S3 Object Ownership, ACLs are disabled and no longer affect permissions. Buckets that use\n this setting only accept PUT requests that don't specify an ACL or PUT requests that\n specify bucket owner full control ACLs, such as the bucket-owner-full-control\n canned ACL or an equivalent form of this ACL expressed in the XML format.
For more information, see Controlling ownership of\n objects and disabling ACLs in the Amazon S3 User Guide.
\nIf your bucket uses the bucket owner enforced setting for Object Ownership, all\n objects written to the bucket by any account will be owned by the bucket owner.
\nWhen copying an object, if it has a checksum, that checksum will be copied to the new\n object by default. When you copy the object over, you may optionally specify a different\n checksum algorithm to use with the x-amz-checksum-algorithm header.
You can use the CopyObject action to change the storage class of an object\n that is already stored in Amazon S3 using the StorageClass parameter. For more\n information, see Storage Classes in the\n Amazon S3 User Guide.
If the source object's storage class is GLACIER, you must restore a copy of\n this object before you can use it as a source object for the copy operation. For\n more information, see RestoreObject. For\n more information, see Copying\n Objects.
\nBy default, x-amz-copy-source identifies the current version of an object\n to copy. If the current version is a delete marker, Amazon S3 behaves as if the object was\n deleted. To copy a different version, use the versionId subresource.
If you enable versioning on the target bucket, Amazon S3 generates a unique version ID for\n the object being copied. This version ID is different from the version ID of the source\n object. Amazon S3 returns the version ID of the copied object in the\n x-amz-version-id response header in the response.
If you do not enable versioning or suspend it on the target bucket, the version ID that\n Amazon S3 generates is always null.
\nThe following operations are related to CopyObject:
Creates a copy of an object that is already stored in Amazon S3.
\nYou can store individual objects of up to 5 TB in Amazon S3. You create a copy of your\n object up to 5 GB in size in a single atomic action using this API. However, to copy an\n object greater than 5 GB, you must use the multipart upload Upload Part - Copy\n (UploadPartCopy) API. For more information, see Copy Object Using the\n REST Multipart Upload API.
\nAll copy requests must be authenticated. Additionally, you must have\n read access to the source object and write\n access to the destination bucket. For more information, see REST Authentication. Both the\n Region that you want to copy the object from and the Region that you want to copy the\n object to must be enabled for your account.
\nA copy request might return an error when Amazon S3 receives the copy request or while Amazon S3\n is copying the files. If the error occurs before the copy action starts, you receive a\n standard Amazon S3 error. If the error occurs during the copy operation, the error response is\n embedded in the 200 OK response. This means that a 200 OK\n response can contain either a success or an error. If you call the S3 API directly, make\n sure to design your application to parse the contents of the response and handle it\n appropriately. If you use Amazon Web Services SDKs, SDKs handle this condition. The SDKs detect the\n embedded error and apply error handling per your configuration settings (including\n automatically retrying the request as appropriate). If the condition persists, the SDKs\n throws an exception (or, for the SDKs that don't use exceptions, they return the\n error).
If the copy is successful, you receive a response with information about the copied\n object.
\nIf the request is an HTTP 1.1 request, the response is chunk encoded. If it were not,\n it would not contain the content-length, and you would need to read the entire\n body.
\nThe copy request charge is based on the storage class and Region that you specify for\n the destination object. For pricing information, see Amazon S3 pricing.
\nAmazon S3 transfer acceleration does not support cross-Region copies. If you request a\n cross-Region copy using a transfer acceleration endpoint, you get a 400 Bad\n Request error. For more information, see Transfer\n Acceleration.
When copying an object, you can preserve all metadata (the default) or specify new metadata.\n However, the access control list (ACL) is not preserved and is set to private for the user making the request. To\n override the default ACL setting, specify a new ACL when generating a copy request. For\n more information, see Using ACLs.
\nTo specify whether you want the object metadata copied from the source object or\n replaced with metadata provided in the request, you can optionally add the\n x-amz-metadata-directive header. When you grant permissions, you can use\n the s3:x-amz-metadata-directive condition key to enforce certain metadata\n behavior when objects are uploaded. For more information, see Specifying Conditions in a\n Policy in the Amazon S3 User Guide. For a complete list of\n Amazon S3-specific condition keys, see Actions, Resources, and Condition Keys for\n Amazon S3.
\n x-amz-website-redirect-location is unique to each object and must be\n specified in the request headers to copy the value.
To only copy an object under certain conditions, such as whether the Etag\n matches or whether the object was modified before or after a specified date, use the\n following request parameters:
\n x-amz-copy-source-if-match\n
\n x-amz-copy-source-if-none-match\n
\n x-amz-copy-source-if-unmodified-since\n
\n x-amz-copy-source-if-modified-since\n
If both the x-amz-copy-source-if-match and\n x-amz-copy-source-if-unmodified-since headers are present in the request\n and evaluate as follows, Amazon S3 returns 200 OK and copies the data:
\n x-amz-copy-source-if-match condition evaluates to true
\n x-amz-copy-source-if-unmodified-since condition evaluates to\n false
If both the x-amz-copy-source-if-none-match and\n x-amz-copy-source-if-modified-since headers are present in the request and\n evaluate as follows, Amazon S3 returns the 412 Precondition Failed response\n code:
\n x-amz-copy-source-if-none-match condition evaluates to false
\n x-amz-copy-source-if-modified-since condition evaluates to\n true
All headers with the x-amz- prefix, including\n x-amz-copy-source, must be signed.
Amazon S3 automatically encrypts all new objects that are copied to an S3 bucket. When\n copying an object, if you don't specify encryption information in your copy\n request, the encryption setting of the target object is set to the default\n encryption configuration of the destination bucket. By default, all buckets have a\n base level of encryption configuration that uses server-side encryption with Amazon S3\n managed keys (SSE-S3). If the destination bucket has a default encryption\n configuration that uses server-side encryption with Key Management Service (KMS) keys\n (SSE-KMS), dual-layer server-side encryption with Amazon Web Services KMS keys (DSSE-KMS), or\n server-side encryption with customer-provided encryption keys (SSE-C), Amazon S3 uses\n the corresponding KMS key, or a customer-provided key to encrypt the target\n object copy.
\nWhen you perform a CopyObject operation, if you want to use a different type\n of encryption setting for the target object, you can use other appropriate\n encryption-related headers to encrypt the target object with a KMS key, an Amazon S3 managed\n key, or a customer-provided key. With server-side encryption, Amazon S3 encrypts your data as it\n writes your data to disks in its data centers and decrypts the data when you access it. If the\n encryption setting in your request is different from the default encryption configuration\n of the destination bucket, the encryption setting in your request takes precedence. If the\n source object for the copy is stored in Amazon S3 using SSE-C, you must provide the necessary\n encryption information in your request so that Amazon S3 can decrypt the object for copying. For\n more information about server-side encryption, see Using Server-Side\n Encryption.
If a target object uses SSE-KMS, you can enable an S3 Bucket Key for the\n object. For more information, see Amazon S3 Bucket Keys in the\n Amazon S3 User Guide.
\nWhen copying an object, you can optionally use headers to grant ACL-based permissions.\n By default, all objects are private. Only the owner has full access control. When adding a\n new object, you can grant permissions to individual Amazon Web Services accounts or to predefined groups\n that are defined by Amazon S3. These permissions are then added to the ACL on the object. For more\n information, see Access Control List (ACL) Overview and Managing ACLs Using the REST\n API.
\nIf the bucket that you're copying objects to uses the bucket owner enforced setting for\n S3 Object Ownership, ACLs are disabled and no longer affect permissions. Buckets that use\n this setting only accept PUT requests that don't specify an ACL or PUT requests that\n specify bucket owner full control ACLs, such as the bucket-owner-full-control\n canned ACL or an equivalent form of this ACL expressed in the XML format.
For more information, see Controlling ownership of\n objects and disabling ACLs in the Amazon S3 User Guide.
\nIf your bucket uses the bucket owner enforced setting for Object Ownership, all\n objects written to the bucket by any account will be owned by the bucket owner.
\nWhen copying an object, if it has a checksum, that checksum will be copied to the new\n object by default. When you copy the object over, you can optionally specify a different\n checksum algorithm to use with the x-amz-checksum-algorithm header.
You can use the CopyObject action to change the storage class of an object\n that is already stored in Amazon S3 by using the StorageClass parameter. For more\n information, see Storage Classes in the\n Amazon S3 User Guide.
If the source object's storage class is GLACIER, you must restore a copy of\n this object before you can use it as a source object for the copy operation. For\n more information, see RestoreObject. For\n more information, see Copying\n Objects.
\nBy default, x-amz-copy-source header identifies the current version of an object\n to copy. If the current version is a delete marker, Amazon S3 behaves as if the object was\n deleted. To copy a different version, use the versionId subresource.
If you enable versioning on the target bucket, Amazon S3 generates a unique version ID for\n the object being copied. This version ID is different from the version ID of the source\n object. Amazon S3 returns the version ID of the copied object in the\n x-amz-version-id response header in the response.
If you do not enable versioning or suspend it on the target bucket, the version ID that\n Amazon S3 generates is always null.
\nThe following operations are related to CopyObject:
The server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms).
The server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms, aws:kms:dsse).
If present, specifies the ID of the Amazon Web Services Key Management Service (Amazon Web Services KMS) symmetric\n encryption customer managed key that was used for the object.
", + "smithy.api#documentation": "If present, specifies the ID of the Key Management Service (KMS) symmetric encryption customer managed key\n that was used for the object.
", "smithy.api#httpHeader": "x-amz-server-side-encryption-aws-kms-key-id" } }, @@ -20413,7 +21918,7 @@ "target": "com.amazonaws.s3#BucketKeyEnabled", "traits": { "smithy.api#default": false, - "smithy.api#documentation": "Indicates whether the copied object uses an S3 Bucket Key for server-side encryption\n with Amazon Web Services KMS (SSE-KMS).
", + "smithy.api#documentation": "Indicates whether the copied object uses an S3 Bucket Key for server-side encryption\n with Key Management Service (KMS) keys (SSE-KMS).
", "smithy.api#httpHeader": "x-amz-server-side-encryption-bucket-key-enabled" } }, @@ -20594,7 +22099,7 @@ "ServerSideEncryption": { "target": "com.amazonaws.s3#ServerSideEncryption", "traits": { - "smithy.api#documentation": "The server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms).
The server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms, aws:kms:dsse).
Specifies the Amazon Web Services KMS key ID to use for object encryption. All GET and PUT requests\n for an object protected by Amazon Web Services KMS will fail if not made via SSL or using SigV4. For\n information about configuring using any of the officially supported Amazon Web Services SDKs and Amazon Web Services\n CLI, see Specifying the\n Signature Version in Request Authentication in the\n Amazon S3 User Guide.
", + "smithy.api#documentation": "Specifies the KMS key ID to use for object encryption. All GET and PUT requests for an\n object protected by KMS will fail if they're not made via SSL or using SigV4. For\n information about configuring any of the officially supported Amazon Web Services SDKs and Amazon Web Services CLI, see\n Specifying the\n Signature Version in Request Authentication in the\n Amazon S3 User Guide.
", "smithy.api#httpHeader": "x-amz-server-side-encryption-aws-kms-key-id" } }, @@ -20651,7 +22156,7 @@ "target": "com.amazonaws.s3#BucketKeyEnabled", "traits": { "smithy.api#default": false, - "smithy.api#documentation": "Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with\n server-side encryption using AWS KMS (SSE-KMS). Setting this header to true\n causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS.
Specifying this header with a COPY action doesn’t affect bucket-level settings for S3\n Bucket Key.
", + "smithy.api#documentation": "Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with\n server-side encryption using Key Management Service (KMS) keys (SSE-KMS). Setting this header to\n true causes Amazon S3 to use an S3 Bucket Key for object encryption with\n SSE-KMS.
Specifying this header with a COPY action doesn’t affect bucket-level settings for S3\n Bucket Key.
", "smithy.api#httpHeader": "x-amz-server-side-encryption-bucket-key-enabled" } }, @@ -20870,7 +22375,19 @@ } ], "traits": { - "smithy.api#documentation": "Creates a new S3 bucket. To create a bucket, you must register with Amazon S3 and have a\n valid Amazon Web Services Access Key ID to authenticate requests. Anonymous requests are never allowed to\n create buckets. By creating the bucket, you become the bucket owner.
\nNot every string is an acceptable bucket name. For information about bucket naming\n restrictions, see Bucket naming\n rules.
\nIf you want to create an Amazon S3 on Outposts bucket, see Create Bucket.
\nBy default, the bucket is created in the US East (N. Virginia) Region. You can\n optionally specify a Region in the request body. You might choose a Region to optimize\n latency, minimize costs, or address regulatory requirements. For example, if you reside in\n Europe, you will probably find it advantageous to create buckets in the Europe (Ireland)\n Region. For more information, see Accessing a\n bucket.
\nIf you send your create bucket request to the s3.amazonaws.com endpoint,\n the request goes to the us-east-1 Region. Accordingly, the signature calculations in\n Signature Version 4 must use us-east-1 as the Region, even if the location constraint in\n the request specifies another Region where the bucket is to be created. If you create a\n bucket in a Region other than US East (N. Virginia), your application must be able to\n handle 307 redirect. For more information, see Virtual hosting of\n buckets.
When creating a bucket using this operation, you can optionally configure the bucket ACL\n to specify the accounts or groups that should be granted specific permissions on the\n bucket.
\nIf your CreateBucket request sets bucket owner enforced for S3 Object Ownership and\n specifies a bucket ACL that provides access to an external Amazon Web Services account, your request\n fails with a 400 error and returns the\n InvalidBucketAclWithObjectOwnership error code. For more information,\n see Controlling object\n ownership in the Amazon S3 User Guide.
There are two ways to grant the appropriate permissions using the request\n headers.
\nSpecify a canned ACL using the x-amz-acl request header. Amazon S3\n supports a set of predefined ACLs, known as canned ACLs. Each\n canned ACL has a predefined set of grantees and permissions. For more information,\n see Canned ACL.
Specify access permissions explicitly using the x-amz-grant-read,\n x-amz-grant-write, x-amz-grant-read-acp,\n x-amz-grant-write-acp, and x-amz-grant-full-control\n headers. These headers map to the set of permissions Amazon S3 supports in an ACL. For\n more information, see Access control list (ACL)\n overview.
You specify each grantee as a type=value pair, where the type is one of the\n following:
\n\n id – if the value specified is the canonical user ID of an\n Amazon Web Services account
\n uri – if you are granting permissions to a predefined\n group
\n emailAddress – if the value specified is the email address of\n an Amazon Web Services account
Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:
\nUS East (N. Virginia)
\nUS West (N. California)
\nUS West (Oregon)
\nAsia Pacific (Singapore)
\nAsia Pacific (Sydney)
\nAsia Pacific (Tokyo)
\nEurope (Ireland)
\nSouth America (São Paulo)
\nFor a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.
\nFor example, the following x-amz-grant-read header grants the Amazon Web Services accounts identified by account IDs permissions to read object data and its metadata:
\n x-amz-grant-read: id=\"11112222333\", id=\"444455556666\" \n
You can use either a canned ACL or specify access permissions explicitly. You cannot\n do both.
\nIn addition to s3:CreateBucket, the following permissions are required when\n your CreateBucket includes specific headers:
\n ACLs - If your CreateBucket request\n specifies ACL permissions and the ACL is public-read, public-read-write,\n authenticated-read, or if you specify access permissions explicitly through any other\n ACL, both s3:CreateBucket and s3:PutBucketAcl permissions\n are needed. If the ACL the CreateBucket request is private or doesn't\n specify any ACLs, only s3:CreateBucket permission is needed.
\n Object Lock - If\n ObjectLockEnabledForBucket is set to true in your\n CreateBucket request,\n s3:PutBucketObjectLockConfiguration and\n s3:PutBucketVersioning permissions are required.
\n S3 Object Ownership - If your CreateBucket\n request includes the x-amz-object-ownership header,\n s3:PutBucketOwnershipControls permission is required.
The following operations are related to CreateBucket:
\n PutObject\n
\n\n DeleteBucket\n
\nCreates a new S3 bucket. To create a bucket, you must register with Amazon S3 and have a\n valid Amazon Web Services Access Key ID to authenticate requests. Anonymous requests are never allowed to\n create buckets. By creating the bucket, you become the bucket owner.
\nNot every string is an acceptable bucket name. For information about bucket naming\n restrictions, see Bucket naming\n rules.
\nIf you want to create an Amazon S3 on Outposts bucket, see Create Bucket.
\nBy default, the bucket is created in the US East (N. Virginia) Region. You can\n optionally specify a Region in the request body. You might choose a Region to optimize\n latency, minimize costs, or address regulatory requirements. For example, if you reside in\n Europe, you will probably find it advantageous to create buckets in the Europe (Ireland)\n Region. For more information, see Accessing a\n bucket.
\nIf you send your create bucket request to the s3.amazonaws.com endpoint,\n the request goes to the us-east-1 Region. Accordingly, the signature calculations in\n Signature Version 4 must use us-east-1 as the Region, even if the location constraint in\n the request specifies another Region where the bucket is to be created. If you create a\n bucket in a Region other than US East (N. Virginia), your application must be able to\n handle 307 redirect. For more information, see Virtual hosting of\n buckets.
In addition to s3:CreateBucket, the following permissions are required when\n your CreateBucket request includes specific headers:
\n Access control lists (ACLs) - If your CreateBucket request\n specifies access control list (ACL) permissions and the ACL is public-read, public-read-write,\n authenticated-read, or if you specify access permissions explicitly through any other\n ACL, both s3:CreateBucket and s3:PutBucketAcl permissions\n are needed. If the ACL for the CreateBucket request is private or if the request doesn't\n specify any ACLs, only s3:CreateBucket permission is needed.
\n Object Lock - If ObjectLockEnabledForBucket is set to true in your\n CreateBucket request,\n s3:PutBucketObjectLockConfiguration and\n s3:PutBucketVersioning permissions are required.
\n S3 Object Ownership - If your CreateBucket request includes the x-amz-object-ownership header, then the\n s3:PutBucketOwnershipControls permission is required. By default, ObjectOwnership is set to BucketOWnerEnforced and ACLs are disabled. We recommend keeping\n ACLs disabled, except in uncommon use cases where you must control access for each object individually. If you want to change the ObjectOwnership setting, you can use the \n x-amz-object-ownership header in your CreateBucket request to set the ObjectOwnership setting of your choice.\n For more information about S3 Object Ownership, see Controlling object\n ownership in the Amazon S3 User Guide.
\n S3 Block Public Access - If your specific use case requires granting public access to your S3 resources, you can disable Block Public Access. You can create a new bucket with Block Public Access enabled, then separately call the \n DeletePublicAccessBlock\n API. To use this operation, you must have the\n s3:PutBucketPublicAccessBlock permission. By default, all Block\n Public Access settings are enabled for new buckets. To avoid inadvertent exposure of\n your resources, we recommend keeping the S3 Block Public Access settings enabled. For more information about S3 Block Public Access, see Blocking public\n access to your Amazon S3 storage in the Amazon S3 User Guide.
If your CreateBucket request sets BucketOwnerEnforced for Amazon S3 Object Ownership\n and specifies a bucket ACL that provides access to an external Amazon Web Services account, your request fails with a 400 error and returns the InvalidBucketAcLWithObjectOwnership error code. For more information,\n see Setting Object\n Ownership on an existing bucket in the Amazon S3 User Guide.
The following operations are related to CreateBucket:
\n PutObject\n
\n\n DeleteBucket\n
\nThis action initiates a multipart upload and returns an upload ID. This upload ID is\n used to associate all of the parts in the specific multipart upload. You specify this\n upload ID in each of your subsequent upload part requests (see UploadPart). You also include this\n upload ID in the final request to either complete or abort the multipart upload\n request.
\nFor more information about multipart uploads, see Multipart Upload Overview.
\nIf you have configured a lifecycle rule to abort incomplete multipart uploads, the\n upload must complete within the number of days specified in the bucket lifecycle\n configuration. Otherwise, the incomplete multipart upload becomes eligible for an abort\n action and Amazon S3 aborts the multipart upload. For more information, see Aborting Incomplete Multipart Uploads Using a Bucket Lifecycle Configuration.
\nFor information about the permissions required to use the multipart upload API, see\n Multipart\n Upload and Permissions.
\nFor request signing, multipart upload is just a series of regular requests. You initiate\n a multipart upload, send one or more requests to upload parts, and then complete the\n multipart upload process. You sign each request individually. There is nothing special\n about signing multipart upload requests. For more information about signing, see Authenticating Requests (Amazon Web Services Signature Version 4).
\nAfter you initiate a multipart upload and upload one or more parts, to stop being\n charged for storing the uploaded parts, you must either complete or abort the multipart\n upload. Amazon S3 frees up the space used to store the parts and stop charging you for\n storing them only after you either complete or abort a multipart upload.
\nServer-side encryption is for data encryption at rest. Amazon S3 encrypts your data as it\n writes it to disks in its data centers and decrypts it when you access it. Amazon S3\n automatically encrypts all new objects that are uploaded to an S3 bucket. When doing a\n multipart upload, if you don't specify encryption information in your request, the\n encryption setting of the uploaded parts is set to the default encryption configuration of\n the destination bucket. By default, all buckets have a base level of encryption\n configuration that uses server-side encryption with Amazon S3 managed keys (SSE-S3). If the\n destination bucket has a default encryption configuration that uses server-side encryption\n with an Key Management Service (KMS) key (SSE-KMS), or a customer-provided encryption key (SSE-C),\n Amazon S3 uses the corresponding KMS key, or a customer-provided key to encrypt the uploaded\n parts. When you perform a CreateMultipartUpload operation, if you want to use a different\n type of encryption setting for the uploaded parts, you can request that Amazon S3 encrypts the\n object with a KMS key, an Amazon S3 managed key, or a customer-provided key. If the encryption\n setting in your request is different from the default encryption configuration of the\n destination bucket, the encryption setting in your request takes precedence. If you choose\n to provide your own encryption key, the request headers you provide in UploadPart\n and UploadPartCopy requests must match the headers you used in the request to\n initiate the upload by using CreateMultipartUpload. You can request that Amazon S3\n save the uploaded parts encrypted with server-side encryption with an Amazon S3 managed key\n (SSE-S3), an Key Management Service (KMS) key (SSE-KMS), or a customer-provided encryption key\n (SSE-C).
To perform a multipart upload with encryption by using an Amazon Web Services KMS key, the requester\n must have permission to the kms:Decrypt and kms:GenerateDataKey*\n actions on the key. These permissions are required because Amazon S3 must decrypt and read data\n from the encrypted file parts before it completes the multipart upload. For more\n information, see Multipart upload API\n and permissions and Protecting data using\n server-side encryption with Amazon Web Services KMS in the\n Amazon S3 User Guide.
If your Identity and Access Management (IAM) user or role is in the same Amazon Web Services account as the KMS key,\n then you must have these permissions on the key policy. If your IAM user or role belongs\n to a different account than the key, then you must have the permissions on both the key\n policy and your IAM user or role.
\nFor more information, see Protecting Data Using Server-Side\n Encryption.
\nWhen copying an object, you can optionally specify the accounts or groups that\n should be granted specific permissions on the new object. There are two ways to\n grant the permissions using the request headers:
\nSpecify a canned ACL with the x-amz-acl request header. For\n more information, see Canned\n ACL.
Specify access permissions explicitly with the\n x-amz-grant-read, x-amz-grant-read-acp,\n x-amz-grant-write-acp, and\n x-amz-grant-full-control headers. These parameters map to\n the set of permissions that Amazon S3 supports in an ACL. For more information,\n see Access Control List (ACL) Overview.
You can use either a canned ACL or specify access permissions explicitly. You\n cannot do both.
\nAmazon S3 encrypts data\n by using server-side encryption with an Amazon S3 managed key (SSE-S3) by default. Server-side encryption is for data encryption at rest. Amazon S3 encrypts\n your data as it writes it to disks in its data centers and decrypts it when you\n access it. You can request that Amazon S3 encrypts\n data at rest by using server-side encryption with other key options. The option you use depends on\n whether you want to use KMS keys (SSE-KMS) or provide your own encryption keys\n (SSE-C).
\nUse KMS keys (SSE-KMS) that include the Amazon Web Services managed key\n (aws/s3) and KMS customer managed keys stored in Key Management Service (KMS) – If you\n want Amazon Web Services to manage the keys used to encrypt data, specify the following\n headers in the request.
\n x-amz-server-side-encryption\n
\n x-amz-server-side-encryption-aws-kms-key-id\n
\n x-amz-server-side-encryption-context\n
If you specify x-amz-server-side-encryption:aws:kms, but\n don't provide x-amz-server-side-encryption-aws-kms-key-id,\n Amazon S3 uses the Amazon Web Services managed key (aws/s3 key) in KMS to\n protect the data.
All GET and PUT requests for an object protected\n by KMS fail if you don't make them by using Secure Sockets Layer (SSL),\n Transport Layer Security (TLS), or Signature Version 4.
For more information about server-side encryption with KMS keys\n (SSE-KMS), see Protecting Data\n Using Server-Side Encryption with KMS keys.
\nUse customer-provided encryption keys (SSE-C) – If you want to manage\n your own encryption keys, provide all the following headers in the\n request.
\n\n x-amz-server-side-encryption-customer-algorithm\n
\n x-amz-server-side-encryption-customer-key\n
\n x-amz-server-side-encryption-customer-key-MD5\n
For more information about server-side encryption with customer-provided\n encryption keys (SSE-C), see \n Protecting data using server-side encryption with customer-provided\n encryption keys (SSE-C).
\nYou also can use the following access control–related headers with this\n operation. By default, all objects are private. Only the owner has full access\n control. When adding a new object, you can grant permissions to individual\n Amazon Web Services accounts or to predefined groups defined by Amazon S3. These permissions are then\n added to the access control list (ACL) on the object. For more information, see\n Using ACLs. With this operation, you can grant access permissions\n using one of the following two methods:
\nSpecify a canned ACL (x-amz-acl) — Amazon S3 supports a set of\n predefined ACLs, known as canned ACLs. Each canned ACL\n has a predefined set of grantees and permissions. For more information, see\n Canned\n ACL.
Specify access permissions explicitly — To explicitly grant access\n permissions to specific Amazon Web Services accounts or groups, use the following headers.\n Each header maps to specific permissions that Amazon S3 supports in an ACL. For\n more information, see Access Control List (ACL)\n Overview. In the header, you specify a list of grantees who get\n the specific permission. To grant permissions explicitly, use:
\n\n x-amz-grant-read\n
\n x-amz-grant-write\n
\n x-amz-grant-read-acp\n
\n x-amz-grant-write-acp\n
\n x-amz-grant-full-control\n
You specify each grantee as a type=value pair, where the type is one of\n the following:
\n\n id – if the value specified is the canonical user ID\n of an Amazon Web Services account
\n uri – if you are granting permissions to a predefined\n group
\n emailAddress – if the value specified is the email\n address of an Amazon Web Services account
Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:
\nUS East (N. Virginia)
\nUS West (N. California)
\nUS West (Oregon)
\nAsia Pacific (Singapore)
\nAsia Pacific (Sydney)
\nAsia Pacific (Tokyo)
\nEurope (Ireland)
\nSouth America (São Paulo)
\nFor a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.
\nFor example, the following x-amz-grant-read header grants the Amazon Web Services accounts identified by account IDs permissions to read object data and its metadata:
\n x-amz-grant-read: id=\"11112222333\", id=\"444455556666\" \n
The following operations are related to CreateMultipartUpload:
\n UploadPart\n
\n\n AbortMultipartUpload\n
\n\n ListParts\n
\n\n ListMultipartUploads\n
\nThe server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms).
The server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms).
If present, specifies the ID of the Amazon Web Services Key Management Service (Amazon Web Services KMS) symmetric\n encryption customer managed key that was used for the object.
", + "smithy.api#documentation": "If present, specifies the ID of the Key Management Service (KMS) symmetric encryption customer managed key\n that was used for the object.
", "smithy.api#httpHeader": "x-amz-server-side-encryption-aws-kms-key-id" } }, @@ -21087,7 +22619,7 @@ "target": "com.amazonaws.s3#BucketKeyEnabled", "traits": { "smithy.api#default": false, - "smithy.api#documentation": "Indicates whether the multipart upload uses an S3 Bucket Key for server-side encryption\n with Amazon Web Services KMS (SSE-KMS).
", + "smithy.api#documentation": "Indicates whether the multipart upload uses an S3 Bucket Key for server-side encryption\n with Key Management Service (KMS) keys (SSE-KMS).
", "smithy.api#httpHeader": "x-amz-server-side-encryption-bucket-key-enabled" } }, @@ -21219,7 +22751,7 @@ "ServerSideEncryption": { "target": "com.amazonaws.s3#ServerSideEncryption", "traits": { - "smithy.api#documentation": "The server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms).
The server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms).
Specifies the ID of the symmetric encryption customer managed key to use for object encryption.\n All GET and PUT requests for an object protected by Amazon Web Services KMS will fail if not made via SSL\n or using SigV4. For information about configuring using any of the officially supported\n Amazon Web Services SDKs and Amazon Web Services CLI, see Specifying the Signature Version in Request Authentication\n in the Amazon S3 User Guide.
", + "smithy.api#documentation": "Specifies the ID of the symmetric encryption customer managed key to use for object encryption.\n All GET and PUT requests for an object protected by KMS will fail if they're not made via\n SSL or using SigV4. For information about configuring any of the officially supported Amazon Web Services\n SDKs and Amazon Web Services CLI, see Specifying the Signature Version in Request Authentication\n in the Amazon S3 User Guide.
", "smithy.api#httpHeader": "x-amz-server-side-encryption-aws-kms-key-id" } }, @@ -21276,7 +22808,7 @@ "target": "com.amazonaws.s3#BucketKeyEnabled", "traits": { "smithy.api#default": false, - "smithy.api#documentation": "Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with\n server-side encryption using AWS KMS (SSE-KMS). Setting this header to true\n causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS.
Specifying this header with an object action doesn’t affect bucket-level settings for S3\n Bucket Key.
", + "smithy.api#documentation": "Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with\n server-side encryption using Key Management Service (KMS) keys (SSE-KMS). Setting this header to\n true causes Amazon S3 to use an S3 Bucket Key for object encryption with\n SSE-KMS.
Specifying this header with an object action doesn’t affect bucket-level settings for S3\n Bucket Key.
", "smithy.api#httpHeader": "x-amz-server-side-encryption-bucket-key-enabled" } }, @@ -21388,7 +22920,7 @@ "Objects": { "target": "com.amazonaws.s3#ObjectIdentifierList", "traits": { - "smithy.api#documentation": "The objects to delete.
", + "smithy.api#documentation": "The object to delete.
", "smithy.api#required": {}, "smithy.api#xmlFlattened": {}, "smithy.api#xmlName": "Object" @@ -21416,6 +22948,15 @@ }, "traits": { "smithy.api#documentation": "Deletes the S3 bucket. All objects (including all object versions and delete markers) in\n the bucket must be deleted before the bucket itself can be deleted.
\nThe following operations are related to DeleteBucket:
\n CreateBucket\n
\n\n DeleteObject\n
\nDeletes the cors configuration information set for the bucket.
To use this operation, you must have permission to perform the\n s3:PutBucketCORS action. The bucket owner has this permission by default\n and can grant this permission to others.
For information about cors, see Enabling Cross-Origin Resource Sharing in\n the Amazon S3 User Guide.
The following operations are related to DeleteBucketCors:
\n PutBucketCors\n
\n\n RESTOPTIONSobject\n
\nDeletes the cors configuration information set for the bucket.
To use this operation, you must have permission to perform the\n s3:PutBucketCORS action. The bucket owner has this permission by default\n and can grant this permission to others.
For information about cors, see Enabling Cross-Origin Resource Sharing in\n the Amazon S3 User Guide.
\n Related Resources\n
\n\n PutBucketCors\n
\n\n RESTOPTIONSobject\n
\nDeletes the lifecycle configuration from the specified bucket. Amazon S3 removes all the\n lifecycle configuration rules in the lifecycle subresource associated with the bucket. Your\n objects never expire, and Amazon S3 no longer automatically deletes any objects on the basis of\n rules contained in the deleted lifecycle configuration.
\nTo use this operation, you must have permission to perform the\n s3:PutLifecycleConfiguration action. By default, the bucket owner has this\n permission and the bucket owner can grant this permission to others.
There is usually some time lag before lifecycle configuration deletion is fully\n propagated to all the Amazon S3 systems.
\nFor more information about the object expiration, see Elements to Describe Lifecycle Actions.
\nRelated actions include:
\nThis implementation of the DELETE action uses the policy subresource to delete the\n policy of a specified bucket. If you are using an identity other than the root user of the\n Amazon Web Services account that owns the bucket, the calling identity must have the\n DeleteBucketPolicy permissions on the specified bucket and belong to the\n bucket owner's account to use this operation.
If you don't have DeleteBucketPolicy permissions, Amazon S3 returns a 403\n Access Denied error. If you have the correct permissions, but you're not using an\n identity that belongs to the bucket owner's account, Amazon S3 returns a 405 Method Not\n Allowed error.
To ensure that bucket owners don't inadvertently lock themselves out of their own\n buckets, the root principal in a bucket owner's Amazon Web Services account can perform the\n GetBucketPolicy, PutBucketPolicy, and\n DeleteBucketPolicy API actions, even if their bucket policy explicitly\n denies the root principal's access. Bucket owner root principals can only be blocked from performing \n these API actions by VPC endpoint policies and Amazon Web Services Organizations policies.
For more information about bucket policies, see Using Bucket Policies and\n UserPolicies.
\nThe following operations are related to DeleteBucketPolicy\n
\n CreateBucket\n
\n\n DeleteObject\n
\nDeletes the replication configuration from the bucket.
\nTo use this operation, you must have permissions to perform the\n s3:PutReplicationConfiguration action. The bucket owner has these\n permissions by default and can grant it to others. For more information about permissions,\n see Permissions Related to Bucket Subresource Operations and Managing\n Access Permissions to Your Amazon S3 Resources.
It can take a while for the deletion of a replication configuration to fully\n propagate.
\nFor information about replication configuration, see Replication in the\n Amazon S3 User Guide.
\nThe following operations are related to DeleteBucketReplication:
\n PutBucketReplication\n
\n\n GetBucketReplication\n
\nDeletes the tags from the bucket.
\nTo use this operation, you must have permission to perform the\n s3:PutBucketTagging action. By default, the bucket owner has this\n permission and can grant this permission to others.
The following operations are related to DeleteBucketTagging:
\n GetBucketTagging\n
\n\n PutBucketTagging\n
\nThis action removes the website configuration for a bucket. Amazon S3 returns a 200\n OK response upon successfully deleting a website configuration on the specified\n bucket. You will get a 200 OK response if the website configuration you are\n trying to delete does not exist on the bucket. Amazon S3 returns a 404 response if\n the bucket specified in the request does not exist.
This DELETE action requires the S3:DeleteBucketWebsite permission. By\n default, only the bucket owner can delete the website configuration attached to a bucket.\n However, bucket owners can grant other users permission to delete the website configuration\n by writing a bucket policy granting them the S3:DeleteBucketWebsite\n permission.
For more information about hosting websites, see Hosting Websites on Amazon S3.
\nThe following operations are related to DeleteBucketWebsite:
\n GetBucketWebsite\n
\n\n PutBucketWebsite\n
\nRemoves the null version (if there is one) of an object and inserts a delete marker,\n which becomes the latest version of the object. If there isn't a null version, Amazon S3 does\n not remove any objects but will still respond that the command was successful.
\nTo remove a specific version, you must use the version Id subresource. Using this\n subresource permanently deletes the version. If the object deleted is a delete marker, Amazon S3\n sets the response header, x-amz-delete-marker, to true.
If the object you want to delete is in a bucket where the bucket versioning\n configuration is MFA Delete enabled, you must include the x-amz-mfa request\n header in the DELETE versionId request. Requests that include\n x-amz-mfa must use HTTPS.
For more information about MFA Delete, see Using MFA Delete. To see sample\n requests that use versioning, see Sample\n Request.
\nYou can delete objects by explicitly calling DELETE Object or configure its lifecycle\n (PutBucketLifecycle) to enable Amazon S3 to remove them for you. If you want to block\n users or accounts from removing or deleting objects from your bucket, you must deny them\n the s3:DeleteObject, s3:DeleteObjectVersion, and\n s3:PutLifeCycleConfiguration actions.
The following action is related to DeleteObject:
\n PutObject\n
\nRemoves the entire tag set from the specified object. For more information about\n managing object tags, see Object Tagging.
\nTo use this operation, you must have permission to perform the\n s3:DeleteObjectTagging action.
To delete tags of a specific object version, add the versionId query\n parameter in the request. You will need permission for the\n s3:DeleteObjectVersionTagging action.
The following operations are related to DeleteObjectTagging:
\n PutObjectTagging\n
\n\n GetObjectTagging\n
\nIf the encryption type is aws:kms, this optional value specifies the ID of\n the symmetric encryption customer managed key to use for encryption of job results. Amazon S3 only\n supports symmetric encryption KMS keys. For more information, see Asymmetric keys in Amazon Web Services KMS in the Amazon Web Services Key Management Service\n Developer Guide.
If the encryption type is aws:kms, this optional value specifies the ID of\n the symmetric encryption customer managed key to use for encryption of job results. Amazon S3 only\n supports symmetric encryption KMS keys. For more information, see Asymmetric keys in KMS in the Amazon Web Services Key Management Service\n Developer Guide.
The accelerate configuration of the bucket.
" } + }, + "RequestCharged": { + "target": "com.amazonaws.s3#RequestCharged", + "traits": { + "smithy.api#httpHeader": "x-amz-request-charged" + } } }, "traits": { @@ -23051,6 +24677,12 @@ "smithy.api#documentation": "The account ID of the expected bucket owner. If the bucket is owned by a different account, the request fails with the HTTP status code 403 Forbidden (access denied).
Returns the Cross-Origin Resource Sharing (CORS) configuration information set for the\n bucket.
\n To use this operation, you must have permission to perform the\n s3:GetBucketCORS action. By default, the bucket owner has this permission\n and can grant it to others.
To use this API operation against an access point, provide the alias of the access point in place of the bucket name.
\nTo use this API operation against an Object Lambda access point, provide the alias of the Object Lambda access point in place of the bucket name. \nIf the Object Lambda access point alias in a request is not valid, the error code InvalidAccessPointAliasError is returned. \nFor more information about InvalidAccessPointAliasError, see List of\n Error Codes.
For more information about CORS, see Enabling Cross-Origin Resource\n Sharing.
\nThe following operations are related to GetBucketCors:
\n PutBucketCors\n
\n\n DeleteBucketCors\n
\nReturns the default encryption configuration for an Amazon S3 bucket. By default, all buckets have a default encryption configuration that\n uses server-side encryption with Amazon S3 managed keys (SSE-S3). For information\n about the bucket default encryption feature, see Amazon S3 Bucket\n Default Encryption in the Amazon S3 User Guide.
\nTo use this operation, you must have permission to perform the\n s3:GetEncryptionConfiguration action. The bucket owner has this permission\n by default. The bucket owner can grant this permission to others. For more information\n about permissions, see Permissions Related to Bucket Subresource Operations and Managing\n Access Permissions to Your Amazon S3 Resources.
The following operations are related to GetBucketEncryption:
\n PutBucketEncryption\n
\nReturns the default encryption configuration for an Amazon S3 bucket. By default, all buckets\n have a default encryption configuration that uses server-side encryption with Amazon S3 managed\n keys (SSE-S3). For information about the bucket default encryption feature, see Amazon S3 Bucket\n Default Encryption in the Amazon S3 User Guide.
\nTo use this operation, you must have permission to perform the\n s3:GetEncryptionConfiguration action. The bucket owner has this permission\n by default. The bucket owner can grant this permission to others. For more information\n about permissions, see Permissions Related to Bucket Subresource Operations and Managing\n Access Permissions to Your Amazon S3 Resources.
The following operations are related to GetBucketEncryption:
\n PutBucketEncryption\n
\nBucket lifecycle configuration now supports specifying a lifecycle rule using an\n object key name prefix, one or more object tags, or a combination of both. Accordingly,\n this section describes the latest API. The response describes the new filter element\n that you can use to specify a filter to select a subset of objects to which the rule\n applies. If you are using a previous version of the lifecycle configuration, it still\n works. For the earlier action, see GetBucketLifecycle.
\nReturns the lifecycle configuration information set on the bucket. For information about\n lifecycle configuration, see Object Lifecycle\n Management.
\nTo use this operation, you must have permission to perform the\n s3:GetLifecycleConfiguration action. The bucket owner has this permission,\n by default. The bucket owner can grant this permission to others. For more information\n about permissions, see Permissions Related to Bucket Subresource Operations and Managing\n Access Permissions to Your Amazon S3 Resources.
\n GetBucketLifecycleConfiguration has the following special error:
Error code: NoSuchLifecycleConfiguration\n
Description: The lifecycle configuration does not exist.
\nHTTP Status Code: 404 Not Found
\nSOAP Fault Code Prefix: Client
\nThe following operations are related to\n GetBucketLifecycleConfiguration:
\n GetBucketLifecycle\n
\n\n PutBucketLifecycle\n
\nReturns the Region the bucket resides in. You set the bucket's Region using the\n LocationConstraint request parameter in a CreateBucket\n request. For more information, see CreateBucket.
To use this API operation against an access point, provide the alias of the access point in place of the bucket name.
\nTo use this API operation against an Object Lambda access point, provide the alias of the Object Lambda access point in place of the bucket name. \nIf the Object Lambda access point alias in a request is not valid, the error code InvalidAccessPointAliasError is returned. \nFor more information about InvalidAccessPointAliasError, see List of\n Error Codes.
We recommend that you use HeadBucket to return the Region\n that a bucket resides in. For backward compatibility, Amazon S3 continues to support\n GetBucketLocation.
\nThe following operations are related to GetBucketLocation:
\n GetObject\n
\n\n CreateBucket\n
\nReturns the policy of a specified bucket. If you are using an identity other than the\n root user of the Amazon Web Services account that owns the bucket, the calling identity must have the\n GetBucketPolicy permissions on the specified bucket and belong to the\n bucket owner's account in order to use this operation.
If you don't have GetBucketPolicy permissions, Amazon S3 returns a 403\n Access Denied error. If you have the correct permissions, but you're not using an\n identity that belongs to the bucket owner's account, Amazon S3 returns a 405 Method Not\n Allowed error.
To ensure that bucket owners don't inadvertently lock themselves out of their own\n buckets, the root principal in a bucket owner's Amazon Web Services account can perform the\n GetBucketPolicy, PutBucketPolicy, and\n DeleteBucketPolicy API actions, even if their bucket policy explicitly\n denies the root principal's access. Bucket owner root principals can only be blocked from performing \n these API actions by VPC endpoint policies and Amazon Web Services Organizations policies.
To use this API operation against an access point, provide the alias of the access point in place of the bucket name.
\nTo use this API operation against an Object Lambda access point, provide the alias of the Object Lambda access point in place of the bucket name. \nIf the Object Lambda access point alias in a request is not valid, the error code InvalidAccessPointAliasError is returned. \nFor more information about InvalidAccessPointAliasError, see List of\n Error Codes.
For more information about bucket policies, see Using Bucket Policies and User\n Policies.
\nThe following action is related to GetBucketPolicy:
\n GetObject\n
\nReturns the replication configuration of a bucket.
\nIt can take a while to propagate the put or delete a replication configuration to\n all Amazon S3 systems. Therefore, a get request soon after put or delete can return a wrong\n result.
\nFor information about replication configuration, see Replication in the\n Amazon S3 User Guide.
\nThis action requires permissions for the s3:GetReplicationConfiguration\n action. For more information about permissions, see Using Bucket Policies and User\n Policies.
If you include the Filter element in a replication configuration, you must\n also include the DeleteMarkerReplication and Priority elements.\n The response also returns those elements.
For information about GetBucketReplication errors, see List of\n replication-related error codes\n
The following operations are related to GetBucketReplication:
\n PutBucketReplication\n
\nReturns the request payment configuration of a bucket. To use this version of the\n operation, you must be the bucket owner. For more information, see Requester Pays\n Buckets.
\nThe following operations are related to GetBucketRequestPayment:
\n ListObjects\n
\nReturns the tag set associated with the bucket.
\nTo use this operation, you must have permission to perform the\n s3:GetBucketTagging action. By default, the bucket owner has this\n permission and can grant this permission to others.
\n GetBucketTagging has the following special error:
Error code: NoSuchTagSet\n
Description: There is no tag set associated with the bucket.
\nThe following operations are related to GetBucketTagging:
\n PutBucketTagging\n
\n\n DeleteBucketTagging\n
\nReturns the versioning state of a bucket.
\nTo retrieve the versioning state of a bucket, you must be the bucket owner.
\nThis implementation also returns the MFA Delete status of the versioning state. If the\n MFA Delete status is enabled, the bucket owner must use an authentication\n device to change the versioning state of the bucket.
The following operations are related to GetBucketVersioning:
\n GetObject\n
\n\n PutObject\n
\n\n DeleteObject\n
\nReturns the website configuration for a bucket. To host website on Amazon S3, you can\n configure a bucket as website by adding a website configuration. For more information about\n hosting websites, see Hosting Websites on Amazon S3.
\nThis GET action requires the S3:GetBucketWebsite permission. By default,\n only the bucket owner can read the bucket website configuration. However, bucket owners can\n allow other users to read the website configuration by writing a bucket policy granting\n them the S3:GetBucketWebsite permission.
The following operations are related to GetBucketWebsite:
\n DeleteBucketWebsite\n
\n\n PutBucketWebsite\n
\nRetrieves objects from Amazon S3. To use GET, you must have READ\n access to the object. If you grant READ access to the anonymous user, you can\n return the object without using an authorization header.
An Amazon S3 bucket has no directory hierarchy such as you would find in a typical computer\n file system. You can, however, create a logical hierarchy by using object key names that\n imply a folder structure. For example, instead of naming an object sample.jpg,\n you can name it photos/2006/February/sample.jpg.
To get an object from such a logical hierarchy, specify the full key name for the object\n in the GET operation. For a virtual hosted-style request example, if you have\n the object photos/2006/February/sample.jpg, specify the resource as\n /photos/2006/February/sample.jpg. For a path-style request example, if you\n have the object photos/2006/February/sample.jpg in the bucket named\n examplebucket, specify the resource as\n /examplebucket/photos/2006/February/sample.jpg. For more information about\n request types, see HTTP Host\n Header Bucket Specification.
For more information about returning the ACL of an object, see GetObjectAcl.
\nIf the object you are retrieving is stored in the S3 Glacier or\n S3 Glacier Deep Archive storage class, or S3 Intelligent-Tiering Archive or\n S3 Intelligent-Tiering Deep Archive tiers, before you can retrieve the object you must first restore a\n copy using RestoreObject. Otherwise, this action returns an\n InvalidObjectState error. For information about restoring archived objects,\n see Restoring\n Archived Objects.
Encryption request headers, like x-amz-server-side-encryption, should not\n be sent for GET requests if your object uses server-side encryption with KMS keys\n (SSE-KMS) or server-side encryption with Amazon S3–managed encryption keys (SSE-S3). If your\n object does use these types of keys, you’ll get an HTTP 400 BadRequest error.
If you encrypt an object by using server-side encryption with customer-provided\n encryption keys (SSE-C) when you store the object in Amazon S3, then when you GET the object,\n you must use the following headers:
\nx-amz-server-side-encryption-customer-algorithm
\nx-amz-server-side-encryption-customer-key
\nx-amz-server-side-encryption-customer-key-MD5
\nFor more information about SSE-C, see Server-Side Encryption\n (Using Customer-Provided Encryption Keys).
\nAssuming you have the relevant permission to read object tags, the response also returns\n the x-amz-tagging-count header that provides the count of number of tags\n associated with the object. You can use GetObjectTagging to retrieve\n the tag set associated with an object.
You need the relevant read object (or version) permission for this operation. For more\n information, see Specifying Permissions in a\n Policy. If the object you request does not exist, the error Amazon S3 returns depends\n on whether you also have the s3:ListBucket permission.
If you have the s3:ListBucket permission on the bucket, Amazon S3 will\n return an HTTP status code 404 (\"no such key\") error.
If you don’t have the s3:ListBucket permission, Amazon S3 will return an\n HTTP status code 403 (\"access denied\") error.
By default, the GET action returns the current version of an object. To return a\n different version, use the versionId subresource.
If you supply a versionId, you need the\n s3:GetObjectVersion permission to access a specific version of an\n object. If you request a specific version, you do not need to have the\n s3:GetObject permission. If you request the current version\n without a specific version ID, only s3:GetObject permission is\n required. s3:GetObjectVersion permission won't be required.
If the current version of the object is a delete marker, Amazon S3 behaves as if the\n object was deleted and includes x-amz-delete-marker: true in the\n response.
For more information about versioning, see PutBucketVersioning.
\nThere are times when you want to override certain response header values in a GET\n response. For example, you might override the Content-Disposition response\n header value in your GET request.
You can override values for a set of response headers using the following query\n parameters. These response header values are sent only on a successful request, that is,\n when status code 200 OK is returned. The set of headers you can override using these\n parameters is a subset of the headers that Amazon S3 accepts when you create an object. The\n response headers that you can override for the GET response are Content-Type,\n Content-Language, Expires, Cache-Control,\n Content-Disposition, and Content-Encoding. To override these\n header values in the GET response, you use the following request parameters.
You must sign the request, either using an Authorization header or a presigned URL,\n when using these parameters. They cannot be used with an unsigned (anonymous)\n request.
\n\n response-content-type\n
\n response-content-language\n
\n response-expires\n
\n response-cache-control\n
\n response-content-disposition\n
\n response-content-encoding\n
If both of the If-Match and If-Unmodified-Since headers are\n present in the request as follows: If-Match condition evaluates to\n true, and; If-Unmodified-Since condition evaluates to\n false; then, S3 returns 200 OK and the data requested.
If both of the If-None-Match and If-Modified-Since headers are\n present in the request as follows: If-None-Match condition evaluates to\n false, and; If-Modified-Since condition evaluates to\n true; then, S3 returns 304 Not Modified response code.
For more information about conditional requests, see RFC 7232.
\nThe following operations are related to GetObject:
\n ListBuckets\n
\n\n GetObjectAcl\n
\nRetrieves objects from Amazon S3. To use GET, you must have READ\n access to the object. If you grant READ access to the anonymous user, you can\n return the object without using an authorization header.
An Amazon S3 bucket has no directory hierarchy such as you would find in a typical computer\n file system. You can, however, create a logical hierarchy by using object key names that\n imply a folder structure. For example, instead of naming an object sample.jpg,\n you can name it photos/2006/February/sample.jpg.
To get an object from such a logical hierarchy, specify the full key name for the object\n in the GET operation. For a virtual hosted-style request example, if you have\n the object photos/2006/February/sample.jpg, specify the resource as\n /photos/2006/February/sample.jpg. For a path-style request example, if you\n have the object photos/2006/February/sample.jpg in the bucket named\n examplebucket, specify the resource as\n /examplebucket/photos/2006/February/sample.jpg. For more information about\n request types, see HTTP Host\n Header Bucket Specification.
For more information about returning the ACL of an object, see GetObjectAcl.
\nIf the object you are retrieving is stored in the S3 Glacier Flexible Retrieval or\n S3 Glacier Deep Archive storage class, or S3 Intelligent-Tiering Archive or\n S3 Intelligent-Tiering Deep Archive tiers, before you can retrieve the object you must first restore a\n copy using RestoreObject. Otherwise, this action returns an\n InvalidObjectState error. For information about restoring archived objects,\n see Restoring\n Archived Objects.
Encryption request headers, like x-amz-server-side-encryption, should not\n be sent for GET requests if your object uses server-side encryption with Key Management Service (KMS)\n keys (SSE-KMS), dual-layer server-side encryption with Amazon Web Services KMS keys (DSSE-KMS), or\n server-side encryption with Amazon S3 managed encryption keys (SSE-S3). If your object does use\n these types of keys, you’ll get an HTTP 400 Bad Request error.
If you encrypt an object by using server-side encryption with customer-provided\n encryption keys (SSE-C) when you store the object in Amazon S3, then when you GET the object,\n you must use the following headers:
\n\n x-amz-server-side-encryption-customer-algorithm\n
\n x-amz-server-side-encryption-customer-key\n
\n x-amz-server-side-encryption-customer-key-MD5\n
For more information about SSE-C, see Server-Side Encryption\n (Using Customer-Provided Encryption Keys).
\nAssuming you have the relevant permission to read object tags, the response also returns\n the x-amz-tagging-count header that provides the count of number of tags\n associated with the object. You can use GetObjectTagging to retrieve\n the tag set associated with an object.
You need the relevant read object (or version) permission for this operation. For more\n information, see Specifying Permissions in a\n Policy. If the object that you request doesn’t exist, the error that Amazon S3 returns depends\n on whether you also have the s3:ListBucket permission.
If you have the s3:ListBucket permission on the bucket, Amazon S3\n returns an HTTP status code 404 (Not Found) error.
If you don’t have the s3:ListBucket permission, Amazon S3 returns an\n HTTP status code 403 (\"access denied\") error.
By default, the GET action returns the current version of an object. To return a\n different version, use the versionId subresource.
If you supply a versionId, you need the\n s3:GetObjectVersion permission to access a specific version of an\n object. If you request a specific version, you do not need to have the\n s3:GetObject permission. If you request the current version\n without a specific version ID, only s3:GetObject permission is\n required. s3:GetObjectVersion permission won't be required.
If the current version of the object is a delete marker, Amazon S3 behaves as if the\n object was deleted and includes x-amz-delete-marker: true in the\n response.
For more information about versioning, see PutBucketVersioning.
\nThere are times when you want to override certain response header values in a GET\n response. For example, you might override the Content-Disposition response\n header value in your GET request.
You can override values for a set of response headers using the following query\n parameters. These response header values are sent only on a successful request, that is,\n when status code 200 OK is returned. The set of headers you can override using these\n parameters is a subset of the headers that Amazon S3 accepts when you create an object. The\n response headers that you can override for the GET response are Content-Type,\n Content-Language, Expires, Cache-Control,\n Content-Disposition, and Content-Encoding. To override these\n header values in the GET response, you use the following request parameters.
You must sign the request, either using an Authorization header or a presigned URL,\n when using these parameters. They cannot be used with an unsigned (anonymous)\n request.
\n\n response-content-type\n
\n response-content-language\n
\n response-expires\n
\n response-cache-control\n
\n response-content-disposition\n
\n response-content-encoding\n
If both of the If-Match and If-Unmodified-Since headers are\n present in the request as follows: If-Match condition evaluates to\n true, and; If-Unmodified-Since condition evaluates to\n false; then, S3 returns 200 OK and the data requested.
If both of the If-None-Match and If-Modified-Since headers are\n present in the request as follows: If-None-Match condition evaluates to\n false, and; If-Modified-Since condition evaluates to\n true; then, S3 returns 304 Not Modified response code.
For more information about conditional requests, see RFC 7232.
\nThe following operations are related to GetObject:
\n ListBuckets\n
\n\n GetObjectAcl\n
\nReturns the access control list (ACL) of an object. To use this operation, you must have\n s3:GetObjectAcl permissions or READ_ACP access to the object.\n For more information, see Mapping of ACL permissions and access policy permissions in the Amazon S3\n User Guide\n
This action is not supported by Amazon S3 on Outposts.
\nBy default, GET returns ACL information about the current version of an object. To\n return ACL information about a different version, use the versionId subresource.
\nIf your bucket uses the bucket owner enforced setting for S3 Object Ownership,\n requests to read ACLs are still supported and return the\n bucket-owner-full-control ACL with the owner being the account that\n created the bucket. For more information, see Controlling object\n ownership and disabling ACLs in the\n Amazon S3 User Guide.
The following operations are related to GetObjectAcl:
\n GetObject\n
\n\n GetObjectAttributes\n
\n\n DeleteObject\n
\n\n PutObject\n
\nThe server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms).
The server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms, aws:kms:dsse).
If present, specifies the ID of the Amazon Web Services Key Management Service (Amazon Web Services KMS) symmetric\n encryption customer managed key that was used for the object.
", + "smithy.api#documentation": "If present, specifies the ID of the Key Management Service (KMS) symmetric encryption customer managed key\n that was used for the object.
", "smithy.api#httpHeader": "x-amz-server-side-encryption-aws-kms-key-id" } }, @@ -24900,7 +26742,7 @@ "target": "com.amazonaws.s3#BucketKeyEnabled", "traits": { "smithy.api#default": false, - "smithy.api#documentation": "Indicates whether the object uses an S3 Bucket Key for server-side encryption with Amazon Web Services\n KMS (SSE-KMS).
", + "smithy.api#documentation": "Indicates whether the object uses an S3 Bucket Key for server-side encryption with\n Key Management Service (KMS) keys (SSE-KMS).
", "smithy.api#httpHeader": "x-amz-server-side-encryption-bucket-key-enabled" } }, @@ -25221,6 +27063,29 @@ }, "traits": { "smithy.api#documentation": "Returns the tag-set of an object. You send the GET request against the tagging\n subresource associated with the object.
\nTo use this operation, you must have permission to perform the\n s3:GetObjectTagging action. By default, the GET action returns information\n about current version of an object. For a versioned bucket, you can have multiple versions\n of an object in your bucket. To retrieve tags of any other version, use the versionId query\n parameter. You also need permission for the s3:GetObjectVersionTagging\n action.
By default, the bucket owner has this permission and can grant this permission to\n others.
\nFor information about the Amazon S3 object tagging feature, see Object Tagging.
\nThe following actions are related to GetObjectTagging:
\n DeleteObjectTagging\n
\n\n GetObjectAttributes\n
\n\n PutObjectTagging\n
\nReturns torrent files from a bucket. BitTorrent can save you bandwidth when you're\n distributing large files.
\nYou can get torrent only for objects that are less than 5 GB in size, and that are\n not encrypted using server-side encryption with a customer-provided encryption\n key.
\nTo use GET, you must have READ access to the object.
\nThis action is not supported by Amazon S3 on Outposts.
\nThe following action is related to GetObjectTorrent:
\n GetObject\n
\nThis action is useful to determine if a bucket exists and you have permission to access\n it. The action returns a 200 OK if the bucket exists and you have permission\n to access it.
If the bucket does not exist or you do not have permission to access it, the\n HEAD request returns a generic 400 Bad Request, 403\n Forbidden or 404 Not Found code. A message body is not included, so\n you cannot determine the exception beyond these error codes.
To use this operation, you must have permissions to perform the\n s3:ListBucket action. The bucket owner has this permission by default and\n can grant this permission to others. For more information about permissions, see Permissions Related to Bucket Subresource Operations and Managing\n Access Permissions to Your Amazon S3 Resources.
To use this API operation against an access point, you must provide the alias of the access point in place of the\n bucket name or specify the access point ARN. When using the access point ARN, you must direct requests to\n the access point hostname. The access point hostname takes the form\n AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.\n When using the Amazon Web Services SDKs, you provide the ARN in place of the bucket name. For more\n information, see Using access points.
\nTo use this API operation against an Object Lambda access point, provide the alias of the Object Lambda access point in place of the bucket name. \nIf the Object Lambda access point alias in a request is not valid, the error code InvalidAccessPointAliasError is returned. \nFor more information about InvalidAccessPointAliasError, see List of\n Error Codes.
The HEAD action retrieves metadata from an object without returning the object itself.\n This action is useful if you're only interested in an object's metadata. To use HEAD, you\n must have READ access to the object.
\nA HEAD request has the same options as a GET action on an\n object. The response is identical to the GET response except that there is no\n response body. Because of this, if the HEAD request generates an error, it\n returns a generic 400 Bad Request, 403 Forbidden or 404 Not\n Found code. It is not possible to retrieve the exact exception beyond these error\n codes.
If you encrypt an object by using server-side encryption with customer-provided\n encryption keys (SSE-C) when you store the object in Amazon S3, then when you retrieve the\n metadata from the object, you must use the following headers:
\nx-amz-server-side-encryption-customer-algorithm
\nx-amz-server-side-encryption-customer-key
\nx-amz-server-side-encryption-customer-key-MD5
\nFor more information about SSE-C, see Server-Side Encryption\n (Using Customer-Provided Encryption Keys).
\nEncryption request headers, like x-amz-server-side-encryption,\n should not be sent for GET requests if your object uses server-side encryption\n with KMS keys (SSE-KMS) or server-side encryption with Amazon S3–managed encryption\n keys (SSE-S3). If your object does use these types of keys, you’ll get an HTTP 400\n BadRequest error.
The last modified property in this case is the creation date of the\n object.
\nRequest headers are limited to 8 KB in size. For more information, see Common\n Request Headers.
\nConsider the following when using request headers:
\n Consideration 1 – If both of the If-Match and\n If-Unmodified-Since headers are present in the request as\n follows:
\n If-Match condition evaluates to true, and;
\n If-Unmodified-Since condition evaluates to\n false;
Then Amazon S3 returns 200 OK and the data requested.
Consideration 2 – If both of the If-None-Match and\n If-Modified-Since headers are present in the request as\n follows:
\n If-None-Match condition evaluates to false,\n and;
\n If-Modified-Since condition evaluates to\n true;
Then Amazon S3 returns the 304 Not Modified response code.
For more information about conditional requests, see RFC 7232.
\nYou need the relevant read object (or version) permission for this operation. For more\n information, see Actions, resources, and condition keys for Amazon S3. \n If the object you request does not exist, the error Amazon S3 returns depends\n on whether you also have the s3:ListBucket permission.
\nIf you have the s3:ListBucket permission on the bucket, Amazon S3 returns\n an HTTP status code 404 (\"no such key\") error.
If you don’t have the s3:ListBucket permission, Amazon S3 returns an HTTP\n status code 403 (\"access denied\") error.
The following actions are related to HeadObject:
\n GetObject\n
\n\n GetObjectAttributes\n
\nThe HEAD action retrieves metadata from an object without returning the object itself.\n This action is useful if you're only interested in an object's metadata. To use HEAD, you\n must have READ access to the object.
A HEAD request has the same options as a GET action on an\n object. The response is identical to the GET response except that there is no\n response body. Because of this, if the HEAD request generates an error, it\n returns a generic 400 Bad Request, 403 Forbidden or 404 Not\n Found code. It is not possible to retrieve the exact exception beyond these error\n codes.
If you encrypt an object by using server-side encryption with customer-provided\n encryption keys (SSE-C) when you store the object in Amazon S3, then when you retrieve the\n metadata from the object, you must use the following headers:
\n\n x-amz-server-side-encryption-customer-algorithm\n
\n x-amz-server-side-encryption-customer-key\n
\n x-amz-server-side-encryption-customer-key-MD5\n
For more information about SSE-C, see Server-Side Encryption\n (Using Customer-Provided Encryption Keys).
\nEncryption request headers, like x-amz-server-side-encryption,\n should not be sent for GET requests if your object uses server-side\n encryption with Key Management Service (KMS) keys (SSE-KMS), dual-layer server-side\n encryption with Amazon Web Services KMS keys (DSSE-KMS), or server-side encryption with Amazon S3\n managed encryption keys (SSE-S3). If your object does use these types of keys,\n you’ll get an HTTP 400 Bad Request error.
The last modified property in this case is the creation date of the\n object.
\nRequest headers are limited to 8 KB in size. For more information, see Common\n Request Headers.
\nConsider the following when using request headers:
\n Consideration 1 – If both of the If-Match and\n If-Unmodified-Since headers are present in the request as\n follows:
\n If-Match condition evaluates to true, and;
\n If-Unmodified-Since condition evaluates to\n false;
Then Amazon S3 returns 200 OK and the data requested.
Consideration 2 – If both of the If-None-Match and\n If-Modified-Since headers are present in the request as\n follows:
\n If-None-Match condition evaluates to false,\n and;
\n If-Modified-Since condition evaluates to\n true;
Then Amazon S3 returns the 304 Not Modified response code.
For more information about conditional requests, see RFC 7232.
\nYou need the relevant read object (or version) permission for this operation. For more\n information, see Actions, resources, and condition keys for Amazon S3. \n If the object you request doesn't exist, the error that Amazon S3 returns depends\n on whether you also have the s3:ListBucket permission.
\nIf you have the s3:ListBucket permission on the bucket, Amazon S3 returns\n an HTTP status code 404 error.
If you don’t have the s3:ListBucket permission, Amazon S3 returns an HTTP\n status code 403 error.
The following actions are related to HeadObject:
\n GetObject\n
\n\n GetObjectAttributes\n
\nThe server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms).
The server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms, aws:kms:dsse).
If present, specifies the ID of the Amazon Web Services Key Management Service (Amazon Web Services KMS) symmetric\n encryption customer managed key that was used for the object.
", + "smithy.api#documentation": "If present, specifies the ID of the Key Management Service (KMS) symmetric encryption customer managed key\n that was used for the object.
", "smithy.api#httpHeader": "x-amz-server-side-encryption-aws-kms-key-id" } }, @@ -25861,7 +27746,7 @@ "target": "com.amazonaws.s3#BucketKeyEnabled", "traits": { "smithy.api#default": false, - "smithy.api#documentation": "Indicates whether the object uses an S3 Bucket Key for server-side encryption with Amazon Web Services\n KMS (SSE-KMS).
", + "smithy.api#documentation": "Indicates whether the object uses an S3 Bucket Key for server-side encryption with\n Key Management Service (KMS) keys (SSE-KMS).
", "smithy.api#httpHeader": "x-amz-server-side-encryption-bucket-key-enabled" } }, @@ -27238,6 +29123,32 @@ }, "traits": { "smithy.api#documentation": "Returns a list of all buckets owned by the authenticated sender of the request. To use\n this operation, you must have the s3:ListAllMyBuckets permission.
For information about Amazon S3 buckets, see Creating, configuring, and\n working with Amazon S3 buckets.
", + "smithy.api#examples": [ + { + "title": "To list all buckets", + "documentation": "The following example returns all the buckets owned by the sender of this request.", + "output": { + "Owner": { + "DisplayName": "own-display-name", + "ID": "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31" + }, + "Buckets": [ + { + "CreationDate": "2012-02-15T21:03:02.000Z", + "Name": "examplebucket" + }, + { + "CreationDate": "2011-07-24T19:33:50.000Z", + "Name": "examplebucket2" + }, + { + "CreationDate": "2010-12-17T00:56:49.000Z", + "Name": "examplebucket3" + } + ] + } + } + ], "smithy.api#http": { "method": "GET", "uri": "/", @@ -27362,6 +29273,12 @@ "traits": { "smithy.api#documentation": "Encoding type used by Amazon S3 to encode object keys in the response.
\nIf you specify encoding-type request parameter, Amazon S3 includes this element\n in the response, and returns encoded key name values in the following response\n elements:
\n Delimiter, KeyMarker, Prefix,\n NextKeyMarker, Key.
The account ID of the expected bucket owner. If the bucket is owned by a different account, the request fails with the HTTP status code 403 Forbidden (access denied).
Returns metadata about all versions of the objects in a bucket. You can also use request\n parameters as selection criteria to return metadata about a subset of all the object\n versions.
\n To use this operation, you must have permissions to perform the\n s3:ListBucketVersions action. Be aware of the name difference.
A 200 OK response can contain valid or invalid XML. Make sure to design your\n application to parse the contents of the response and handle it appropriately.
\nTo use this operation, you must have READ access to the bucket.
\nThis action is not supported by Amazon S3 on Outposts.
\nThe following operations are related to ListObjectVersions:
\n ListObjectsV2\n
\n\n GetObject\n
\n\n PutObject\n
\n\n DeleteObject\n
\nEncoding type used by Amazon S3 to encode object key names in the XML response.
\nIf you specify encoding-type request parameter, Amazon S3 includes this element in the\n response, and returns encoded key name values in the following response elements:
\n\n KeyMarker, NextKeyMarker, Prefix, Key, and Delimiter.
The account ID of the expected bucket owner. If the bucket is owned by a different account, the request fails with the HTTP status code 403 Forbidden (access denied).
Encoding type used by Amazon S3 to encode object keys in the response.
" } + }, + "RequestCharged": { + "target": "com.amazonaws.s3#RequestCharged", + "traits": { + "smithy.api#httpHeader": "x-amz-request-charged" + } } }, "traits": { @@ -27885,6 +29866,12 @@ "traits": { "smithy.api#documentation": "If StartAfter was sent with the request, it is included in the response.
" } + }, + "RequestCharged": { + "target": "com.amazonaws.s3#RequestCharged", + "traits": { + "smithy.api#httpHeader": "x-amz-request-charged" + } } }, "traits": { @@ -29736,7 +31723,18 @@ "requestAlgorithmMember": "ChecksumAlgorithm", "requestChecksumRequired": true }, - "smithy.api#documentation": "Sets the permissions on an existing bucket using access control lists (ACL). For more\n information, see Using ACLs. To set the ACL of a\n bucket, you must have WRITE_ACP permission.
You can use one of the following two ways to set a bucket's permissions:
\nSpecify the ACL in the request body
\nSpecify permissions using request headers
\nYou cannot specify access permission using both the body and the request\n headers.
\nDepending on your application needs, you may choose to set the ACL on a bucket using\n either the request body or the headers. For example, if you have an existing application\n that updates a bucket ACL using the request body, then you can continue to use that\n approach.
\nIf your bucket uses the bucket owner enforced setting for S3 Object Ownership, ACLs\n are disabled and no longer affect permissions. You must use policies to grant access to\n your bucket and the objects in it. Requests to set ACLs or update ACLs fail and return\n the AccessControlListNotSupported error code. Requests to read ACLs are\n still supported. For more information, see Controlling object\n ownership in the Amazon S3 User Guide.
You can set access permissions using one of the following methods:
\nSpecify a canned ACL with the x-amz-acl request header. Amazon S3 supports\n a set of predefined ACLs, known as canned ACLs. Each canned ACL\n has a predefined set of grantees and permissions. Specify the canned ACL name as the\n value of x-amz-acl. If you use this header, you cannot use other access\n control-specific headers in your request. For more information, see Canned\n ACL.
Specify access permissions explicitly with the x-amz-grant-read,\n x-amz-grant-read-acp, x-amz-grant-write-acp, and\n x-amz-grant-full-control headers. When using these headers, you\n specify explicit access permissions and grantees (Amazon Web Services accounts or Amazon S3 groups) who\n will receive the permission. If you use these ACL-specific headers, you cannot use\n the x-amz-acl header to set a canned ACL. These parameters map to the\n set of permissions that Amazon S3 supports in an ACL. For more information, see Access Control\n List (ACL) Overview.
You specify each grantee as a type=value pair, where the type is one of the\n following:
\n\n id – if the value specified is the canonical user ID of an\n Amazon Web Services account
\n uri – if you are granting permissions to a predefined\n group
\n emailAddress – if the value specified is the email address of\n an Amazon Web Services account
Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:
\nUS East (N. Virginia)
\nUS West (N. California)
\nUS West (Oregon)
\nAsia Pacific (Singapore)
\nAsia Pacific (Sydney)
\nAsia Pacific (Tokyo)
\nEurope (Ireland)
\nSouth America (São Paulo)
\nFor a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.
\nFor example, the following x-amz-grant-write header grants create,\n overwrite, and delete objects permission to LogDelivery group predefined by Amazon S3 and\n two Amazon Web Services accounts identified by their email addresses.
\n x-amz-grant-write: uri=\"http://acs.amazonaws.com/groups/s3/LogDelivery\",\n id=\"111122223333\", id=\"555566667777\" \n
You can use either a canned ACL or specify access permissions explicitly. You cannot do\n both.
\nYou can specify the person (grantee) to whom you're assigning access rights (using\n request elements) in the following ways:
\nBy the person's ID:
\n\n
DisplayName is optional and ignored in the request
\nBy URI:
\n\n
By Email address:
\n\n
The grantee is resolved to the CanonicalUser and, in a response to a GET Object\n acl request, appears as the CanonicalUser.
\nUsing email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:
\nUS East (N. Virginia)
\nUS West (N. California)
\nUS West (Oregon)
\nAsia Pacific (Singapore)
\nAsia Pacific (Sydney)
\nAsia Pacific (Tokyo)
\nEurope (Ireland)
\nSouth America (São Paulo)
\nFor a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.
\nThe following operations are related to PutBucketAcl:
\n CreateBucket\n
\n\n DeleteBucket\n
\n\n GetObjectAcl\n
\nSets the permissions on an existing bucket using access control lists (ACL). For more\n information, see Using ACLs. To set the ACL of a\n bucket, you must have WRITE_ACP permission.
You can use one of the following two ways to set a bucket's permissions:
\nSpecify the ACL in the request body
\nSpecify permissions using request headers
\nYou cannot specify access permission using both the body and the request\n headers.
\nDepending on your application needs, you may choose to set the ACL on a bucket using\n either the request body or the headers. For example, if you have an existing application\n that updates a bucket ACL using the request body, then you can continue to use that\n approach.
\nIf your bucket uses the bucket owner enforced setting for S3 Object Ownership, ACLs\n are disabled and no longer affect permissions. You must use policies to grant access to\n your bucket and the objects in it. Requests to set ACLs or update ACLs fail and return\n the AccessControlListNotSupported error code. Requests to read ACLs are\n still supported. For more information, see Controlling object\n ownership in the Amazon S3 User Guide.
You can set access permissions by using one of the following methods:
\nSpecify a canned ACL with the x-amz-acl request header. Amazon S3 supports\n a set of predefined ACLs, known as canned ACLs. Each canned ACL\n has a predefined set of grantees and permissions. Specify the canned ACL name as the\n value of x-amz-acl. If you use this header, you cannot use other access\n control-specific headers in your request. For more information, see Canned\n ACL.
Specify access permissions explicitly with the x-amz-grant-read,\n x-amz-grant-read-acp, x-amz-grant-write-acp, and\n x-amz-grant-full-control headers. When using these headers, you\n specify explicit access permissions and grantees (Amazon Web Services accounts or Amazon S3 groups) who\n will receive the permission. If you use these ACL-specific headers, you cannot use\n the x-amz-acl header to set a canned ACL. These parameters map to the\n set of permissions that Amazon S3 supports in an ACL. For more information, see Access Control\n List (ACL) Overview.
You specify each grantee as a type=value pair, where the type is one of the\n following:
\n\n id – if the value specified is the canonical user ID of an\n Amazon Web Services account
\n uri – if you are granting permissions to a predefined\n group
\n emailAddress – if the value specified is the email address of\n an Amazon Web Services account
Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:
\nUS East (N. Virginia)
\nUS West (N. California)
\nUS West (Oregon)
\nAsia Pacific (Singapore)
\nAsia Pacific (Sydney)
\nAsia Pacific (Tokyo)
\nEurope (Ireland)
\nSouth America (São Paulo)
\nFor a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.
\nFor example, the following x-amz-grant-write header grants create,\n overwrite, and delete objects permission to LogDelivery group predefined by Amazon S3 and\n two Amazon Web Services accounts identified by their email addresses.
\n x-amz-grant-write: uri=\"http://acs.amazonaws.com/groups/s3/LogDelivery\",\n id=\"111122223333\", id=\"555566667777\" \n
You can use either a canned ACL or specify access permissions explicitly. You cannot do\n both.
\nYou can specify the person (grantee) to whom you're assigning access rights (using\n request elements) in the following ways:
\nBy the person's ID:
\n\n
DisplayName is optional and ignored in the request
\nBy URI:
\n\n
By Email address:
\n\n
The grantee is resolved to the CanonicalUser and, in a response to a GET Object\n acl request, appears as the CanonicalUser.
\nUsing email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:
\nUS East (N. Virginia)
\nUS West (N. California)
\nUS West (Oregon)
\nAsia Pacific (Singapore)
\nAsia Pacific (Sydney)
\nAsia Pacific (Tokyo)
\nEurope (Ireland)
\nSouth America (São Paulo)
\nFor a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.
\nThe following operations are related to PutBucketAcl:
\n CreateBucket\n
\n\n DeleteBucket\n
\n\n GetObjectAcl\n
\nSets the cors configuration for your bucket. If the configuration exists,\n Amazon S3 replaces it.
To use this operation, you must be allowed to perform the s3:PutBucketCORS\n action. By default, the bucket owner has this permission and can grant it to others.
You set this configuration on a bucket so that the bucket can service cross-origin\n requests. For example, you might want to enable a request whose origin is\n http://www.example.com to access your Amazon S3 bucket at\n my.example.bucket.com by using the browser's XMLHttpRequest\n capability.
To enable cross-origin resource sharing (CORS) on a bucket, you add the\n cors subresource to the bucket. The cors subresource is an XML\n document in which you configure rules that identify origins and the HTTP methods that can\n be executed on your bucket. The document is limited to 64 KB in size.
When Amazon S3 receives a cross-origin request (or a pre-flight OPTIONS request) against a\n bucket, it evaluates the cors configuration on the bucket and uses the first\n CORSRule rule that matches the incoming browser request to enable a\n cross-origin request. For a rule to match, the following conditions must be met:
The request's Origin header must match AllowedOrigin\n elements.
The request method (for example, GET, PUT, HEAD, and so on) or the\n Access-Control-Request-Method header in case of a pre-flight\n OPTIONS request must be one of the AllowedMethod\n elements.
Every header specified in the Access-Control-Request-Headers request\n header of a pre-flight request must match an AllowedHeader element.\n
For more information about CORS, go to Enabling Cross-Origin Resource Sharing in\n the Amazon S3 User Guide.
\nThe following operations are related to PutBucketCors:
\n GetBucketCors\n
\n\n DeleteBucketCors\n
\n\n RESTOPTIONSobject\n
\nThis action uses the encryption subresource to configure default encryption\n and Amazon S3 Bucket Keys for an existing bucket.
By default, all buckets have a default encryption configuration that\n uses server-side encryption with Amazon S3 managed keys (SSE-S3).\n You can optionally configure default encryption for a bucket by using server-side\n encryption with an Amazon Web Services KMS key (SSE-KMS) or a customer-provided key (SSE-C). If you specify default encryption by using\n SSE-KMS, you can also configure Amazon S3 Bucket Keys. For information about bucket default encryption,\n see Amazon S3\n bucket default encryption in the Amazon S3 User Guide. For more\n information about S3 Bucket Keys, see Amazon S3 Bucket Keys in the\n Amazon S3 User Guide.
\nThis action requires Amazon Web Services Signature Version 4. For more information, see \n Authenticating Requests (Amazon Web Services Signature Version 4).
\nTo use this operation, you must have permissions to perform the\n s3:PutEncryptionConfiguration action. The bucket owner has this permission\n by default. The bucket owner can grant this permission to others. For more information\n about permissions, see Permissions Related to Bucket Subresource Operations and Managing\n Access Permissions to Your Amazon S3 Resources in the\n Amazon S3 User Guide.
The following operations are related to PutBucketEncryption:
\n GetBucketEncryption\n
\nThis action uses the encryption subresource to configure default encryption\n and Amazon S3 Bucket Keys for an existing bucket.
By default, all buckets have a default encryption configuration that uses server-side\n encryption with Amazon S3 managed keys (SSE-S3). You can optionally configure default encryption\n for a bucket by using server-side encryption with Key Management Service (KMS) keys (SSE-KMS),\n dual-layer server-side encryption with Amazon Web Services KMS keys (DSSE-KMS), or server-side\n encryption with customer-provided keys (SSE-C). If you specify default encryption by using\n SSE-KMS, you can also configure Amazon S3 Bucket Keys. For information about bucket default\n encryption, see Amazon S3 bucket default encryption\n in the Amazon S3 User Guide. For more information about S3 Bucket Keys, see\n Amazon S3 Bucket\n Keys in the Amazon S3 User Guide.
\nThis action requires Amazon Web Services Signature Version 4. For more information, see \n Authenticating Requests (Amazon Web Services Signature Version 4).
\nTo use this operation, you must have permission to perform the\n s3:PutEncryptionConfiguration action. The bucket owner has this permission\n by default. The bucket owner can grant this permission to others. For more information\n about permissions, see Permissions Related to Bucket Subresource Operations and Managing\n Access Permissions to Your Amazon S3 Resources in the\n Amazon S3 User Guide.
The following operations are related to PutBucketEncryption:
\n GetBucketEncryption\n
\nSpecifies default encryption for a bucket using server-side encryption with different\n key options. By default, all buckets have a default encryption configuration that\n uses server-side encryption with Amazon S3 managed keys (SSE-S3). You can optionally configure default encryption for a bucket by using server-side\n encryption with an Amazon Web Services KMS key (SSE-KMS) or a customer-provided key (SSE-C). For information about the bucket default\n encryption feature, see Amazon S3 Bucket Default Encryption\n in the Amazon S3 User Guide.
", + "smithy.api#documentation": "Specifies default encryption for a bucket using server-side encryption with different\n key options. By default, all buckets have a default encryption configuration that uses\n server-side encryption with Amazon S3 managed keys (SSE-S3). You can optionally configure\n default encryption for a bucket by using server-side encryption with an Amazon Web Services KMS key\n (SSE-KMS) or a customer-provided key (SSE-C). For information about the bucket default\n encryption feature, see Amazon S3 Bucket Default Encryption\n in the Amazon S3 User Guide.
", "smithy.api#httpLabel": {}, "smithy.api#required": {}, "smithy.rules#contextParam": { @@ -30159,7 +32200,36 @@ "requestAlgorithmMember": "ChecksumAlgorithm", "requestChecksumRequired": true }, - "smithy.api#documentation": "Creates a new lifecycle configuration for the bucket or replaces an existing lifecycle\n configuration. Keep in mind that this will overwrite an existing lifecycle configuration,\n so if you want to retain any configuration details, they must be included in the new\n lifecycle configuration. For information about lifecycle configuration, see Managing\n your storage lifecycle.
\nBucket lifecycle configuration now supports specifying a lifecycle rule using an\n object key name prefix, one or more object tags, or a combination of both. Accordingly,\n this section describes the latest API. The previous version of the API supported\n filtering based only on an object key name prefix, which is supported for backward\n compatibility. For the related API description, see PutBucketLifecycle.
\nYou specify the lifecycle configuration in your request body. The lifecycle\n configuration is specified as XML consisting of one or more rules. An Amazon S3 Lifecycle\n configuration can have up to 1,000 rules. This limit is not adjustable. Each rule consists\n of the following:
\nFilter identifying a subset of objects to which the rule applies. The filter can\n be based on a key name prefix, object tags, or a combination of both.
\nStatus whether the rule is in effect.
\nOne or more lifecycle transition and expiration actions that you want Amazon S3 to\n perform on the objects identified by the filter. If the state of your bucket is\n versioning-enabled or versioning-suspended, you can have many versions of the same\n object (one current version and zero or more noncurrent versions). Amazon S3 provides\n predefined actions that you can specify for current and noncurrent object\n versions.
\nFor more information, see Object Lifecycle Management\n and Lifecycle Configuration Elements.
\nBy default, all Amazon S3 resources are private, including buckets, objects, and related\n subresources (for example, lifecycle configuration and website configuration). Only the\n resource owner (that is, the Amazon Web Services account that created it) can access the resource. The\n resource owner can optionally grant access permissions to others by writing an access\n policy. For this operation, a user must get the s3:PutLifecycleConfiguration\n permission.
You can also explicitly deny permissions. Explicit deny also supersedes any other\n permissions. If you want to block users or accounts from removing or deleting objects from\n your bucket, you must deny them permissions for the following actions:
\n\n s3:DeleteObject\n
\n s3:DeleteObjectVersion\n
\n s3:PutLifecycleConfiguration\n
For more information about permissions, see Managing Access Permissions to\n Your Amazon S3 Resources.
\nThe following operations are related to PutBucketLifecycleConfiguration:
Creates a new lifecycle configuration for the bucket or replaces an existing lifecycle\n configuration. Keep in mind that this will overwrite an existing lifecycle configuration,\n so if you want to retain any configuration details, they must be included in the new\n lifecycle configuration. For information about lifecycle configuration, see Managing\n your storage lifecycle.
\nBucket lifecycle configuration now supports specifying a lifecycle rule using an\n object key name prefix, one or more object tags, or a combination of both. Accordingly,\n this section describes the latest API. The previous version of the API supported\n filtering based only on an object key name prefix, which is supported for backward\n compatibility. For the related API description, see PutBucketLifecycle.
\nYou specify the lifecycle configuration in your request body. The lifecycle\n configuration is specified as XML consisting of one or more rules. An Amazon S3 Lifecycle\n configuration can have up to 1,000 rules. This limit is not adjustable. Each rule consists\n of the following:
\nA filter identifying a subset of objects to which the rule applies. The filter can\n be based on a key name prefix, object tags, or a combination of both.
\nA status indicating whether the rule is in effect.
\nOne or more lifecycle transition and expiration actions that you want Amazon S3 to\n perform on the objects identified by the filter. If the state of your bucket is\n versioning-enabled or versioning-suspended, you can have many versions of the same\n object (one current version and zero or more noncurrent versions). Amazon S3 provides\n predefined actions that you can specify for current and noncurrent object\n versions.
\nFor more information, see Object Lifecycle Management\n and Lifecycle Configuration Elements.
\nBy default, all Amazon S3 resources are private, including buckets, objects, and related\n subresources (for example, lifecycle configuration and website configuration). Only the\n resource owner (that is, the Amazon Web Services account that created it) can access the resource. The\n resource owner can optionally grant access permissions to others by writing an access\n policy. For this operation, a user must get the s3:PutLifecycleConfiguration\n permission.
You can also explicitly deny permissions. An explicit deny also supersedes any other\n permissions. If you want to block users or accounts from removing or deleting objects from\n your bucket, you must deny them permissions for the following actions:
\n\n s3:DeleteObject\n
\n s3:DeleteObjectVersion\n
\n s3:PutLifecycleConfiguration\n
For more information about permissions, see Managing Access Permissions to\n Your Amazon S3 Resources.
\nThe following operations are related to PutBucketLifecycleConfiguration:
Set the logging parameters for a bucket and to specify permissions for who can view and\n modify the logging parameters. All logs are saved to buckets in the same Amazon Web Services Region as\n the source bucket. To set the logging status of a bucket, you must be the bucket\n owner.
\nThe bucket owner is automatically granted FULL_CONTROL to all logs. You use the\n Grantee request element to grant access to other people. The\n Permissions request element specifies the kind of access the grantee has to\n the logs.
If the target bucket for log delivery uses the bucket owner enforced setting for S3\n Object Ownership, you can't use the Grantee request element to grant access\n to others. Permissions can only be granted using policies. For more information, see\n Permissions for server access log delivery in the\n Amazon S3 User Guide.
You can specify the person (grantee) to whom you're assigning access rights (using\n request elements) in the following ways:
\nBy the person's ID:
\n\n
DisplayName is optional and ignored in the request.
\nBy Email address:
\n\n \n
The grantee is resolved to the CanonicalUser and, in a response to a GET Object\n acl request, appears as the CanonicalUser.
\nBy URI:
\n\n
To enable logging, you use LoggingEnabled and its children request elements. To disable\n logging, you use an empty BucketLoggingStatus request element:
\n\n
For more information about server access logging, see Server Access Logging in the\n Amazon S3 User Guide.
\nFor more information about creating a bucket, see CreateBucket. For more\n information about returning the logging status of a bucket, see GetBucketLogging.
\nThe following operations are related to PutBucketLogging:
\n PutObject\n
\n\n DeleteBucket\n
\n\n CreateBucket\n
\n\n GetBucketLogging\n
\nSet the logging parameters for a bucket and to specify permissions for who can view and\n modify the logging parameters. All logs are saved to buckets in the same Amazon Web Services Region as\n the source bucket. To set the logging status of a bucket, you must be the bucket\n owner.
\nThe bucket owner is automatically granted FULL_CONTROL to all logs. You use the\n Grantee request element to grant access to other people. The\n Permissions request element specifies the kind of access the grantee has to\n the logs.
If the target bucket for log delivery uses the bucket owner enforced setting for S3\n Object Ownership, you can't use the Grantee request element to grant access\n to others. Permissions can only be granted using policies. For more information, see\n Permissions for server access log delivery in the\n Amazon S3 User Guide.
You can specify the person (grantee) to whom you're assigning access rights (by using\n request elements) in the following ways:
\nBy the person's ID:
\n\n
\n DisplayName is optional and ignored in the request.
By Email address:
\n\n \n
The grantee is resolved to the CanonicalUser and, in a response to a GETObjectAcl\n request, appears as the CanonicalUser.
By URI:
\n\n
To enable logging, you use LoggingEnabled and its children request elements. To disable\n logging, you use an empty BucketLoggingStatus request element:
\n
For more information about server access logging, see Server Access Logging in the\n Amazon S3 User Guide.
\nFor more information about creating a bucket, see CreateBucket. For more\n information about returning the logging status of a bucket, see GetBucketLogging.
\nThe following operations are related to PutBucketLogging:
\n PutObject\n
\n\n DeleteBucket\n
\n\n CreateBucket\n
\n\n GetBucketLogging\n
\nSets a metrics configuration (specified by the metrics configuration ID) for the bucket.\n You can have up to 1,000 metrics configurations per bucket. If you're updating an existing\n metrics configuration, note that this is a full replacement of the existing metrics\n configuration. If you don't include the elements you want to keep, they are erased.
\nTo use this operation, you must have permissions to perform the\n s3:PutMetricsConfiguration action. The bucket owner has this permission by\n default. The bucket owner can grant this permission to others. For more information about\n permissions, see Permissions Related to Bucket Subresource Operations and Managing\n Access Permissions to Your Amazon S3 Resources.
For information about CloudWatch request metrics for Amazon S3, see Monitoring\n Metrics with Amazon CloudWatch.
\nThe following operations are related to\n PutBucketMetricsConfiguration:
\n GetBucketLifecycle has the following special error:
Error code: TooManyConfigurations\n
Description: You are attempting to create a new configuration but have\n already reached the 1,000-configuration limit.
\nHTTP Status Code: HTTP 400 Bad Request
\nSets a metrics configuration (specified by the metrics configuration ID) for the bucket.\n You can have up to 1,000 metrics configurations per bucket. If you're updating an existing\n metrics configuration, note that this is a full replacement of the existing metrics\n configuration. If you don't include the elements you want to keep, they are erased.
\nTo use this operation, you must have permissions to perform the\n s3:PutMetricsConfiguration action. The bucket owner has this permission by\n default. The bucket owner can grant this permission to others. For more information about\n permissions, see Permissions Related to Bucket Subresource Operations and Managing\n Access Permissions to Your Amazon S3 Resources.
For information about CloudWatch request metrics for Amazon S3, see Monitoring\n Metrics with Amazon CloudWatch.
\nThe following operations are related to\n PutBucketMetricsConfiguration:
\n PutBucketMetricsConfiguration has the following special error:
Error code: TooManyConfigurations\n
Description: You are attempting to create a new configuration but have\n already reached the 1,000-configuration limit.
\nHTTP Status Code: HTTP 400 Bad Request
\nEnables notifications of specified events for a bucket. For more information about event\n notifications, see Configuring Event\n Notifications.
\nUsing this API, you can replace an existing notification configuration. The\n configuration is an XML file that defines the event types that you want Amazon S3 to publish and\n the destination where you want Amazon S3 to publish an event notification when it detects an\n event of the specified type.
\nBy default, your bucket has no event notifications configured. That is, the notification\n configuration will be an empty NotificationConfiguration.
\n
\n \n
This action replaces the existing notification configuration with the configuration you\n include in the request body.
\nAfter Amazon S3 receives this request, it first verifies that any Amazon Simple Notification\n Service (Amazon SNS) or Amazon Simple Queue Service (Amazon SQS) destination exists, and\n that the bucket owner has permission to publish to it by sending a test notification. In\n the case of Lambda destinations, Amazon S3 verifies that the Lambda function permissions\n grant Amazon S3 permission to invoke the function from the Amazon S3 bucket. For more information,\n see Configuring Notifications for Amazon S3 Events.
\nYou can disable notifications by adding the empty NotificationConfiguration\n element.
\nFor more information about the number of event notification configurations that you can\n create per bucket, see Amazon S3 service quotas in Amazon Web Services\n General Reference.
\nBy default, only the bucket owner can configure notifications on a bucket. However,\n bucket owners can use a bucket policy to grant permission to other users to set this\n configuration with s3:PutBucketNotification permission.
The PUT notification is an atomic operation. For example, suppose your notification\n configuration includes SNS topic, SQS queue, and Lambda function configurations. When\n you send a PUT request with this configuration, Amazon S3 sends test messages to your SNS\n topic. If the message fails, the entire PUT action will fail, and Amazon S3 will not add the\n configuration to your bucket.
\nIf the configuration in the request body includes only one\n TopicConfiguration specifying only the\n s3:ReducedRedundancyLostObject event type, the response will also include\n the x-amz-sns-test-message-id header containing the message ID of the test\n notification sent to the topic.
The following action is related to\n PutBucketNotificationConfiguration:
Enables notifications of specified events for a bucket. For more information about event\n notifications, see Configuring Event\n Notifications.
\nUsing this API, you can replace an existing notification configuration. The\n configuration is an XML file that defines the event types that you want Amazon S3 to publish and\n the destination where you want Amazon S3 to publish an event notification when it detects an\n event of the specified type.
\nBy default, your bucket has no event notifications configured. That is, the notification\n configuration will be an empty NotificationConfiguration.
\n
\n \n
This action replaces the existing notification configuration with the configuration you\n include in the request body.
\nAfter Amazon S3 receives this request, it first verifies that any Amazon Simple Notification\n Service (Amazon SNS) or Amazon Simple Queue Service (Amazon SQS) destination exists, and\n that the bucket owner has permission to publish to it by sending a test notification. In\n the case of Lambda destinations, Amazon S3 verifies that the Lambda function permissions\n grant Amazon S3 permission to invoke the function from the Amazon S3 bucket. For more information,\n see Configuring Notifications for Amazon S3 Events.
\nYou can disable notifications by adding the empty NotificationConfiguration\n element.
\nFor more information about the number of event notification configurations that you can\n create per bucket, see Amazon S3 service quotas in Amazon Web Services\n General Reference.
\nBy default, only the bucket owner can configure notifications on a bucket. However,\n bucket owners can use a bucket policy to grant permission to other users to set this\n configuration with the required s3:PutBucketNotification permission.
The PUT notification is an atomic operation. For example, suppose your notification\n configuration includes SNS topic, SQS queue, and Lambda function configurations. When\n you send a PUT request with this configuration, Amazon S3 sends test messages to your SNS\n topic. If the message fails, the entire PUT action will fail, and Amazon S3 will not add the\n configuration to your bucket.
\nIf the configuration in the request body includes only one\n TopicConfiguration specifying only the\n s3:ReducedRedundancyLostObject event type, the response will also include\n the x-amz-sns-test-message-id header containing the message ID of the test\n notification sent to the topic.
The following action is related to\n PutBucketNotificationConfiguration:
Applies an Amazon S3 bucket policy to an Amazon S3 bucket. If you are using an identity other than\n the root user of the Amazon Web Services account that owns the bucket, the calling identity must have the\n PutBucketPolicy permissions on the specified bucket and belong to the\n bucket owner's account in order to use this operation.
If you don't have PutBucketPolicy permissions, Amazon S3 returns a 403\n Access Denied error. If you have the correct permissions, but you're not using an\n identity that belongs to the bucket owner's account, Amazon S3 returns a 405 Method Not\n Allowed error.
To ensure that bucket owners don't inadvertently lock themselves out of their own\n buckets, the root principal in a bucket owner's Amazon Web Services account can perform the\n GetBucketPolicy, PutBucketPolicy, and\n DeleteBucketPolicy API actions, even if their bucket policy explicitly\n denies the root principal's access. Bucket owner root principals can only be blocked from performing \n these API actions by VPC endpoint policies and Amazon Web Services Organizations policies.
For more information, see Bucket policy\n examples.
\nThe following operations are related to PutBucketPolicy:
\n CreateBucket\n
\n\n DeleteBucket\n
\nCreates a replication configuration or replaces an existing one. For more information,\n see Replication in the Amazon S3 User Guide.
\nSpecify the replication configuration in the request body. In the replication\n configuration, you provide the name of the destination bucket or buckets where you want\n Amazon S3 to replicate objects, the IAM role that Amazon S3 can assume to replicate objects on your\n behalf, and other relevant information.
\nA replication configuration must include at least one rule, and can contain a maximum of\n 1,000. Each rule identifies a subset of objects to replicate by filtering the objects in\n the source bucket. To choose additional subsets of objects to replicate, add a rule for\n each subset.
\nTo specify a subset of the objects in the source bucket to apply a replication rule to,\n add the Filter element as a child of the Rule element. You can filter objects based on an\n object key prefix, one or more object tags, or both. When you add the Filter element in the\n configuration, you must also add the following elements:\n DeleteMarkerReplication, Status, and\n Priority.
If you are using an earlier version of the replication configuration, Amazon S3 handles\n replication of delete markers differently. For more information, see Backward Compatibility.
\nFor information about enabling versioning on a bucket, see Using Versioning.
\nBy default, Amazon S3 doesn't replicate objects that are stored at rest using server-side\n encryption with KMS keys. To replicate Amazon Web Services KMS-encrypted objects, add the following:\n SourceSelectionCriteria, SseKmsEncryptedObjects,\n Status, EncryptionConfiguration, and\n ReplicaKmsKeyID. For information about replication configuration, see\n Replicating Objects\n Created with SSE Using KMS keys.
For information on PutBucketReplication errors, see List of\n replication-related error codes\n
To create a PutBucketReplication request, you must have\n s3:PutReplicationConfiguration permissions for the bucket.\n \n
By default, a resource owner, in this case the Amazon Web Services account that created the bucket,\n can perform this operation. The resource owner can also grant others permissions to perform\n the operation. For more information about permissions, see Specifying Permissions in a\n Policy and Managing Access Permissions to\n Your Amazon S3 Resources.
\nTo perform this operation, the user or role performing the action must have the\n iam:PassRole permission.
\nThe following operations are related to PutBucketReplication:
\n GetBucketReplication\n
\nSets the request payment configuration for a bucket. By default, the bucket owner pays\n for downloads from the bucket. This configuration parameter enables the bucket owner (only)\n to specify that the person requesting the download will be charged for the download. For\n more information, see Requester Pays\n Buckets.
\nThe following operations are related to PutBucketRequestPayment:
\n CreateBucket\n
\nSets the tags for a bucket.
\nUse tags to organize your Amazon Web Services bill to reflect your own cost structure. To do this,\n sign up to get your Amazon Web Services account bill with tag key values included. Then, to see the cost\n of combined resources, organize your billing information according to resources with the\n same tag key values. For example, you can tag several resources with a specific application\n name, and then organize your billing information to see the total cost of that application\n across several services. For more information, see Cost Allocation and\n Tagging and Using Cost Allocation in Amazon S3 Bucket\n Tags.
\nWhen this operation sets the tags for a bucket, it will overwrite any current tags\n the bucket already has. You cannot use this operation to add tags to an existing list of\n tags.
\nTo use this operation, you must have permissions to perform the\n s3:PutBucketTagging action. The bucket owner has this permission by default\n and can grant this permission to others. For more information about permissions, see Permissions Related to Bucket Subresource Operations and Managing\n Access Permissions to Your Amazon S3 Resources.
\n PutBucketTagging has the following special errors:
Error code: InvalidTagError\n
Description: The tag provided was not a valid tag. This error can occur if\n the tag did not pass input validation. For information about tag restrictions,\n see User-Defined Tag Restrictions and Amazon Web Services-Generated Cost Allocation Tag Restrictions.
\nError code: MalformedXMLError\n
Description: The XML provided does not match the schema.
\nError code: OperationAbortedError \n
Description: A conflicting conditional action is currently in progress\n against this resource. Please try again.
\nError code: InternalError\n
Description: The service was unable to apply the provided tag to the\n bucket.
\nThe following operations are related to PutBucketTagging:
\n GetBucketTagging\n
\n\n DeleteBucketTagging\n
\nSets the versioning state of an existing bucket.
\nYou can set the versioning state with one of the following values:
\n\n Enabled—Enables versioning for the objects in the\n bucket. All objects added to the bucket receive a unique version ID.
\n\n Suspended—Disables versioning for the objects in the\n bucket. All objects added to the bucket receive the version ID null.
\nIf the versioning state has never been set on a bucket, it has no versioning state; a\n GetBucketVersioning request does not return a versioning state value.
\nIn order to enable MFA Delete, you must be the bucket owner. If you are the bucket owner\n and want to enable MFA Delete in the bucket versioning configuration, you must include the\n x-amz-mfa request header and the Status and the\n MfaDelete request elements in a request to set the versioning state of the\n bucket.
If you have an object expiration lifecycle configuration in your non-versioned bucket and\n you want to maintain the same permanent delete behavior when you enable versioning, you\n must add a noncurrent expiration policy. The noncurrent expiration lifecycle configuration will\n manage the deletes of the noncurrent object versions in the version-enabled bucket. (A\n version-enabled bucket maintains one current and zero or more noncurrent object\n versions.) For more information, see Lifecycle and Versioning.
\nThe following operations are related to PutBucketVersioning:
\n CreateBucket\n
\n\n DeleteBucket\n
\n\n GetBucketVersioning\n
\nSets the configuration of the website that is specified in the website\n subresource. To configure a bucket as a website, you can add this subresource on the bucket\n with website configuration information such as the file name of the index document and any\n redirect rules. For more information, see Hosting Websites on Amazon S3.
This PUT action requires the S3:PutBucketWebsite permission. By default,\n only the bucket owner can configure the website attached to a bucket; however, bucket\n owners can allow other users to set the website configuration by writing a bucket policy\n that grants them the S3:PutBucketWebsite permission.
To redirect all website requests sent to the bucket's website endpoint, you add a\n website configuration with the following elements. Because all requests are sent to another\n website, you don't need to provide index document name for the bucket.
\n\n WebsiteConfiguration\n
\n RedirectAllRequestsTo\n
\n HostName\n
\n Protocol\n
If you want granular control over redirects, you can use the following elements to add\n routing rules that describe conditions for redirecting requests and information about the\n redirect destination. In this case, the website configuration must provide an index\n document for the bucket, because some requests might not be redirected.
\n\n WebsiteConfiguration\n
\n IndexDocument\n
\n Suffix\n
\n ErrorDocument\n
\n Key\n
\n RoutingRules\n
\n RoutingRule\n
\n Condition\n
\n HttpErrorCodeReturnedEquals\n
\n KeyPrefixEquals\n
\n Redirect\n
\n Protocol\n
\n HostName\n
\n ReplaceKeyPrefixWith\n
\n ReplaceKeyWith\n
\n HttpRedirectCode\n
Amazon S3 has a limitation of 50 routing rules per website configuration. If you require more\n than 50 routing rules, you can use object redirect. For more information, see Configuring an\n Object Redirect in the Amazon S3 User Guide.
", + "smithy.api#examples": [ + { + "title": "Set website configuration on a bucket", + "documentation": "The following example adds website configuration to a bucket.", + "input": { + "Bucket": "examplebucket", + "ContentMD5": "", + "WebsiteConfiguration": { + "IndexDocument": { + "Suffix": "index.html" + }, + "ErrorDocument": { + "Key": "error.html" + } + } + } + } + ], "smithy.api#http": { "method": "PUT", "uri": "/{Bucket}?website", @@ -30911,7 +33120,23 @@ "aws.protocols#httpChecksum": { "requestAlgorithmMember": "ChecksumAlgorithm" }, - "smithy.api#documentation": "Adds an object to a bucket. You must have WRITE permissions on a bucket to add an object\n to it.
\nAmazon S3 never adds partial objects; if you receive a success response, Amazon S3 added the\n entire object to the bucket. You cannot use PutObject to only update a\n single piece of metadata for an existing object. You must put the entire object with\n updated metadata if you want to update some values.
Amazon S3 is a distributed system. If it receives multiple write requests for the same object\n simultaneously, it overwrites all but the last object written. To prevent objects from\n being deleted or overwritten, you can use Amazon S3 Object\n Lock.
\nTo ensure that data is not corrupted traversing the network, use the\n Content-MD5 header. When you use this header, Amazon S3 checks the object\n against the provided MD5 value and, if they do not match, returns an error. Additionally,\n you can calculate the MD5 while putting an object to Amazon S3 and compare the returned ETag to\n the calculated MD5 value.
To successfully complete the PutObject request, you must have the\n s3:PutObject in your IAM permissions.
To successfully change the objects acl of your PutObject request,\n you must have the s3:PutObjectAcl in your IAM permissions.
To successfully set the tag-set with your PutObject request, you\n must have the s3:PutObjectTagging in your IAM permissions.
The Content-MD5 header is required for any request to upload an\n object with a retention period configured using Amazon S3 Object Lock. For more\n information about Amazon S3 Object Lock, see Amazon S3 Object Lock\n Overview in the Amazon S3 User Guide.
You have three mutually exclusive options to protect data using server-side encryption\n in Amazon S3, depending on how you choose to manage the encryption keys. Specifically, the\n encryption key options are Amazon S3 managed keys (SSE-S3), Amazon Web Services KMS keys (SSE-KMS), and\n customer-provided keys (SSE-C). Amazon S3 encrypts data with server-side encryption by using\n Amazon S3 managed keys (SSE-S3) by default. You can optionally tell Amazon S3 to encrypt data at by\n rest using server-side encryption with other key options. For more information, see Using\n Server-Side Encryption.
\nWhen adding a new object, you can use headers to grant ACL-based permissions to\n individual Amazon Web Services accounts or to predefined groups defined by Amazon S3. These permissions are\n then added to the ACL on the object. By default, all objects are private. Only the owner\n has full access control. For more information, see Access Control List (ACL) Overview\n and Managing\n ACLs Using the REST API.
\nIf the bucket that you're uploading objects to uses the bucket owner enforced setting\n for S3 Object Ownership, ACLs are disabled and no longer affect permissions. Buckets that\n use this setting only accept PUT requests that don't specify an ACL or PUT requests that\n specify bucket owner full control ACLs, such as the bucket-owner-full-control\n canned ACL or an equivalent form of this ACL expressed in the XML format. PUT requests that\n contain other ACLs (for example, custom grants to certain Amazon Web Services accounts) fail and return a\n 400 error with the error code AccessControlListNotSupported.\n For more information, see Controlling ownership of\n objects and disabling ACLs in the Amazon S3 User Guide.
If your bucket uses the bucket owner enforced setting for Object Ownership, all\n objects written to the bucket by any account will be owned by the bucket owner.
\nBy default, Amazon S3 uses the STANDARD Storage Class to store newly created objects. The\n STANDARD storage class provides high durability and high availability. Depending on\n performance needs, you can specify a different Storage Class. Amazon S3 on Outposts only uses\n the OUTPOSTS Storage Class. For more information, see Storage Classes in the\n Amazon S3 User Guide.
\nIf you enable versioning for a bucket, Amazon S3 automatically generates a unique version ID\n for the object being stored. Amazon S3 returns this ID in the response. When you enable\n versioning for a bucket, if Amazon S3 receives multiple write requests for the same object\n simultaneously, it stores all of the objects. For more information about versioning, see\n Adding Objects to\n Versioning-Enabled Buckets. For information about returning the versioning state\n of a bucket, see GetBucketVersioning.
\nFor more information about related Amazon S3 APIs, see the following:
\n\n CopyObject\n
\n\n DeleteObject\n
\nAdds an object to a bucket. You must have WRITE permissions on a bucket to add an object\n to it.
\nAmazon S3 never adds partial objects; if you receive a success response, Amazon S3 added the\n entire object to the bucket. You cannot use PutObject to only update a\n single piece of metadata for an existing object. You must put the entire object with\n updated metadata if you want to update some values.
Amazon S3 is a distributed system. If it receives multiple write requests for the same object\n simultaneously, it overwrites all but the last object written. To prevent objects from\n being deleted or overwritten, you can use Amazon S3 Object\n Lock.
\nTo ensure that data is not corrupted traversing the network, use the\n Content-MD5 header. When you use this header, Amazon S3 checks the object\n against the provided MD5 value and, if they do not match, returns an error. Additionally,\n you can calculate the MD5 while putting an object to Amazon S3 and compare the returned ETag to\n the calculated MD5 value.
To successfully complete the PutObject request, you must have the\n s3:PutObject in your IAM permissions.
To successfully change the objects acl of your PutObject request,\n you must have the s3:PutObjectAcl in your IAM permissions.
To successfully set the tag-set with your PutObject request, you\n must have the s3:PutObjectTagging in your IAM permissions.
The Content-MD5 header is required for any request to upload an\n object with a retention period configured using Amazon S3 Object Lock. For more\n information about Amazon S3 Object Lock, see Amazon S3 Object Lock\n Overview in the Amazon S3 User Guide.
You have four mutually exclusive options to protect data using server-side encryption in\n Amazon S3, depending on how you choose to manage the encryption keys. Specifically, the\n encryption key options are Amazon S3 managed keys (SSE-S3), Amazon Web Services KMS keys (SSE-KMS or\n DSSE-KMS), and customer-provided keys (SSE-C). Amazon S3 encrypts data with server-side\n encryption by using Amazon S3 managed keys (SSE-S3) by default. You can optionally tell Amazon S3 to\n encrypt data at rest by using server-side encryption with other key options. For more\n information, see Using Server-Side\n Encryption.
\nWhen adding a new object, you can use headers to grant ACL-based permissions to\n individual Amazon Web Services accounts or to predefined groups defined by Amazon S3. These permissions are\n then added to the ACL on the object. By default, all objects are private. Only the owner\n has full access control. For more information, see Access Control List (ACL) Overview\n and Managing\n ACLs Using the REST API.
\nIf the bucket that you're uploading objects to uses the bucket owner enforced setting\n for S3 Object Ownership, ACLs are disabled and no longer affect permissions. Buckets that\n use this setting only accept PUT requests that don't specify an ACL or PUT requests that\n specify bucket owner full control ACLs, such as the bucket-owner-full-control\n canned ACL or an equivalent form of this ACL expressed in the XML format. PUT requests that\n contain other ACLs (for example, custom grants to certain Amazon Web Services accounts) fail and return a\n 400 error with the error code AccessControlListNotSupported.\n For more information, see Controlling ownership of\n objects and disabling ACLs in the Amazon S3 User Guide.
If your bucket uses the bucket owner enforced setting for Object Ownership, all\n objects written to the bucket by any account will be owned by the bucket owner.
\nBy default, Amazon S3 uses the STANDARD Storage Class to store newly created objects. The\n STANDARD storage class provides high durability and high availability. Depending on\n performance needs, you can specify a different Storage Class. Amazon S3 on Outposts only uses\n the OUTPOSTS Storage Class. For more information, see Storage Classes in the\n Amazon S3 User Guide.
\nIf you enable versioning for a bucket, Amazon S3 automatically generates a unique version ID\n for the object being stored. Amazon S3 returns this ID in the response. When you enable\n versioning for a bucket, if Amazon S3 receives multiple write requests for the same object\n simultaneously, it stores all of the objects. For more information about versioning, see\n Adding Objects to\n Versioning-Enabled Buckets. For information about returning the versioning state\n of a bucket, see GetBucketVersioning.
\nFor more information about related Amazon S3 APIs, see the following:
\n\n CopyObject\n
\n\n DeleteObject\n
\nUses the acl subresource to set the access control list (ACL) permissions\n for a new or existing object in an S3 bucket. You must have WRITE_ACP\n permission to set the ACL of an object. For more information, see What\n permissions can I grant? in the Amazon S3 User Guide.
This action is not supported by Amazon S3 on Outposts.
\nDepending on your application needs, you can choose to set the ACL on an object using\n either the request body or the headers. For example, if you have an existing application\n that updates a bucket ACL using the request body, you can continue to use that approach.\n For more information, see Access Control List (ACL) Overview\n in the Amazon S3 User Guide.
\nIf your bucket uses the bucket owner enforced setting for S3 Object Ownership, ACLs\n are disabled and no longer affect permissions. You must use policies to grant access to\n your bucket and the objects in it. Requests to set ACLs or update ACLs fail and return\n the AccessControlListNotSupported error code. Requests to read ACLs are\n still supported. For more information, see Controlling object\n ownership in the Amazon S3 User Guide.
You can set access permissions using one of the following methods:
\nSpecify a canned ACL with the x-amz-acl request header. Amazon S3 supports\n a set of predefined ACLs, known as canned ACLs. Each canned ACL has a predefined set\n of grantees and permissions. Specify the canned ACL name as the value of\n x-amz-acl. If you use this header, you cannot use other access\n control-specific headers in your request. For more information, see Canned\n ACL.
Specify access permissions explicitly with the x-amz-grant-read,\n x-amz-grant-read-acp, x-amz-grant-write-acp, and\n x-amz-grant-full-control headers. When using these headers, you\n specify explicit access permissions and grantees (Amazon Web Services accounts or Amazon S3 groups) who\n will receive the permission. If you use these ACL-specific headers, you cannot use\n x-amz-acl header to set a canned ACL. These parameters map to the set\n of permissions that Amazon S3 supports in an ACL. For more information, see Access Control\n List (ACL) Overview.
You specify each grantee as a type=value pair, where the type is one of the\n following:
\n\n id – if the value specified is the canonical user ID of an\n Amazon Web Services account
\n uri – if you are granting permissions to a predefined\n group
\n emailAddress – if the value specified is the email address of\n an Amazon Web Services account
Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:
\nUS East (N. Virginia)
\nUS West (N. California)
\nUS West (Oregon)
\nAsia Pacific (Singapore)
\nAsia Pacific (Sydney)
\nAsia Pacific (Tokyo)
\nEurope (Ireland)
\nSouth America (São Paulo)
\nFor a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.
\nFor example, the following x-amz-grant-read header grants list\n objects permission to the two Amazon Web Services accounts identified by their email\n addresses.
\n x-amz-grant-read: emailAddress=\"xyz@amazon.com\",\n emailAddress=\"abc@amazon.com\" \n
You can use either a canned ACL or specify access permissions explicitly. You cannot do\n both.
\nYou can specify the person (grantee) to whom you're assigning access rights (using\n request elements) in the following ways:
\nBy the person's ID:
\n\n
DisplayName is optional and ignored in the request.
\nBy URI:
\n\n
By Email address:
\n\n
The grantee is resolved to the CanonicalUser and, in a response to a GET Object\n acl request, appears as the CanonicalUser.
\nUsing email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:
\nUS East (N. Virginia)
\nUS West (N. California)
\nUS West (Oregon)
\nAsia Pacific (Singapore)
\nAsia Pacific (Sydney)
\nAsia Pacific (Tokyo)
\nEurope (Ireland)
\nSouth America (São Paulo)
\nFor a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.
\nThe ACL of an object is set at the object version level. By default, PUT sets the ACL of\n the current version of an object. To set the ACL of a different version, use the\n versionId subresource.
The following operations are related to PutObjectAcl:
\n CopyObject\n
\n\n GetObject\n
\nThe server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms).
The server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms, aws:kms:dsse).
If x-amz-server-side-encryption is has a valid value of\n aws:kms, this header specifies the ID of the Amazon Web Services Key Management Service\n (Amazon Web Services KMS) symmetric encryption customer managed key that was used for the object.
If x-amz-server-side-encryption has a valid value of aws:kms\n or aws:kms:dsse, this header specifies the ID of the Key Management Service (KMS)\n symmetric encryption customer managed key that was used for the object.
Indicates whether the uploaded object uses an S3 Bucket Key for server-side encryption\n with Amazon Web Services KMS (SSE-KMS).
", + "smithy.api#documentation": "Indicates whether the uploaded object uses an S3 Bucket Key for server-side encryption\n with Key Management Service (KMS) keys (SSE-KMS).
", "smithy.api#httpHeader": "x-amz-server-side-encryption-bucket-key-enabled" } }, @@ -31543,7 +33782,7 @@ "ServerSideEncryption": { "target": "com.amazonaws.s3#ServerSideEncryption", "traits": { - "smithy.api#documentation": "The server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms).
The server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms, aws:kms:dsse).
If x-amz-server-side-encryption has a valid value of aws:kms,\n this header specifies the ID of the Amazon Web Services Key Management Service (Amazon Web Services KMS) symmetric\n encryption customer managed key that was used for the object. If you specify\n x-amz-server-side-encryption:aws:kms, but do not provide\n x-amz-server-side-encryption-aws-kms-key-id, Amazon S3 uses the Amazon Web Services managed key to\n protect the data. If the KMS key does not exist in the same account issuing the command,\n you must use the full ARN and not just the ID.
If x-amz-server-side-encryption has a valid value of aws:kms\n or aws:kms:dsse, this header specifies the ID of the Key Management Service (KMS)\n symmetric encryption customer managed key that was used for the object. If you specify\n x-amz-server-side-encryption:aws:kms or\n x-amz-server-side-encryption:aws:kms:dsse, but do not provide\n x-amz-server-side-encryption-aws-kms-key-id, Amazon S3 uses the Amazon Web Services managed key\n (aws/s3) to protect the data. If the KMS key does not exist in the same\n account that's issuing the command, you must use the full ARN and not just the ID.
Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with\n server-side encryption using AWS KMS (SSE-KMS). Setting this header to true\n causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS.
Specifying this header with a PUT action doesn’t affect bucket-level settings for S3\n Bucket Key.
", + "smithy.api#documentation": "Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with\n server-side encryption using Key Management Service (KMS) keys (SSE-KMS). Setting this header to\n true causes Amazon S3 to use an S3 Bucket Key for object encryption with\n SSE-KMS.
Specifying this header with a PUT action doesn’t affect bucket-level settings for S3\n Bucket Key.
", "smithy.api#httpHeader": "x-amz-server-side-encryption-bucket-key-enabled" } }, @@ -31776,6 +34015,31 @@ "requestChecksumRequired": true }, "smithy.api#documentation": "Sets the supplied tag-set to an object that already exists in a bucket.
\nA tag is a key-value pair. You can associate tags with an object by sending a PUT\n request against the tagging subresource that is associated with the object. You can\n retrieve tags by sending a GET request. For more information, see GetObjectTagging.
\nFor tagging-related restrictions related to characters and encodings, see Tag\n Restrictions. Note that Amazon S3 limits the maximum number of tags to 10 tags per\n object.
\nTo use this operation, you must have permission to perform the\n s3:PutObjectTagging action. By default, the bucket owner has this\n permission and can grant this permission to others.
To put tags of any other version, use the versionId query parameter. You\n also need permission for the s3:PutObjectVersionTagging action.
For information about the Amazon S3 object tagging feature, see Object Tagging.
\n\n PutObjectTagging has the following special errors:
\n Code: InvalidTagError \n
\n\n Cause: The tag provided was not a valid tag. This error can occur\n if the tag did not pass input validation. For more information, see Object\n Tagging.\n
\n\n Code: MalformedXMLError \n
\n\n Cause: The XML provided does not match the schema.\n
\n\n Code: OperationAbortedError \n
\n\n Cause: A conflicting conditional action is currently in progress\n against this resource. Please try again.\n
\n\n Code: InternalError\n
\n\n Cause: The service was unable to apply the provided tag to the\n object.\n
\nThe following operations are related to PutObjectTagging:
\n GetObjectTagging\n
\n\n DeleteObjectTagging\n
\nRestores an archived copy of an object back into Amazon S3
\nThis action is not supported by Amazon S3 on Outposts.
\nThis action performs the following types of requests:
\n\n select - Perform a select query on an archived object
\n restore an archive - Restore an archived object
For more information about the S3 structure in the request body, see the\n following:
\n PutObject\n
\n\n Managing Access with ACLs in the\n Amazon S3 User Guide\n
\n\n Protecting Data Using\n Server-Side Encryption in the\n Amazon S3 User Guide\n
\nDefine the SQL expression for the SELECT type of restoration for your\n query in the request body's SelectParameters structure. You can use\n expressions like the following examples.
The following expression returns all records from the specified\n object.
\n\n SELECT * FROM Object\n
Assuming that you are not using any headers for data stored in the object,\n you can specify columns with positional headers.
\n\n SELECT s._1, s._2 FROM Object s WHERE s._3 > 100\n
If you have headers and you set the fileHeaderInfo in the\n CSV structure in the request body to USE, you can\n specify headers in the query. (If you set the fileHeaderInfo field\n to IGNORE, the first row is skipped for the query.) You cannot mix\n ordinal positions with header column names.
\n SELECT s.Id, s.FirstName, s.SSN FROM S3Object s\n
When making a select request, you can also do the following:
\nTo expedite your queries, specify the Expedited tier. For more\n information about tiers, see \"Restoring Archives,\" later in this topic.
Specify details about the data serialization format of both the input object that\n is being queried and the serialization of the CSV-encoded query results.
\nThe following are additional important facts about the select feature:
\nThe output results are new Amazon S3 objects. Unlike archive retrievals, they are\n stored until explicitly deleted-manually or through a lifecycle configuration.
\nYou can issue more than one select request on the same Amazon S3 object. Amazon S3 doesn't\n duplicate requests, so avoid issuing duplicate requests.
\n Amazon S3 accepts a select request even if the object has already been restored. A\n select request doesn’t return error response 409.
To use this operation, you must have permissions to perform the\n s3:RestoreObject action. The bucket owner has this permission by default\n and can grant this permission to others. For more information about permissions, see Permissions Related to Bucket Subresource Operations and Managing\n Access Permissions to Your Amazon S3 Resources in the\n Amazon S3 User Guide.
Objects that you archive to the S3 Glacier Flexible Retrieval or\n S3 Glacier Deep Archive storage class, and S3 Intelligent-Tiering Archive or\n S3 Intelligent-Tiering Deep Archive tiers, are not accessible in real time. For objects in the\n S3 Glacier Flexible Retrieval or S3 Glacier Deep Archive storage\n classes, you must first initiate a restore request, and then wait until a temporary copy of\n the object is available. If you want a permanent copy of the object, create a copy of it in\n the Amazon S3 Standard storage class in your S3 bucket. To access an archived object, you must\n restore the object for the duration (number of days) that you specify. For objects in the\n Archive Access or Deep Archive Access tiers of S3 Intelligent-Tiering, you must first\n initiate a restore request, and then wait until the object is moved into the Frequent\n Access tier.
\nTo restore a specific object version, you can provide a version ID. If you don't provide\n a version ID, Amazon S3 restores the current version.
\nWhen restoring an archived object, you can specify one of the following data access tier\n options in the Tier element of the request body:
\n Expedited - Expedited retrievals allow you to quickly access your\n data stored in the S3 Glacier Flexible Retrieval storage class or\n S3 Intelligent-Tiering Archive tier when occasional urgent requests for restoring archives\n are required. For all but the largest archived objects (250 MB+), data accessed using\n Expedited retrievals is typically made available within 1–5 minutes. Provisioned\n capacity ensures that retrieval capacity for Expedited retrievals is available when\n you need it. Expedited retrievals and provisioned capacity are not available for\n objects stored in the S3 Glacier Deep Archive storage class or\n S3 Intelligent-Tiering Deep Archive tier.
\n Standard - Standard retrievals allow you to access any of your\n archived objects within several hours. This is the default option for retrieval\n requests that do not specify the retrieval option. Standard retrievals typically\n finish within 3–5 hours for objects stored in the S3 Glacier Flexible\n Retrieval storage class or S3 Intelligent-Tiering Archive tier. They typically finish within\n 12 hours for objects stored in the S3 Glacier Deep Archive storage class or\n S3 Intelligent-Tiering Deep Archive tier. Standard retrievals are free for objects stored in\n S3 Intelligent-Tiering.
\n Bulk - Bulk retrievals free for objects stored in the S3 Glacier\n Flexible Retrieval and S3 Intelligent-Tiering storage classes, enabling you to\n retrieve large amounts, even petabytes, of data at no cost. Bulk retrievals typically\n finish within 5–12 hours for objects stored in the S3 Glacier\n Flexible Retrieval storage class or S3 Intelligent-Tiering Archive tier. Bulk retrievals are\n also the lowest-cost retrieval option when restoring objects from\n S3 Glacier Deep Archive. They typically finish within 48 hours for objects\n stored in the S3 Glacier Deep Archive storage class or S3 Intelligent-Tiering Deep Archive\n tier.
For more information about archive retrieval options and provisioned capacity for\n Expedited data access, see Restoring Archived Objects in\n the Amazon S3 User Guide.
You can use Amazon S3 restore speed upgrade to change the restore speed to a faster speed\n while it is in progress. For more information, see Upgrading the speed of an in-progress restore in the\n Amazon S3 User Guide.
\nTo get the status of object restoration, you can send a HEAD request.\n Operations return the x-amz-restore header, which provides information about\n the restoration status, in the response. You can use Amazon S3 event notifications to notify you\n when a restore is initiated or completed. For more information, see Configuring Amazon S3\n Event Notifications in the Amazon S3 User Guide.
After restoring an archived object, you can update the restoration period by reissuing\n the request with a new period. Amazon S3 updates the restoration period relative to the current\n time and charges only for the request-there are no data transfer charges. You cannot\n update the restoration period when Amazon S3 is actively processing your current restore request\n for the object.
\nIf your bucket has a lifecycle configuration with a rule that includes an expiration\n action, the object expiration overrides the life span that you specify in a restore\n request. For example, if you restore an object copy for 10 days, but the object is\n scheduled to expire in 3 days, Amazon S3 deletes the object in 3 days. For more information\n about lifecycle configuration, see PutBucketLifecycleConfiguration and Object Lifecycle Management\n in Amazon S3 User Guide.
\nA successful action returns either the 200 OK or 202 Accepted\n status code.
If the object is not previously restored, then Amazon S3 returns 202\n Accepted in the response.
If the object is previously restored, Amazon S3 returns 200 OK in the\n response.
Special errors:
\n\n Code: RestoreAlreadyInProgress\n
\n\n Cause: Object restore is already in progress. (This error does not\n apply to SELECT type requests.)\n
\n\n HTTP Status Code: 409 Conflict\n
\n\n SOAP Fault Code Prefix: Client\n
\n\n Code: GlacierExpeditedRetrievalNotAvailable\n
\n\n Cause: expedited retrievals are currently not available. Try again\n later. (Returned if there is insufficient capacity to process the Expedited\n request. This error applies only to Expedited retrievals and not to\n S3 Standard or Bulk retrievals.)\n
\n\n HTTP Status Code: 503\n
\n\n SOAP Fault Code Prefix: N/A\n
\nThe following operations are related to RestoreObject:
Restores an archived copy of an object back into Amazon S3
\nThis action is not supported by Amazon S3 on Outposts.
\nThis action performs the following types of requests:
\n\n select - Perform a select query on an archived object
\n restore an archive - Restore an archived object
For more information about the S3 structure in the request body, see the\n following:
\n PutObject\n
\n\n Managing Access with ACLs in the\n Amazon S3 User Guide\n
\n\n Protecting Data Using\n Server-Side Encryption in the\n Amazon S3 User Guide\n
\nDefine the SQL expression for the SELECT type of restoration for your\n query in the request body's SelectParameters structure. You can use\n expressions like the following examples.
The following expression returns all records from the specified\n object.
\n\n SELECT * FROM Object\n
Assuming that you are not using any headers for data stored in the object,\n you can specify columns with positional headers.
\n\n SELECT s._1, s._2 FROM Object s WHERE s._3 > 100\n
If you have headers and you set the fileHeaderInfo in the\n CSV structure in the request body to USE, you can\n specify headers in the query. (If you set the fileHeaderInfo field\n to IGNORE, the first row is skipped for the query.) You cannot mix\n ordinal positions with header column names.
\n SELECT s.Id, s.FirstName, s.SSN FROM S3Object s\n
When making a select request, you can also do the following:
\nTo expedite your queries, specify the Expedited tier. For more\n information about tiers, see \"Restoring Archives,\" later in this topic.
Specify details about the data serialization format of both the input object that\n is being queried and the serialization of the CSV-encoded query results.
\nThe following are additional important facts about the select feature:
\nThe output results are new Amazon S3 objects. Unlike archive retrievals, they are\n stored until explicitly deleted-manually or through a lifecycle configuration.
\nYou can issue more than one select request on the same Amazon S3 object. Amazon S3 doesn't\n duplicate requests, so avoid issuing duplicate requests.
\n Amazon S3 accepts a select request even if the object has already been restored. A\n select request doesn’t return error response 409.
To use this operation, you must have permissions to perform the\n s3:RestoreObject action. The bucket owner has this permission by default\n and can grant this permission to others. For more information about permissions, see Permissions Related to Bucket Subresource Operations and Managing\n Access Permissions to Your Amazon S3 Resources in the\n Amazon S3 User Guide.
Objects that you archive to the S3 Glacier Flexible Retrieval Flexible Retrieval or\n S3 Glacier Deep Archive storage class, and S3 Intelligent-Tiering Archive or\n S3 Intelligent-Tiering Deep Archive tiers, are not accessible in real time. For objects in the\n S3 Glacier Flexible Retrieval Flexible Retrieval or S3 Glacier Deep Archive storage\n classes, you must first initiate a restore request, and then wait until a temporary copy of\n the object is available. If you want a permanent copy of the object, create a copy of it in\n the Amazon S3 Standard storage class in your S3 bucket. To access an archived object, you must\n restore the object for the duration (number of days) that you specify. For objects in the\n Archive Access or Deep Archive Access tiers of S3 Intelligent-Tiering, you must first\n initiate a restore request, and then wait until the object is moved into the Frequent\n Access tier.
\nTo restore a specific object version, you can provide a version ID. If you don't provide\n a version ID, Amazon S3 restores the current version.
\nWhen restoring an archived object, you can specify one of the following data access tier\n options in the Tier element of the request body:
\n Expedited - Expedited retrievals allow you to quickly access your\n data stored in the S3 Glacier Flexible Retrieval Flexible Retrieval storage class or\n S3 Intelligent-Tiering Archive tier when occasional urgent requests for restoring archives\n are required. For all but the largest archived objects (250 MB+), data accessed using\n Expedited retrievals is typically made available within 1–5 minutes. Provisioned\n capacity ensures that retrieval capacity for Expedited retrievals is available when\n you need it. Expedited retrievals and provisioned capacity are not available for\n objects stored in the S3 Glacier Deep Archive storage class or\n S3 Intelligent-Tiering Deep Archive tier.
\n Standard - Standard retrievals allow you to access any of your\n archived objects within several hours. This is the default option for retrieval\n requests that do not specify the retrieval option. Standard retrievals typically\n finish within 3–5 hours for objects stored in the S3 Glacier Flexible Retrieval Flexible\n Retrieval storage class or S3 Intelligent-Tiering Archive tier. They typically finish within\n 12 hours for objects stored in the S3 Glacier Deep Archive storage class or\n S3 Intelligent-Tiering Deep Archive tier. Standard retrievals are free for objects stored in\n S3 Intelligent-Tiering.
\n Bulk - Bulk retrievals free for objects stored in the S3 Glacier\n Flexible Retrieval and S3 Intelligent-Tiering storage classes, enabling you to\n retrieve large amounts, even petabytes, of data at no cost. Bulk retrievals typically\n finish within 5–12 hours for objects stored in the S3 Glacier Flexible Retrieval\n Flexible Retrieval storage class or S3 Intelligent-Tiering Archive tier. Bulk retrievals are\n also the lowest-cost retrieval option when restoring objects from\n S3 Glacier Deep Archive. They typically finish within 48 hours for objects\n stored in the S3 Glacier Deep Archive storage class or S3 Intelligent-Tiering Deep Archive\n tier.
For more information about archive retrieval options and provisioned capacity for\n Expedited data access, see Restoring Archived Objects in\n the Amazon S3 User Guide.
You can use Amazon S3 restore speed upgrade to change the restore speed to a faster speed\n while it is in progress. For more information, see Upgrading the speed of an in-progress restore in the\n Amazon S3 User Guide.
\nTo get the status of object restoration, you can send a HEAD request.\n Operations return the x-amz-restore header, which provides information about\n the restoration status, in the response. You can use Amazon S3 event notifications to notify you\n when a restore is initiated or completed. For more information, see Configuring Amazon S3\n Event Notifications in the Amazon S3 User Guide.
After restoring an archived object, you can update the restoration period by reissuing\n the request with a new period. Amazon S3 updates the restoration period relative to the current\n time and charges only for the request-there are no data transfer charges. You cannot\n update the restoration period when Amazon S3 is actively processing your current restore request\n for the object.
\nIf your bucket has a lifecycle configuration with a rule that includes an expiration\n action, the object expiration overrides the life span that you specify in a restore\n request. For example, if you restore an object copy for 10 days, but the object is\n scheduled to expire in 3 days, Amazon S3 deletes the object in 3 days. For more information\n about lifecycle configuration, see PutBucketLifecycleConfiguration and Object Lifecycle Management\n in Amazon S3 User Guide.
\nA successful action returns either the 200 OK or 202 Accepted\n status code.
If the object is not previously restored, then Amazon S3 returns 202\n Accepted in the response.
If the object is previously restored, Amazon S3 returns 200 OK in the\n response.
Special errors:
\n\n Code: RestoreAlreadyInProgress\n
\n\n Cause: Object restore is already in progress. (This error does not\n apply to SELECT type requests.)\n
\n\n HTTP Status Code: 409 Conflict\n
\n\n SOAP Fault Code Prefix: Client\n
\n\n Code: GlacierExpeditedRetrievalNotAvailable\n
\n\n Cause: expedited retrievals are currently not available. Try again\n later. (Returned if there is insufficient capacity to process the Expedited\n request. This error applies only to Expedited retrievals and not to\n S3 Standard or Bulk retrievals.)\n
\n\n HTTP Status Code: 503\n
\n\n SOAP Fault Code Prefix: N/A\n
\nThe following operations are related to RestoreObject:
Specifies the ID of the Amazon Web Services Key Management Service (Amazon Web Services KMS) symmetric encryption\n customer managed key to use for encrypting inventory reports.
", + "smithy.api#documentation": "Specifies the ID of the Key Management Service (KMS) symmetric encryption customer managed key to use for\n encrypting inventory reports.
", "smithy.api#required": {} } } @@ -32808,7 +35089,7 @@ "target": "com.amazonaws.s3#SelectObjectContentOutput" }, "traits": { - "smithy.api#documentation": "This action filters the contents of an Amazon S3 object based on a simple structured query\n language (SQL) statement. In the request, along with the SQL expression, you must also\n specify a data serialization format (JSON, CSV, or Apache Parquet) of the object. Amazon S3 uses\n this format to parse object data into records, and returns only records that match the\n specified SQL expression. You must also specify the data serialization format for the\n response.
\nThis action is not supported by Amazon S3 on Outposts.
\nFor more information about Amazon S3 Select, see Selecting Content from\n Objects and SELECT\n Command in the Amazon S3 User Guide.
\n \nYou must have s3:GetObject permission for this operation. Amazon S3 Select does\n not support anonymous access. For more information about permissions, see Specifying\n Permissions in a Policy in the Amazon S3 User Guide.
You can use Amazon S3 Select to query objects that have the following format\n properties:
\n\n CSV, JSON, and Parquet - Objects must be in CSV, JSON, or\n Parquet format.
\n\n UTF-8 - UTF-8 is the only encoding type Amazon S3 Select\n supports.
\n\n GZIP or BZIP2 - CSV and JSON files can be compressed using\n GZIP or BZIP2. GZIP and BZIP2 are the only compression formats that Amazon S3 Select\n supports for CSV and JSON files. Amazon S3 Select supports columnar compression for\n Parquet using GZIP or Snappy. Amazon S3 Select does not support whole-object compression\n for Parquet objects.
\n\n Server-side encryption - Amazon S3 Select supports querying\n objects that are protected with server-side encryption.
\nFor objects that are encrypted with customer-provided encryption keys (SSE-C), you\n must use HTTPS, and you must use the headers that are documented in the GetObject. For more information about SSE-C, see Server-Side\n Encryption (Using Customer-Provided Encryption Keys) in the\n Amazon S3 User Guide.
\nFor objects that are encrypted with Amazon S3 managed keys (SSE-S3) and Amazon Web Services KMS keys\n (SSE-KMS), server-side encryption is handled transparently, so you don't need to\n specify anything. For more information about server-side encryption, including SSE-S3\n and SSE-KMS, see Protecting Data Using\n Server-Side Encryption in the Amazon S3 User Guide.
\nGiven the response size is unknown, Amazon S3 Select streams the response as a series of\n messages and includes a Transfer-Encoding header with chunked as\n its value in the response. For more information, see Appendix: SelectObjectContent\n Response.
The SelectObjectContent action does not support the following\n GetObject functionality. For more information, see GetObject.
\n Range: Although you can specify a scan range for an Amazon S3 Select request\n (see SelectObjectContentRequest - ScanRange in the request parameters),\n you cannot specify the range of bytes of an object to return.
GLACIER, DEEP_ARCHIVE and REDUCED_REDUNDANCY storage classes: You cannot specify\n the GLACIER, DEEP_ARCHIVE, or REDUCED_REDUNDANCY storage classes. For\n more information, about storage classes see Storage\n Classes in the Amazon S3 User Guide.
For a list of special errors for this operation, see List of\n SELECT Object Content Error Codes\n
\nThe following operations are related to SelectObjectContent:
\n GetObject\n
\nThis action filters the contents of an Amazon S3 object based on a simple structured query\n language (SQL) statement. In the request, along with the SQL expression, you must also\n specify a data serialization format (JSON, CSV, or Apache Parquet) of the object. Amazon S3 uses\n this format to parse object data into records, and returns only records that match the\n specified SQL expression. You must also specify the data serialization format for the\n response.
\nThis action is not supported by Amazon S3 on Outposts.
\nFor more information about Amazon S3 Select, see Selecting Content from\n Objects and SELECT\n Command in the Amazon S3 User Guide.
\n \nYou must have s3:GetObject permission for this operation. Amazon S3 Select does\n not support anonymous access. For more information about permissions, see Specifying\n Permissions in a Policy in the Amazon S3 User Guide.
You can use Amazon S3 Select to query objects that have the following format\n properties:
\n\n CSV, JSON, and Parquet - Objects must be in CSV, JSON, or\n Parquet format.
\n\n UTF-8 - UTF-8 is the only encoding type Amazon S3 Select\n supports.
\n\n GZIP or BZIP2 - CSV and JSON files can be compressed using\n GZIP or BZIP2. GZIP and BZIP2 are the only compression formats that Amazon S3 Select\n supports for CSV and JSON files. Amazon S3 Select supports columnar compression for\n Parquet using GZIP or Snappy. Amazon S3 Select does not support whole-object compression\n for Parquet objects.
\n\n Server-side encryption - Amazon S3 Select supports querying\n objects that are protected with server-side encryption.
\nFor objects that are encrypted with customer-provided encryption keys (SSE-C), you\n must use HTTPS, and you must use the headers that are documented in the GetObject. For more information about SSE-C, see Server-Side\n Encryption (Using Customer-Provided Encryption Keys) in the\n Amazon S3 User Guide.
\nFor objects that are encrypted with Amazon S3 managed keys (SSE-S3) and Amazon Web Services KMS keys\n (SSE-KMS), server-side encryption is handled transparently, so you don't need to\n specify anything. For more information about server-side encryption, including SSE-S3\n and SSE-KMS, see Protecting Data Using\n Server-Side Encryption in the Amazon S3 User Guide.
\nGiven the response size is unknown, Amazon S3 Select streams the response as a series of\n messages and includes a Transfer-Encoding header with chunked as\n its value in the response. For more information, see Appendix: SelectObjectContent\n Response.
The SelectObjectContent action does not support the following\n GetObject functionality. For more information, see GetObject.
\n Range: Although you can specify a scan range for an Amazon S3 Select request\n (see SelectObjectContentRequest - ScanRange in the request parameters),\n you cannot specify the range of bytes of an object to return.
The GLACIER, DEEP_ARCHIVE, and REDUCED_REDUNDANCY storage classes, or the ARCHIVE_ACCESS and \n DEEP_ARCHIVE_ACCESS access tiers of \n the INTELLIGENT_TIERING storage class: You cannot query objects in \n the GLACIER, DEEP_ARCHIVE, or REDUCED_REDUNDANCY storage classes, nor objects in the \n ARCHIVE_ACCESS or \n DEEP_ARCHIVE_ACCESS access tiers of \n the INTELLIGENT_TIERING storage class. For\n more information about storage classes, see Using Amazon S3 storage\n classes in the Amazon S3 User Guide.
For a list of special errors for this operation, see List of\n SELECT Object Content Error Codes\n
\nThe following operations are related to SelectObjectContent:
\n GetObject\n
\nThe server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms).
The server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms).
If present, specifies the ID of the Amazon Web Services Key Management Service (Amazon Web Services KMS) symmetric\n encryption customer managed key that was used for the object.
", + "smithy.api#documentation": "If present, specifies the ID of the Key Management Service (KMS) symmetric encryption customer managed key\n that was used for the object.
", "smithy.api#httpHeader": "x-amz-server-side-encryption-aws-kms-key-id" } }, @@ -33723,7 +36010,7 @@ "target": "com.amazonaws.s3#BucketKeyEnabled", "traits": { "smithy.api#default": false, - "smithy.api#documentation": "Indicates whether the multipart upload uses an S3 Bucket Key for server-side encryption\n with Amazon Web Services KMS (SSE-KMS).
", + "smithy.api#documentation": "Indicates whether the multipart upload uses an S3 Bucket Key for server-side encryption\n with Key Management Service (KMS) keys (SSE-KMS).
", "smithy.api#httpHeader": "x-amz-server-side-encryption-bucket-key-enabled" } }, @@ -33893,7 +36180,7 @@ "ServerSideEncryption": { "target": "com.amazonaws.s3#ServerSideEncryption", "traits": { - "smithy.api#documentation": "The server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms).
The server-side encryption algorithm used when storing this object in Amazon S3 (for example,\n AES256, aws:kms).
If present, specifies the ID of the Amazon Web Services Key Management Service (Amazon Web Services KMS) symmetric\n encryption customer managed key was used for the object.
", + "smithy.api#documentation": "If present, specifies the ID of the Key Management Service (KMS) symmetric encryption customer managed key\n was used for the object.
", "smithy.api#httpHeader": "x-amz-server-side-encryption-aws-kms-key-id" } }, @@ -33957,7 +36244,7 @@ "target": "com.amazonaws.s3#BucketKeyEnabled", "traits": { "smithy.api#default": false, - "smithy.api#documentation": "Indicates whether the multipart upload uses an S3 Bucket Key for server-side encryption\n with Amazon Web Services KMS (SSE-KMS).
", + "smithy.api#documentation": "Indicates whether the multipart upload uses an S3 Bucket Key for server-side encryption\n with Key Management Service (KMS) keys (SSE-KMS).
", "smithy.api#httpHeader": "x-amz-server-side-encryption-bucket-key-enabled" } }, diff --git a/codegen/sdk/aws-models/sagemaker.json b/codegen/sdk/aws-models/sagemaker.json index b110ed74984..b7a89b71c70 100644 --- a/codegen/sdk/aws-models/sagemaker.json +++ b/codegen/sdk/aws-models/sagemaker.json @@ -256,7 +256,7 @@ "target": "com.amazonaws.sagemaker#AddTagsOutput" }, "traits": { - "smithy.api#documentation": "Adds or overwrites one or more tags for the specified SageMaker resource. You can add\n tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform\n jobs, models, labeling jobs, work teams, endpoint configurations, and\n endpoints.
\nEach tag consists of a key and an optional value. Tag keys must be unique per\n resource. For more information about tags, see For more information, see Amazon Web Services Tagging Strategies.
\nTags that you add to a hyperparameter tuning job by calling this API are also\n added to any training jobs that the hyperparameter tuning job launches after you\n call this API, but not to training jobs that the hyperparameter tuning job launched\n before you called this API. To make sure that the tags associated with a\n hyperparameter tuning job are also added to all training jobs that the\n hyperparameter tuning job launches, add the tags when you first create the tuning\n job by specifying them in the Tags parameter of CreateHyperParameterTuningJob\n
Tags that you add to a SageMaker Studio Domain or User Profile by calling this API\n are also added to any Apps that the Domain or User Profile launches after you call\n this API, but not to Apps that the Domain or User Profile launched before you called\n this API. To make sure that the tags associated with a Domain or User Profile are\n also added to all Apps that the Domain or User Profile launches, add the tags when\n you first create the Domain or User Profile by specifying them in the\n Tags parameter of CreateDomain or CreateUserProfile.
Adds or overwrites one or more tags for the specified SageMaker resource. You can add\n tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform\n jobs, models, labeling jobs, work teams, endpoint configurations, and\n endpoints.
\nEach tag consists of a key and an optional value. Tag keys must be unique per\n resource. For more information about tags, see For more information, see Amazon Web Services Tagging Strategies.
\nTags that you add to a hyperparameter tuning job by calling this API are also\n added to any training jobs that the hyperparameter tuning job launches after you\n call this API, but not to training jobs that the hyperparameter tuning job launched\n before you called this API. To make sure that the tags associated with a\n hyperparameter tuning job are also added to all training jobs that the\n hyperparameter tuning job launches, add the tags when you first create the tuning\n job by specifying them in the Tags parameter of CreateHyperParameterTuningJob\n
Tags that you add to a SageMaker Studio Domain or User Profile by calling this API\n are also added to any Apps that the Domain or User Profile launches after you call\n this API, but not to Apps that the Domain or User Profile launched before you called\n this API. To make sure that the tags associated with a Domain or User Profile are\n also added to all Apps that the Domain or User Profile launches, add the tags when\n you first create the Domain or User Profile by specifying them in the\n Tags parameter of CreateDomain\n or CreateUserProfile.
Specifies the training algorithm to use in a CreateTrainingJob\n request.
\nFor more information about algorithms provided by SageMaker, see Algorithms. For\n information about using your own algorithms, see Using Your Own Algorithms with\n Amazon SageMaker.
" + "smithy.api#documentation": "Specifies the training algorithm to use in a CreateTrainingJob request.
\nFor more information about algorithms provided by SageMaker, see Algorithms. For\n information about using your own algorithms, see Using Your Own Algorithms with\n Amazon SageMaker.
" } }, "com.amazonaws.sagemaker#AlgorithmStatus": { @@ -1820,7 +1820,7 @@ "IncludeInferenceResponseIn": { "target": "com.amazonaws.sagemaker#AsyncNotificationTopicTypeList", "traits": { - "smithy.api#documentation": "The Amazon SNS topics where you want the inference response to be included.
\nThe inference response is included only if the response size is less than or equal to 128 KB.
\nThe Amazon SNS topics where you want the inference response to be included.
\nThe inference response is included only if the response size is less than or equal\n to 128 KB.
\nThe content type of the data from the input source. The following are the allowed\n content types for different problems:
\nImageClassification: image/png, image/jpeg,\n image/*\n
TextClassification: text/csv;header=present\n
The content type of the data from the input source. The following are the allowed\n content types for different problems:
\nImageClassification: image/png, image/jpeg, or\n image/*. The default value is image/*.
TextClassification: text/csv;header=present or x-application/vnd.amazon+parquet. \n The default value is text/csv;header=present.
The name and an example value of the hyperparameter that\n you want to use in Autotune. If Automatic model tuning (AMT) determines that your hyperparameter is eligible\n for Autotune, an optimal hyperparameter range is selected for you.
" + "smithy.api#documentation": "The name and an example value of the hyperparameter that you want to use in Autotune.\n If Automatic model tuning (AMT) determines that your hyperparameter is eligible for\n Autotune, an optimal hyperparameter range is selected for you.
" } }, "com.amazonaws.sagemaker#AutoParameters": { @@ -3397,7 +3397,7 @@ } }, "traits": { - "smithy.api#documentation": "A flag to indicate if you want to use Autotune to automatically find optimal values for\n the following fields:
\n\n ParameterRanges: The names and ranges of parameters that a hyperparameter\n tuning job can optimize.
\n\n ResourceLimits: The maximum resources that can be used for a training job.\n These resources include the maximum number of training jobs, the maximum runtime of a\n tuning job, and the maximum number of training jobs to run at the same time.
\n\n TrainingJobEarlyStoppingType: A flag that specifies whether or not to use\n early stopping for training jobs launched by a hyperparameter tuning job.
\n\n RetryStrategy: The number of times to retry a training job.
\n\n Strategy: Specifies how hyperparameter tuning chooses the combinations of\n hyperparameter values to use for the training jobs that it launches.
\n\n ConvergenceDetected: A flag to indicate that Automatic model tuning (AMT) has detected model\n convergence.
\nA flag to indicate if you want to use Autotune to automatically find optimal values\n for the following fields:
\n\n ParameterRanges: The names and ranges of parameters that a\n hyperparameter tuning job can optimize.
\n\n ResourceLimits: The maximum resources that can be used for a\n training job. These resources include the maximum number of training jobs, the\n maximum runtime of a tuning job, and the maximum number of training jobs to run\n at the same time.
\n\n TrainingJobEarlyStoppingType: A flag that specifies whether or not\n to use early stopping for training jobs launched by a hyperparameter tuning\n job.
\n\n RetryStrategy: The number of times to retry a training job.
\n\n Strategy: Specifies how hyperparameter tuning chooses the\n combinations of hyperparameter values to use for the training jobs that it\n launches.
\n\n ConvergenceDetected: A flag to indicate that Automatic model tuning\n (AMT) has detected model convergence.
\n(Optional) The input mode to use for the data channel in a training job. If you don't\n set a value for InputMode, SageMaker uses the value set for\n TrainingInputMode. Use this parameter to override the\n TrainingInputMode setting in a AlgorithmSpecification \n request when you have a channel that needs a different input mode from the training\n job's general setting. To download the data from Amazon Simple Storage Service (Amazon S3) to the provisioned ML\n storage volume, and mount the directory to a Docker volume, use File input\n mode. To stream data directly from Amazon S3 to the container, choose Pipe input\n mode.
To use a model for incremental training, choose File input model.
(Optional) The input mode to use for the data channel in a training job. If you don't\n set a value for InputMode, SageMaker uses the value set for\n TrainingInputMode. Use this parameter to override the\n TrainingInputMode setting in a AlgorithmSpecification request when you have a channel that needs a\n different input mode from the training job's general setting. To download the data from\n Amazon Simple Storage Service (Amazon S3) to the provisioned ML storage volume, and mount the directory to a\n Docker volume, use File input mode. To stream data directly from Amazon S3 to\n the container, choose Pipe input mode.
To use a model for incremental training, choose File input model.
The allowed input mode, either FILE or PIPE.
\nIn FILE mode, Amazon SageMaker copies the data from the input source onto the local\n Amazon Elastic Block Store (Amazon EBS) volumes before starting your training algorithm.\n This is the most commonly used input mode.
\nIn PIPE mode, Amazon SageMaker streams input data from the source directly to your\n algorithm without using the EBS volume.
", + "smithy.api#documentation": "The allowed input mode, either FILE or PIPE.
\nIn FILE mode, Amazon SageMaker copies the data from the input source onto the local Amazon\n Elastic Block Store (Amazon EBS) volumes before starting your training algorithm. This\n is the most commonly used input mode.
\nIn PIPE mode, Amazon SageMaker streams input data from the source directly to your algorithm\n without using the EBS volume.
", "smithy.api#required": {} } } @@ -5873,13 +5873,13 @@ "Image": { "target": "com.amazonaws.sagemaker#ContainerImage", "traits": { - "smithy.api#documentation": "The path where inference code is stored. This can be either in Amazon EC2 Container Registry or in a\n Docker registry that is accessible from the same VPC that you configure for your\n endpoint. If you are using your own custom algorithm instead of an algorithm provided by\n SageMaker, the inference code must meet SageMaker requirements. SageMaker supports both\n registry/repository[:tag] and registry/repository[@digest]\n image path formats. For more information, see Using Your Own Algorithms with\n Amazon SageMaker.\n
The model artifacts in an Amazon S3 bucket and the Docker image for inference container\n in Amazon EC2 Container Registry must be in the same region as the model or endpoint you are\n creating.
\nThe path where inference code is stored. This can be either in Amazon EC2 Container Registry or in a\n Docker registry that is accessible from the same VPC that you configure for your\n endpoint. If you are using your own custom algorithm instead of an algorithm provided by\n SageMaker, the inference code must meet SageMaker requirements. SageMaker supports both\n registry/repository[:tag] and registry/repository[@digest]\n image path formats. For more information, see Using Your Own Algorithms with\n Amazon SageMaker.
The model artifacts in an Amazon S3 bucket and the Docker image for inference container\n in Amazon EC2 Container Registry must be in the same region as the model or endpoint you are\n creating.
\nSpecifies whether the model container is in Amazon ECR or a private Docker registry\n accessible from your Amazon Virtual Private Cloud (VPC). For information about storing containers in a\n private Docker registry, see Use a\n Private Docker Registry for Real-Time Inference Containers.\n
\nThe model artifacts in an Amazon S3 bucket and the Docker image for inference container\n in Amazon EC2 Container Registry must be in the same region as the model or endpoint you are\n creating.
\nSpecifies whether the model container is in Amazon ECR or a private Docker registry\n accessible from your Amazon Virtual Private Cloud (VPC). For information about storing containers in a\n private Docker registry, see Use a\n Private Docker Registry for Real-Time Inference Containers.
\nThe model artifacts in an Amazon S3 bucket and the Docker image for inference container\n in Amazon EC2 Container Registry must be in the same region as the model or endpoint you are\n creating.
\nThe entity that creates and manages the required security groups for inter-app\n communication in VPCOnly mode. Required when\n CreateDomain.AppNetworkAccessType is VPCOnly and\n DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn is\n provided. If setting up the domain for use with RStudio, this value must be set to Service.
The entity that creates and manages the required security groups for inter-app\n communication in VPCOnly mode. Required when\n CreateDomain.AppNetworkAccessType is VPCOnly and\n DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn is\n provided. If setting up the domain for use with RStudio, this value must be set to\n Service.
Creates an endpoint using the endpoint configuration specified in the request. SageMaker\n uses the endpoint to provision resources and deploy models. You create the endpoint\n configuration with the CreateEndpointConfig API.
\nUse this API to deploy models using SageMaker hosting services.
\nFor an example that calls this method when deploying a model to SageMaker hosting services,\n see the Create Endpoint example notebook.\n
\n You must not delete an EndpointConfig that is in use by an endpoint\n that is live or while the UpdateEndpoint or CreateEndpoint\n operations are being performed on the endpoint. To update an endpoint, you must\n create a new EndpointConfig.
The endpoint name must be unique within an Amazon Web Services Region in your\n Amazon Web Services account.
\nWhen it receives the request, SageMaker creates the endpoint, launches the resources (ML\n compute instances), and deploys the model(s) on them.
\nWhen you call CreateEndpoint, a load call is made to DynamoDB to\n verify that your endpoint configuration exists. When you read data from a DynamoDB\n table supporting \n Eventually Consistent Reads\n , the response might not\n reflect the results of a recently completed write operation. The response might\n include some stale data. If the dependent entities are not yet in DynamoDB, this\n causes a validation error. If you repeat your read request after a short time, the\n response should return the latest data. So retry logic is recommended to handle\n these possible issues. We also recommend that customers call DescribeEndpointConfig before calling CreateEndpoint to minimize the potential impact of a DynamoDB eventually consistent read.
When SageMaker receives the request, it sets the endpoint status to\n Creating. After it creates the endpoint, it sets the status to\n InService. SageMaker can then process incoming requests for inferences. To\n check the status of an endpoint, use the DescribeEndpoint\n API.
If any of the models hosted at this endpoint get model data from an Amazon S3 location,\n SageMaker uses Amazon Web Services Security Token Service to download model artifacts from the\n S3 path you provided. Amazon Web Services STS is activated in your Amazon Web Services\n account by default. If you previously deactivated Amazon Web Services STS for a region,\n you need to reactivate Amazon Web Services STS for that region. For more information, see\n Activating and\n Deactivating Amazon Web Services STS in an Amazon Web Services Region in the\n Amazon Web Services Identity and Access Management User\n Guide.
\nTo add the IAM role policies for using this API operation, go to the IAM console, and choose\n Roles in the left navigation pane. Search the IAM role that you want to grant\n access to use the CreateEndpoint and CreateEndpointConfig API operations, add the following policies to\n the role.
\nOption 1: For a full SageMaker access, search and attach the\n AmazonSageMakerFullAccess policy.
Option 2: For granting a limited access to an IAM role, paste the\n following Action elements manually into the JSON file of the IAM role:
\n\n \"Action\": [\"sagemaker:CreateEndpoint\",\n \"sagemaker:CreateEndpointConfig\"]\n
\n \"Resource\": [\n
\n \"arn:aws:sagemaker:region:account-id:endpoint/endpointName\"\n
\n \"arn:aws:sagemaker:region:account-id:endpoint-config/endpointConfigName\"\n
\n ]\n
For more information, see SageMaker API\n Permissions: Actions, Permissions, and Resources\n Reference.
\nCreates an endpoint using the endpoint configuration specified in the request. SageMaker\n uses the endpoint to provision resources and deploy models. You create the endpoint\n configuration with the CreateEndpointConfig API.
\nUse this API to deploy models using SageMaker hosting services.
\nFor an example that calls this method when deploying a model to SageMaker hosting services,\n see the Create Endpoint example notebook.\n
\n You must not delete an EndpointConfig that is in use by an endpoint\n that is live or while the UpdateEndpoint or CreateEndpoint\n operations are being performed on the endpoint. To update an endpoint, you must\n create a new EndpointConfig.
The endpoint name must be unique within an Amazon Web Services Region in your\n Amazon Web Services account.
\nWhen it receives the request, SageMaker creates the endpoint, launches the resources (ML\n compute instances), and deploys the model(s) on them.
\nWhen you call CreateEndpoint, a load call is made to DynamoDB to verify that your\n endpoint configuration exists. When you read data from a DynamoDB table supporting\n \n Eventually Consistent Reads\n , the response might not\n reflect the results of a recently completed write operation. The response might\n include some stale data. If the dependent entities are not yet in DynamoDB, this\n causes a validation error. If you repeat your read request after a short time, the\n response should return the latest data. So retry logic is recommended to handle\n these possible issues. We also recommend that customers call DescribeEndpointConfig before calling CreateEndpoint to minimize the potential impact of a DynamoDB\n eventually consistent read.
When SageMaker receives the request, it sets the endpoint status to\n Creating. After it creates the endpoint, it sets the status to\n InService. SageMaker can then process incoming requests for inferences. To\n check the status of an endpoint, use the DescribeEndpoint API.
If any of the models hosted at this endpoint get model data from an Amazon S3 location,\n SageMaker uses Amazon Web Services Security Token Service to download model artifacts from the\n S3 path you provided. Amazon Web Services STS is activated in your Amazon Web Services\n account by default. If you previously deactivated Amazon Web Services STS for a region,\n you need to reactivate Amazon Web Services STS for that region. For more information, see\n Activating and\n Deactivating Amazon Web Services STS in an Amazon Web Services Region in the\n Amazon Web Services Identity and Access Management User\n Guide.
\nTo add the IAM role policies for using this API operation, go to the IAM console, and choose\n Roles in the left navigation pane. Search the IAM role that you want to grant\n access to use the CreateEndpoint and CreateEndpointConfig API operations, add the following policies to the\n role.
\nOption 1: For a full SageMaker access, search and attach the\n AmazonSageMakerFullAccess policy.
Option 2: For granting a limited access to an IAM role, paste the\n following Action elements manually into the JSON file of the IAM role:
\n\n \"Action\": [\"sagemaker:CreateEndpoint\",\n \"sagemaker:CreateEndpointConfig\"]\n
\n \"Resource\": [\n
\n \"arn:aws:sagemaker:region:account-id:endpoint/endpointName\"\n
\n \"arn:aws:sagemaker:region:account-id:endpoint-config/endpointConfigName\"\n
\n ]\n
For more information, see SageMaker API\n Permissions: Actions, Permissions, and Resources\n Reference.
\nCreates an endpoint configuration that SageMaker hosting services uses to deploy models. In\n the configuration, you identify one or more models, created using the\n CreateModel API, to deploy and the resources that you want SageMaker to\n provision. Then you call the CreateEndpoint API.
Use this API if you want to use SageMaker hosting services to deploy models into\n production.
\nIn the request, you define a ProductionVariant, for each model that you\n want to deploy. Each ProductionVariant parameter also describes the\n resources that you want SageMaker to provision. This includes the number and type of ML\n compute instances to deploy.
If you are hosting multiple models, you also assign a VariantWeight to\n specify how much traffic you want to allocate to each model. For example, suppose that\n you want to host two models, A and B, and you assign traffic weight 2 for model A and 1\n for model B. SageMaker distributes two-thirds of the traffic to Model A, and one-third to\n model B.
When you call CreateEndpoint, a load call is made to DynamoDB to\n verify that your endpoint configuration exists. When you read data from a DynamoDB\n table supporting \n Eventually Consistent Reads\n , the response might not\n reflect the results of a recently completed write operation. The response might\n include some stale data. If the dependent entities are not yet in DynamoDB, this\n causes a validation error. If you repeat your read request after a short time, the\n response should return the latest data. So retry logic is recommended to handle\n these possible issues. We also recommend that customers call DescribeEndpointConfig before calling CreateEndpoint to minimize the potential impact of a DynamoDB eventually consistent read.
Creates an endpoint configuration that SageMaker hosting services uses to deploy models. In\n the configuration, you identify one or more models, created using the\n CreateModel API, to deploy and the resources that you want SageMaker to\n provision. Then you call the CreateEndpoint\n API.
Use this API if you want to use SageMaker hosting services to deploy models into\n production.
\nIn the request, you define a ProductionVariant, for each model that you\n want to deploy. Each ProductionVariant parameter also describes the\n resources that you want SageMaker to provision. This includes the number and type of ML\n compute instances to deploy.
If you are hosting multiple models, you also assign a VariantWeight to\n specify how much traffic you want to allocate to each model. For example, suppose that\n you want to host two models, A and B, and you assign traffic weight 2 for model A and 1\n for model B. SageMaker distributes two-thirds of the traffic to Model A, and one-third to\n model B.
When you call CreateEndpoint, a load call is made to DynamoDB to verify that your\n endpoint configuration exists. When you read data from a DynamoDB table supporting\n \n Eventually Consistent Reads\n , the response might not\n reflect the results of a recently completed write operation. The response might\n include some stale data. If the dependent entities are not yet in DynamoDB, this\n causes a validation error. If you repeat your read request after a short time, the\n response should return the latest data. So retry logic is recommended to handle\n these possible issues. We also recommend that customers call DescribeEndpointConfig before calling CreateEndpoint to minimize the potential impact of a DynamoDB\n eventually consistent read.
The name of the endpoint.The name must be unique within an Amazon Web Services\n Region in your Amazon Web Services account. The name is case-insensitive in\n CreateEndpoint, but the case is preserved and must be matched in InvokeEndpoint.
The name of the endpoint.The name must be unique within an Amazon Web Services\n Region in your Amazon Web Services account. The name is case-insensitive in\n CreateEndpoint, but the case is preserved and must be matched in InvokeEndpoint.
The HyperParameterTuningJobConfig object that describes the tuning\n job, including the search strategy, the objective metric used to evaluate training jobs,\n ranges of parameters to search, and resource limits for the tuning job. For more\n information, see How\n Hyperparameter Tuning Works.
", + "smithy.api#documentation": "The HyperParameterTuningJobConfig object that describes the tuning job,\n including the search strategy, the objective metric used to evaluate training jobs,\n ranges of parameters to search, and resource limits for the tuning job. For more\n information, see How\n Hyperparameter Tuning Works.
", "smithy.api#required": {} } }, "TrainingJobDefinition": { "target": "com.amazonaws.sagemaker#HyperParameterTrainingJobDefinition", "traits": { - "smithy.api#documentation": "The HyperParameterTrainingJobDefinition object that describes the\n training jobs that this tuning job launches, including static hyperparameters, input\n data configuration, output data configuration, resource configuration, and stopping\n condition.
" + "smithy.api#documentation": "The HyperParameterTrainingJobDefinition object that describes the training jobs\n that this tuning job launches, including static hyperparameters, input data\n configuration, output data configuration, resource configuration, and stopping\n condition.
" } }, "TrainingJobDefinitions": { "target": "com.amazonaws.sagemaker#HyperParameterTrainingJobDefinitions", "traits": { - "smithy.api#documentation": "A list of the HyperParameterTrainingJobDefinition objects launched\n for this tuning job.
" + "smithy.api#documentation": "A list of the HyperParameterTrainingJobDefinition objects launched for this tuning\n job.
" } }, "WarmStartConfig": { @@ -8158,7 +8158,7 @@ "Autotune": { "target": "com.amazonaws.sagemaker#Autotune", "traits": { - "smithy.api#documentation": "Configures SageMaker Automatic model tuning (AMT) to automatically find optimal parameters\n for the following fields:
\n\n ParameterRanges: The names and ranges of parameters that a hyperparameter\n tuning job can optimize.
\n\n ResourceLimits: The maximum resources that can be used for a training job.\n These resources include the maximum number of training jobs, the maximum runtime of a\n tuning job, and the maximum number of training jobs to run at the same time.
\n\n TrainingJobEarlyStoppingType: A flag that specifies whether or not to use\n early stopping for training jobs launched by a hyperparameter tuning job.
\n\n RetryStrategy: The number of times to retry a training job.
\n\n Strategy: Specifies how hyperparameter tuning chooses the combinations of\n hyperparameter values to use for the training jobs that it launches.
\n\n ConvergenceDetected: A flag to indicate that Automatic model tuning (AMT) has detected model\n convergence.
\nConfigures SageMaker Automatic model tuning (AMT) to automatically find optimal\n parameters for the following fields:
\n\n ParameterRanges: The names and ranges of parameters that a\n hyperparameter tuning job can optimize.
\n\n ResourceLimits: The maximum resources that can be used for a\n training job. These resources include the maximum number of training jobs, the\n maximum runtime of a tuning job, and the maximum number of training jobs to run\n at the same time.
\n\n TrainingJobEarlyStoppingType: A flag that specifies whether or not\n to use early stopping for training jobs launched by a hyperparameter tuning\n job.
\n\n RetryStrategy: The number of times to retry a training job.
\n\n Strategy: Specifies how hyperparameter tuning chooses the\n combinations of hyperparameter values to use for the training jobs that it\n launches.
\n\n ConvergenceDetected: A flag to indicate that Automatic model tuning\n (AMT) has detected model convergence.
\nA VpcConfig object that specifies the VPC that you want your model\n to connect to. Control access to and from your model container by configuring the VPC.\n VpcConfig is used in hosting services and in batch transform. For more\n information, see Protect Endpoints by Using an Amazon Virtual Private Cloud and Protect Data in Batch\n Transform Jobs by Using an Amazon Virtual Private Cloud.
A VpcConfig object that specifies the VPC that you want your model to connect\n to. Control access to and from your model container by configuring the VPC.\n VpcConfig is used in hosting services and in batch transform. For more\n information, see Protect Endpoints by Using an Amazon Virtual Private Cloud and Protect Data in Batch\n Transform Jobs by Using an Amazon Virtual Private Cloud.
Returns a URL that you can use to connect to the Jupyter server from a notebook\n instance. In the SageMaker console, when you choose Open next to a notebook\n instance, SageMaker opens a new tab showing the Jupyter server home page from the notebook\n instance. The console uses this API to get the URL and show the page.
The IAM role or user used to call this API defines the permissions to access the\n notebook instance. Once the presigned URL is created, no additional permission is\n required to access this URL. IAM authorization policies for this API are also enforced\n for every HTTP request and WebSocket frame that attempts to connect to the notebook\n instance.
\nYou can restrict access to this API and to the URL that it returns to a list of IP\n addresses that you specify. Use the NotIpAddress condition operator and the\n aws:SourceIP condition context key to specify the list of IP addresses\n that you want to have access to the notebook instance. For more information, see Limit Access to a Notebook Instance by IP Address.
The URL that you get from a call to CreatePresignedNotebookInstanceUrl is valid only for 5 minutes. If\n you try to use the URL after the 5-minute limit expires, you are directed to the\n Amazon Web Services console sign-in page.
\nReturns a URL that you can use to connect to the Jupyter server from a notebook\n instance. In the SageMaker console, when you choose Open next to a notebook\n instance, SageMaker opens a new tab showing the Jupyter server home page from the notebook\n instance. The console uses this API to get the URL and show the page.
The IAM role or user used to call this API defines the permissions to access the\n notebook instance. Once the presigned URL is created, no additional permission is\n required to access this URL. IAM authorization policies for this API are also enforced\n for every HTTP request and WebSocket frame that attempts to connect to the notebook\n instance.
\nYou can restrict access to this API and to the URL that it returns to a list of IP\n addresses that you specify. Use the NotIpAddress condition operator and the\n aws:SourceIP condition context key to specify the list of IP addresses\n that you want to have access to the notebook instance. For more information, see Limit Access to a Notebook Instance by IP Address.
The URL that you get from a call to CreatePresignedNotebookInstanceUrl is valid only for 5 minutes. If you\n try to use the URL after the 5-minute limit expires, you are directed to the Amazon Web Services console sign-in page.
\nThe registry path of the Docker image that contains the training algorithm and\n algorithm-specific metadata, including the input mode. For more information about\n algorithms provided by SageMaker, see Algorithms. For information about\n providing your own algorithms, see Using Your Own Algorithms with Amazon SageMaker.\n
", + "smithy.api#documentation": "The registry path of the Docker image that contains the training algorithm and\n algorithm-specific metadata, including the input mode. For more information about\n algorithms provided by SageMaker, see Algorithms. For information about\n providing your own algorithms, see Using Your Own Algorithms with\n Amazon SageMaker.
", "smithy.api#required": {} } }, @@ -10305,7 +10305,7 @@ "InputDataConfig": { "target": "com.amazonaws.sagemaker#InputDataConfig", "traits": { - "smithy.api#documentation": "An array of Channel objects. Each channel is a named input source.\n InputDataConfig describes the input data and its location.
Algorithms can accept input data from one or more channels. For example, an\n algorithm might have two channels of input data, training_data and\n validation_data. The configuration for each channel provides the S3,\n EFS, or FSx location where the input data is stored. It also provides information about\n the stored data: the MIME type, compression method, and whether the data is wrapped in\n RecordIO format.
Depending on the input mode that the algorithm supports, SageMaker either copies input\n data files from an S3 bucket to a local directory in the Docker container, or makes it\n available as input streams. For example, if you specify an EFS location, input data\n files are available as input streams. They do not need to be downloaded.
\nYour input must be in the same Amazon Web Services region as your training job.
" + "smithy.api#documentation": "An array of Channel objects. Each channel is a named input source.\n InputDataConfig describes the input data and its location.
Algorithms can accept input data from one or more channels. For example, an\n algorithm might have two channels of input data, training_data and\n validation_data. The configuration for each channel provides the S3,\n EFS, or FSx location where the input data is stored. It also provides information about\n the stored data: the MIME type, compression method, and whether the data is wrapped in\n RecordIO format.
Depending on the input mode that the algorithm supports, SageMaker either copies input\n data files from an S3 bucket to a local directory in the Docker container, or makes it\n available as input streams. For example, if you specify an EFS location, input data\n files are available as input streams. They do not need to be downloaded.
\nYour input must be in the same Amazon Web Services region as your training\n job.
" } }, "OutputDataConfig": { @@ -10325,7 +10325,7 @@ "VpcConfig": { "target": "com.amazonaws.sagemaker#VpcConfig", "traits": { - "smithy.api#documentation": "A VpcConfig object that specifies the VPC that you want your\n training job to connect to. Control access to and from your training container by\n configuring the VPC. For more information, see Protect Training Jobs by Using an Amazon\n Virtual Private Cloud.
" + "smithy.api#documentation": "A VpcConfig object that specifies the VPC that you want your training job to\n connect to. Control access to and from your training container by configuring the VPC.\n For more information, see Protect Training Jobs by Using an Amazon\n Virtual Private Cloud.
" } }, "StoppingCondition": { @@ -15586,7 +15586,7 @@ "KmsKeyId": { "target": "com.amazonaws.sagemaker#KmsKeyId", "traits": { - "smithy.api#documentation": "Amazon Web Services KMS key ID Amazon SageMaker uses to encrypt data when storing it on\n the ML storage volume attached to the instance.
" + "smithy.api#documentation": "Amazon Web Services KMS key ID Amazon SageMaker uses to encrypt data when storing it on the ML\n storage volume attached to the instance.
" } }, "CreationTime": { @@ -15661,7 +15661,7 @@ "ProductionVariants": { "target": "com.amazonaws.sagemaker#ProductionVariantSummaryList", "traits": { - "smithy.api#documentation": "An array of ProductionVariantSummary objects, one for each model\n hosted behind this endpoint.
" + "smithy.api#documentation": "An array of ProductionVariantSummary objects, one for each model hosted behind this\n endpoint.
" } }, "DataCaptureConfig": { @@ -15670,7 +15670,7 @@ "EndpointStatus": { "target": "com.amazonaws.sagemaker#EndpointStatus", "traits": { - "smithy.api#documentation": "The status of the endpoint.
\n\n OutOfService: Endpoint is not available to take incoming\n requests.
\n Creating: CreateEndpoint is executing.
\n Updating: UpdateEndpoint or UpdateEndpointWeightsAndCapacities is executing.
\n SystemUpdating: Endpoint is undergoing maintenance and cannot be\n updated or deleted or re-scaled until it has completed. This maintenance\n operation does not change any customer-specified values such as VPC config, KMS\n encryption, model, instance type, or instance count.
\n RollingBack: Endpoint fails to scale up or down or change its\n variant weight and is in the process of rolling back to its previous\n configuration. Once the rollback completes, endpoint returns to an\n InService status. This transitional status only applies to an\n endpoint that has autoscaling enabled and is undergoing variant weight or\n capacity changes as part of an UpdateEndpointWeightsAndCapacities call or when the UpdateEndpointWeightsAndCapacities operation is called\n explicitly.
\n InService: Endpoint is available to process incoming\n requests.
\n Deleting: DeleteEndpoint is executing.
\n Failed: Endpoint could not be created, updated, or re-scaled. Use the \n FailureReason value returned by DescribeEndpoint for information about\n the failure. DeleteEndpoint is the only operation that can be\n performed on a failed endpoint.
The status of the endpoint.
\n\n OutOfService: Endpoint is not available to take incoming\n requests.
\n Creating: CreateEndpoint is executing.
\n Updating: UpdateEndpoint or UpdateEndpointWeightsAndCapacities is executing.
\n SystemUpdating: Endpoint is undergoing maintenance and cannot be\n updated or deleted or re-scaled until it has completed. This maintenance\n operation does not change any customer-specified values such as VPC config, KMS\n encryption, model, instance type, or instance count.
\n RollingBack: Endpoint fails to scale up or down or change its\n variant weight and is in the process of rolling back to its previous\n configuration. Once the rollback completes, endpoint returns to an\n InService status. This transitional status only applies to an\n endpoint that has autoscaling enabled and is undergoing variant weight or\n capacity changes as part of an UpdateEndpointWeightsAndCapacities call or when the UpdateEndpointWeightsAndCapacities operation is called\n explicitly.
\n InService: Endpoint is available to process incoming\n requests.
\n Deleting: DeleteEndpoint is executing.
\n Failed: Endpoint could not be created, updated, or re-scaled. Use\n the FailureReason value returned by DescribeEndpoint for information about the failure. DeleteEndpoint is the only operation that can be performed on a\n failed endpoint.
An array of ProductionVariantSummary objects, one for each model\n that you want to host at this endpoint in shadow mode with production traffic replicated\n from the model specified on ProductionVariants.
An array of ProductionVariantSummary objects, one for each model that you want to host\n at this endpoint in shadow mode with production traffic replicated from the model\n specified on ProductionVariants.
The HyperParameterTuningJobConfig object that specifies the\n configuration of the tuning job.
", + "smithy.api#documentation": "The HyperParameterTuningJobConfig object that specifies the configuration of\n the tuning job.
", "smithy.api#required": {} } }, "TrainingJobDefinition": { "target": "com.amazonaws.sagemaker#HyperParameterTrainingJobDefinition", "traits": { - "smithy.api#documentation": "The HyperParameterTrainingJobDefinition object that specifies the\n definition of the training jobs that this tuning job launches.
" + "smithy.api#documentation": "The HyperParameterTrainingJobDefinition object that specifies the definition of\n the training jobs that this tuning job launches.
" } }, "TrainingJobDefinitions": { "target": "com.amazonaws.sagemaker#HyperParameterTrainingJobDefinitions", "traits": { - "smithy.api#documentation": "A list of the HyperParameterTrainingJobDefinition objects launched\n for this tuning job.
" + "smithy.api#documentation": "A list of the HyperParameterTrainingJobDefinition objects launched for this tuning\n job.
" } }, "HyperParameterTuningJobStatus": { @@ -16627,27 +16627,27 @@ "TrainingJobStatusCounters": { "target": "com.amazonaws.sagemaker#TrainingJobStatusCounters", "traits": { - "smithy.api#documentation": "The TrainingJobStatusCounters object that specifies the number of\n training jobs, categorized by status, that this tuning job launched.
", + "smithy.api#documentation": "The TrainingJobStatusCounters object that specifies the number of training\n jobs, categorized by status, that this tuning job launched.
", "smithy.api#required": {} } }, "ObjectiveStatusCounters": { "target": "com.amazonaws.sagemaker#ObjectiveStatusCounters", "traits": { - "smithy.api#documentation": "The ObjectiveStatusCounters object that specifies the number of\n training jobs, categorized by the status of their final objective metric, that this\n tuning job launched.
", + "smithy.api#documentation": "The ObjectiveStatusCounters object that specifies the number of training jobs,\n categorized by the status of their final objective metric, that this tuning job\n launched.
", "smithy.api#required": {} } }, "BestTrainingJob": { "target": "com.amazonaws.sagemaker#HyperParameterTrainingJobSummary", "traits": { - "smithy.api#documentation": "A TrainingJobSummary object that describes the training job that\n completed with the best current HyperParameterTuningJobObjective.
" + "smithy.api#documentation": "A TrainingJobSummary object that describes the training job that completed\n with the best current HyperParameterTuningJobObjective.
" } }, "OverallBestTrainingJob": { "target": "com.amazonaws.sagemaker#HyperParameterTrainingJobSummary", "traits": { - "smithy.api#documentation": "If the hyperparameter tuning job is an warm start tuning job with a\n WarmStartType of IDENTICAL_DATA_AND_ALGORITHM, this is the\n TrainingJobSummary for the training job with the best objective\n metric value of all training jobs launched by this tuning job and all parent jobs\n specified for the warm start tuning job.
If the hyperparameter tuning job is an warm start tuning job with a\n WarmStartType of IDENTICAL_DATA_AND_ALGORITHM, this is the\n TrainingJobSummary for the training job with the best objective metric\n value of all training jobs launched by this tuning job and all parent jobs specified for\n the warm start tuning job.
A VpcConfig object that specifies the VPC that this model has access\n to. For more information, see Protect Endpoints by Using an Amazon Virtual\n Private Cloud\n
" + "smithy.api#documentation": "A VpcConfig object that specifies the VPC that this model has access to. For\n more information, see Protect Endpoints by Using an Amazon Virtual\n Private Cloud\n
" } }, "CreationTime": { @@ -18889,7 +18889,7 @@ "AcceleratorTypes": { "target": "com.amazonaws.sagemaker#NotebookInstanceAcceleratorTypes", "traits": { - "smithy.api#documentation": "A list of the Elastic Inference (EI) instance types associated with this notebook\n instance. Currently only one EI instance type can be associated with a notebook\n instance. For more information, see Using Elastic Inference in Amazon SageMaker.
" + "smithy.api#documentation": "A list of the Elastic Inference (EI) instance types associated with this notebook\n instance. Currently only one EI instance type can be associated with a notebook\n instance. For more information, see Using Elastic Inference in\n Amazon SageMaker.
" } }, "DefaultCodeRepository": { @@ -19111,7 +19111,7 @@ "PipelineName": { "target": "com.amazonaws.sagemaker#PipelineNameOrArn", "traits": { - "smithy.api#documentation": "The name of the pipeline to describe.
", + "smithy.api#documentation": "The name or Amazon Resource Name (ARN) of the pipeline to describe.
", "smithy.api#required": {} } } @@ -19919,7 +19919,7 @@ "VpcConfig": { "target": "com.amazonaws.sagemaker#VpcConfig", "traits": { - "smithy.api#documentation": "A VpcConfig object that specifies the VPC that this training job has\n access to. For more information, see Protect Training Jobs by Using an Amazon\n Virtual Private Cloud.
" + "smithy.api#documentation": "A VpcConfig object that specifies the VPC that this training job has access\n to. For more information, see Protect Training Jobs by Using an Amazon\n Virtual Private Cloud.
" } }, "StoppingCondition": { @@ -21556,7 +21556,7 @@ "RStudioServerProDomainSettingsForUpdate": { "target": "com.amazonaws.sagemaker#RStudioServerProDomainSettingsForUpdate", "traits": { - "smithy.api#documentation": "A collection of RStudioServerPro Domain-level app settings to\n update. A single RStudioServerPro application is created for a domain.
A collection of RStudioServerPro Domain-level app settings to update. A\n single RStudioServerPro application is created for a domain.
The status of the endpoint.
\n\n OutOfService: Endpoint is not available to take incoming\n requests.
\n Creating: CreateEndpoint is executing.
\n Updating: UpdateEndpoint or UpdateEndpointWeightsAndCapacities is executing.
\n SystemUpdating: Endpoint is undergoing maintenance and cannot be\n updated or deleted or re-scaled until it has completed. This maintenance\n operation does not change any customer-specified values such as VPC config, KMS\n encryption, model, instance type, or instance count.
\n RollingBack: Endpoint fails to scale up or down or change its\n variant weight and is in the process of rolling back to its previous\n configuration. Once the rollback completes, endpoint returns to an\n InService status. This transitional status only applies to an\n endpoint that has autoscaling enabled and is undergoing variant weight or\n capacity changes as part of an UpdateEndpointWeightsAndCapacities call or when the UpdateEndpointWeightsAndCapacities operation is called\n explicitly.
\n InService: Endpoint is available to process incoming\n requests.
\n Deleting: DeleteEndpoint is executing.
\n Failed: Endpoint could not be created, updated, or re-scaled. Use\n DescribeEndpointOutput$FailureReason for information about\n the failure. DeleteEndpoint is the only operation that can be\n performed on a failed endpoint.
To get a list of endpoints with a specified status, use the StatusEquals\n filter with a call to ListEndpoints.
The status of the endpoint.
\n\n OutOfService: Endpoint is not available to take incoming\n requests.
\n Creating: CreateEndpoint is executing.
\n Updating: UpdateEndpoint or UpdateEndpointWeightsAndCapacities is executing.
\n SystemUpdating: Endpoint is undergoing maintenance and cannot be\n updated or deleted or re-scaled until it has completed. This maintenance\n operation does not change any customer-specified values such as VPC config, KMS\n encryption, model, instance type, or instance count.
\n RollingBack: Endpoint fails to scale up or down or change its\n variant weight and is in the process of rolling back to its previous\n configuration. Once the rollback completes, endpoint returns to an\n InService status. This transitional status only applies to an\n endpoint that has autoscaling enabled and is undergoing variant weight or\n capacity changes as part of an UpdateEndpointWeightsAndCapacities call or when the UpdateEndpointWeightsAndCapacities operation is called\n explicitly.
\n InService: Endpoint is available to process incoming\n requests.
\n Deleting: DeleteEndpoint is executing.
\n Failed: Endpoint could not be created, updated, or re-scaled. Use\n DescribeEndpointOutput$FailureReason for information about the\n failure. DeleteEndpoint is the only operation that can be performed on a\n failed endpoint.
To get a list of endpoints with a specified status, use the StatusEquals\n filter with a call to ListEndpoints.
Shows the latest objective metric emitted by a training job that was launched by a\n hyperparameter tuning job. You define the objective metric in the\n HyperParameterTuningJobObjective parameter of HyperParameterTuningJobConfig.
Shows the latest objective metric emitted by a training job that was launched by a\n hyperparameter tuning job. You define the objective metric in the\n HyperParameterTuningJobObjective parameter of HyperParameterTuningJobConfig.
The registry path of the Docker image that contains the training algorithm. For\n information about Docker registry paths for built-in algorithms, see Algorithms\n Provided by Amazon SageMaker: Common Parameters. SageMaker supports both\n registry/repository[:tag] and registry/repository[@digest]\n image path formats. For more information, see Using Your Own Algorithms with\n Amazon SageMaker.
The registry path of the Docker image that contains the training algorithm. For\n information about Docker registry paths for built-in algorithms, see Algorithms\n Provided by Amazon SageMaker: Common Parameters. SageMaker supports both\n registry/repository[:tag] and registry/repository[@digest]\n image path formats. For more information, see Using Your Own Algorithms with\n Amazon SageMaker.
An array of Channel objects that specify\n the\n input for the training jobs that the tuning job launches.
" + "smithy.api#documentation": "An array of Channel objects that\n specify\n the\n input for the training jobs that the tuning job launches.
" } }, "VpcConfig": { "target": "com.amazonaws.sagemaker#VpcConfig", "traits": { - "smithy.api#documentation": "The VpcConfig object that specifies the VPC that you want the\n training jobs that this hyperparameter tuning job launches to connect to. Control access\n to and from your training container by configuring the VPC. For more information, see\n Protect\n Training Jobs by Using an Amazon Virtual Private Cloud.
" + "smithy.api#documentation": "The VpcConfig object that specifies the VPC that you want the training jobs\n that this hyperparameter tuning job launches to connect to. Control access to and from\n your training container by configuring the VPC. For more information, see Protect Training Jobs\n by Using an Amazon Virtual Private Cloud.
" } }, "OutputDataConfig": { @@ -25799,7 +25799,7 @@ "Environment": { "target": "com.amazonaws.sagemaker#HyperParameterTrainingJobEnvironmentMap", "traits": { - "smithy.api#documentation": "An environment variable that you can pass into the SageMaker CreateTrainingJob API. You can use an existing environment variable from the training container or use your own. See\n Define metrics\n and variables for more information.
\nThe maximum number of items specified for Map Entries refers to the\n maximum number of environment variables for each TrainingJobDefinition\n and also the maximum for the hyperparameter tuning job itself. That is, the sum of\n the number of environment variables for all the training job definitions can't\n exceed the maximum number specified.
An environment variable that you can pass into the SageMaker CreateTrainingJob API. You can use an existing environment variable from the training container or use your own. See\n Define metrics and variables for more information.
\nThe maximum number of items specified for Map Entries refers to the\n maximum number of environment variables for each TrainingJobDefinition\n and also the maximum for the hyperparameter tuning job itself. That is, the sum of\n the number of environment variables for all the training job definitions can't\n exceed the maximum number specified.
The FinalHyperParameterTuningJobObjectiveMetric object that\n specifies the\n value\n of the\n objective\n metric of the tuning job that launched this training job.
" + "smithy.api#documentation": "The FinalHyperParameterTuningJobObjectiveMetric object that specifies the\n value\n of the\n objective\n metric of the tuning job that launched this training job.
" } }, "ObjectiveStatus": { @@ -25980,7 +25980,7 @@ "target": "com.amazonaws.sagemaker#TrainingInstanceCount", "traits": { "smithy.api#default": 0, - "smithy.api#documentation": "The number of instances of the type specified by InstanceType. Choose an\n instance count larger than 1 for distributed training algorithms. See SageMaker distributed training\n jobs for more information.
The number of instances of the type specified by InstanceType. Choose an\n instance count larger than 1 for distributed training algorithms. See Step 2:\n Launch a SageMaker Distributed Training Job Using the SageMaker Python SDK for more information.
The HyperParameterTuningJobObjective specifies the objective metric\n used to evaluate the performance of training jobs launched by this tuning job.
" + "smithy.api#documentation": "The HyperParameterTuningJobObjective specifies the objective metric used to\n evaluate the performance of training jobs launched by this tuning job.
" } }, "ResourceLimits": { "target": "com.amazonaws.sagemaker#ResourceLimits", "traits": { - "smithy.api#documentation": "The ResourceLimits object that specifies the maximum number of\n training and parallel training jobs that can be used for this hyperparameter tuning\n job.
", + "smithy.api#documentation": "The ResourceLimits\n object that specifies the maximum number of training and parallel training jobs that can\n be used for this hyperparameter tuning job.
", "smithy.api#required": {} } }, "ParameterRanges": { "target": "com.amazonaws.sagemaker#ParameterRanges", "traits": { - "smithy.api#documentation": "The ParameterRanges object that specifies the ranges of\n hyperparameters that this tuning job searches over to find the optimal configuration for\n the highest model performance against your chosen objective metric.
" + "smithy.api#documentation": "The ParameterRanges\n object that specifies the ranges of hyperparameters that this tuning job searches over\n to find the optimal configuration for the highest model performance against your chosen\n objective metric.
" } }, "TrainingJobEarlyStoppingType": { @@ -26426,21 +26426,21 @@ "TrainingJobStatusCounters": { "target": "com.amazonaws.sagemaker#TrainingJobStatusCounters", "traits": { - "smithy.api#documentation": "The TrainingJobStatusCounters object that specifies the numbers of\n training jobs, categorized by status, that this tuning job launched.
", + "smithy.api#documentation": "The TrainingJobStatusCounters object that specifies the numbers of training\n jobs, categorized by status, that this tuning job launched.
", "smithy.api#required": {} } }, "ObjectiveStatusCounters": { "target": "com.amazonaws.sagemaker#ObjectiveStatusCounters", "traits": { - "smithy.api#documentation": "The ObjectiveStatusCounters object that specifies the numbers of\n training jobs, categorized by objective metric status, that this tuning job\n launched.
", + "smithy.api#documentation": "The ObjectiveStatusCounters object that specifies the numbers of training jobs,\n categorized by objective metric status, that this tuning job launched.
", "smithy.api#required": {} } }, "ResourceLimits": { "target": "com.amazonaws.sagemaker#ResourceLimits", "traits": { - "smithy.api#documentation": "The ResourceLimits object that specifies the maximum number of\n training jobs and parallel training jobs allowed for this tuning job.
" + "smithy.api#documentation": "The ResourceLimits\n object that specifies the maximum number of training jobs and parallel training jobs\n allowed for this tuning job.
" } } }, @@ -26502,7 +26502,7 @@ "InstanceType": { "target": "com.amazonaws.sagemaker#TrainingInstanceType", "traits": { - "smithy.api#documentation": "The instance type used to run hyperparameter optimization tuning jobs. See descriptions of\n instance types for more information.
" + "smithy.api#documentation": "The instance type used to run hyperparameter optimization tuning jobs. See descriptions of\n instance types for more information.
" } }, "InstanceCount": { @@ -29755,7 +29755,7 @@ "MaxResults": { "target": "com.amazonaws.sagemaker#MaxResults", "traits": { - "smithy.api#documentation": "The maximum number of AppImageConfigs to return in the response. The default value is\n 10.
" + "smithy.api#documentation": "The total number of items to return in the response. If the total\n number of items available is more than the value specified, a NextToken\n is provided in the response. To resume pagination, provide the NextToken\n value in the as part of a subsequent call. The default value is 10.
Returns a list up to a specified limit.
" + "smithy.api#documentation": "The total number of items to return in the response. If the total\n number of items available is more than the value specified, a NextToken\n is provided in the response. To resume pagination, provide the NextToken\n value in the as part of a subsequent call. The default value is 10.
Returns a list up to a specified limit.
" + "smithy.api#documentation": "The total number of items to return in the response. If the total\n number of items available is more than the value specified, a NextToken\n is provided in the response. To resume pagination, provide the NextToken\n value in the as part of a subsequent call. The default value is 10.
The name of the pipeline.
", + "smithy.api#documentation": "The name or Amazon Resource Name (ARN) of the pipeline.
", "smithy.api#required": {} } }, @@ -35274,7 +35274,7 @@ "MaxResults": { "target": "com.amazonaws.sagemaker#MaxResults", "traits": { - "smithy.api#documentation": "Returns a list up to a specified limit.
" + "smithy.api#documentation": "The total number of items to return in the response. If the total\n number of items available is more than the value specified, a NextToken\n is provided in the response. To resume pagination, provide the NextToken\n value in the as part of a subsequent call. The default value is 10.
The maximum number of Studio Lifecycle Configurations to return in the response. The default value is 10.
" + "smithy.api#documentation": "The total number of items to return in the response. If the total\n number of items available is more than the value specified, a NextToken\n is provided in the response. To resume pagination, provide the NextToken\n value in the as part of a subsequent call. The default value is 10.
A token for getting the next set of actions, if there are any.
" + "smithy.api#documentation": "If the previous response was truncated, you will receive this token.\n Use it in your next request to receive the next set of results.
" } }, "StudioLifecycleConfigs": { @@ -35688,7 +35688,7 @@ } ], "traits": { - "smithy.api#documentation": "Gets a list of TrainingJobSummary objects that describe the training\n jobs that a hyperparameter tuning job launched.
", + "smithy.api#documentation": "Gets a list of TrainingJobSummary objects that describe the training jobs that a\n hyperparameter tuning job launched.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -36205,7 +36205,7 @@ "MaxResults": { "target": "com.amazonaws.sagemaker#MaxResults", "traits": { - "smithy.api#documentation": "Returns a list up to a specified limit.
" + "smithy.api#documentation": "The total number of items to return in the response. If the total\n number of items available is more than the value specified, a NextToken\n is provided in the response. To resume pagination, provide the NextToken\n value in the as part of a subsequent call. The default value is 10.
A regular expression that searches the output of a training job and gets the value of\n the metric. For more information about using regular expressions to define metrics, see\n Defining\n metrics and environment variables.
", + "smithy.api#documentation": "A regular expression that searches the output of a training job and gets the value of\n the metric. For more information about using regular expressions to define metrics, see\n Defining metrics and environment variables.
", "smithy.api#required": {} } } @@ -41742,25 +41742,25 @@ "IntegerParameterRanges": { "target": "com.amazonaws.sagemaker#IntegerParameterRanges", "traits": { - "smithy.api#documentation": "The array of IntegerParameterRange objects that specify ranges of\n integer hyperparameters that a hyperparameter tuning job searches.
" + "smithy.api#documentation": "The array of IntegerParameterRange objects that specify ranges of integer\n hyperparameters that a hyperparameter tuning job searches.
" } }, "ContinuousParameterRanges": { "target": "com.amazonaws.sagemaker#ContinuousParameterRanges", "traits": { - "smithy.api#documentation": "The array of ContinuousParameterRange objects that specify ranges of\n continuous hyperparameters that a hyperparameter tuning job searches.
" + "smithy.api#documentation": "The array of ContinuousParameterRange objects that specify ranges of continuous\n hyperparameters that a hyperparameter tuning job searches.
" } }, "CategoricalParameterRanges": { "target": "com.amazonaws.sagemaker#CategoricalParameterRanges", "traits": { - "smithy.api#documentation": "The array of CategoricalParameterRange objects that specify ranges\n of categorical hyperparameters that a hyperparameter tuning job searches.
" + "smithy.api#documentation": "The array of CategoricalParameterRange objects that specify ranges of categorical\n hyperparameters that a hyperparameter tuning job searches.
" } }, "AutoParameters": { "target": "com.amazonaws.sagemaker#AutoParameters", "traits": { - "smithy.api#documentation": "A list containing hyperparameter names and example values to be used by Autotune to determine optimal ranges for your tuning job.
" + "smithy.api#documentation": "A list containing hyperparameter names and example values to be used by Autotune to\n determine optimal ranges for your tuning job.
" } } }, @@ -41884,7 +41884,7 @@ "ProductionVariants": { "target": "com.amazonaws.sagemaker#PendingProductionVariantSummaryList", "traits": { - "smithy.api#documentation": "An array of PendingProductionVariantSummary objects, one for each\n model hosted behind this endpoint for the in-progress deployment.
" + "smithy.api#documentation": "An array of PendingProductionVariantSummary objects, one for each model hosted behind\n this endpoint for the in-progress deployment.
" } }, "StartTime": { @@ -41896,7 +41896,7 @@ "ShadowProductionVariants": { "target": "com.amazonaws.sagemaker#PendingProductionVariantSummaryList", "traits": { - "smithy.api#documentation": "An array of PendingProductionVariantSummary objects, one for each\n model hosted behind this endpoint in shadow mode with production traffic replicated from\n the model specified on ProductionVariants for the in-progress\n deployment.
An array of PendingProductionVariantSummary objects, one for each model hosted behind\n this endpoint in shadow mode with production traffic replicated from the model specified\n on ProductionVariants for the in-progress deployment.
The production variant summary for a deployment when an endpoint is creating or\n updating with the CreateEndpoint or UpdateEndpoint operations. Describes the VariantStatus\n , weight and capacity for a production variant associated with an endpoint.\n
The production variant summary for a deployment when an endpoint is creating or\n updating with the CreateEndpoint\n or UpdateEndpoint\n operations. Describes the VariantStatus , weight and capacity for a\n production variant associated with an endpoint.
The size of the Elastic Inference (EI) instance to use for the production variant. EI\n instances provide on-demand GPU computing for inference. For more information, see\n Using Elastic\n Inference in Amazon SageMaker.
" + "smithy.api#documentation": "The size of the Elastic Inference (EI) instance to use for the production variant. EI\n instances provide on-demand GPU computing for inference. For more information, see\n Using Elastic\n Inference in Amazon SageMaker.
" } }, "CoreDumpConfig": { @@ -43805,12 +43805,12 @@ "EnableSSMAccess": { "target": "com.amazonaws.sagemaker#ProductionVariantSSMAccess", "traits": { - "smithy.api#documentation": "\n You can use this parameter to turn on native Amazon Web Services Systems Manager (SSM)\n access for a production variant behind an endpoint. By default, SSM access is disabled\n for all production variants behind an endpoint. You can turn on or turn off SSM access\n for a production variant behind an existing endpoint by creating a new endpoint\n configuration and calling UpdateEndpoint.\n
You can use this parameter to turn on native Amazon Web Services Systems Manager (SSM)\n access for a production variant behind an endpoint. By default, SSM access is disabled\n for all production variants behind an endpoint. You can turn on or turn off SSM access\n for a production variant behind an existing endpoint by creating a new endpoint\n configuration and calling UpdateEndpoint.
\n Identifies a model that you want to host and the resources chosen to deploy for\n hosting it. If you are deploying multiple models, tell SageMaker how to distribute traffic\n among the models by specifying variant weights. For more information on production\n variants, check \n Production variants.\n
" + "smithy.api#documentation": "Identifies a model that you want to host and the resources chosen to deploy for\n hosting it. If you are deploying multiple models, tell SageMaker how to distribute traffic\n among the models by specifying variant weights. For more information on production\n variants, check Production variants.\n
" } }, "com.amazonaws.sagemaker#ProductionVariantAcceleratorType": { @@ -47628,7 +47628,7 @@ "S3Uri": { "target": "com.amazonaws.sagemaker#S3Uri", "traits": { - "smithy.api#documentation": "Depending on the value specified for the S3DataType, identifies either\n a key name prefix or a manifest. For example:
A key name prefix might look like this:\n s3://bucketname/exampleprefix\n
A manifest might look like this:\n s3://bucketname/example.manifest\n
A manifest is an S3 object which is a JSON file consisting of an array of\n elements. The first element is a prefix which is followed by one or more\n suffixes. SageMaker appends the suffix elements to the prefix to get a full set\n of S3Uri. Note that the prefix must be a valid non-empty\n S3Uri that precludes users from specifying a manifest whose\n individual S3Uri is sourced from different S3 buckets.
The following code example shows a valid manifest format:
\n\n [ {\"prefix\": \"s3://customer_bucket/some/prefix/\"},\n
\n \"relative/path/to/custdata-1\",\n
\n \"relative/path/custdata-2\",\n
\n ...\n
\n \"relative/path/custdata-N\"\n
\n ]\n
This JSON is equivalent to the following S3Uri\n list:
\n s3://customer_bucket/some/prefix/relative/path/to/custdata-1\n
\n s3://customer_bucket/some/prefix/relative/path/custdata-2\n
\n ...\n
\n s3://customer_bucket/some/prefix/relative/path/custdata-N\n
The complete set of S3Uri in this manifest is the input data\n for the channel for this data source. The object that each S3Uri\n points to must be readable by the IAM role that SageMaker uses to perform tasks on\n your behalf.
Your input bucket must be located in same Amazon Web Services region as your training job.
", + "smithy.api#documentation": "Depending on the value specified for the S3DataType, identifies either\n a key name prefix or a manifest. For example:
A key name prefix might look like this:\n s3://bucketname/exampleprefix\n
A manifest might look like this:\n s3://bucketname/example.manifest\n
A manifest is an S3 object which is a JSON file consisting of an array of\n elements. The first element is a prefix which is followed by one or more\n suffixes. SageMaker appends the suffix elements to the prefix to get a full set of\n S3Uri. Note that the prefix must be a valid non-empty\n S3Uri that precludes users from specifying a manifest whose\n individual S3Uri is sourced from different S3 buckets.
The following code example shows a valid manifest format:
\n\n [ {\"prefix\": \"s3://customer_bucket/some/prefix/\"},\n
\n \"relative/path/to/custdata-1\",\n
\n \"relative/path/custdata-2\",\n
\n ...\n
\n \"relative/path/custdata-N\"\n
\n ]\n
This JSON is equivalent to the following S3Uri\n list:
\n s3://customer_bucket/some/prefix/relative/path/to/custdata-1\n
\n s3://customer_bucket/some/prefix/relative/path/custdata-2\n
\n ...\n
\n s3://customer_bucket/some/prefix/relative/path/custdata-N\n
The complete set of S3Uri in this manifest is the input data\n for the channel for this data source. The object that each S3Uri\n points to must be readable by the IAM role that SageMaker uses to perform tasks on\n your behalf.
Your input bucket must be located in same Amazon Web Services region as your\n training job.
", "smithy.api#required": {} } }, @@ -47652,7 +47652,7 @@ } }, "traits": { - "smithy.api#documentation": "Describes the S3 data source.
\nYour input bucket must be in the same Amazon Web Services region as your training job.
" + "smithy.api#documentation": "Describes the S3 data source.
\nYour input bucket must be in the same Amazon Web Services region as your training\n job.
" } }, "com.amazonaws.sagemaker#S3DataType": { @@ -50166,12 +50166,12 @@ "StatusMessage": { "target": "com.amazonaws.sagemaker#StatusMessage", "traits": { - "smithy.api#documentation": "A detailed description of the progress within a secondary status.\n
\nSageMaker provides secondary statuses and status messages that apply to each of\n them:
\nStarting the training job.
\nLaunching requested ML\n instances.
\nInsufficient\n capacity error from EC2 while launching instances,\n retrying!
\nLaunched\n instance was unhealthy, replacing it!
\nPreparing the instances for training.
\nDownloading the training image.
\nTraining\n image download completed. Training in\n progress.
\nStatus messages are subject to change. Therefore, we recommend not including them\n in code that programmatically initiates actions. For examples, don't use status\n messages in if statements.
\nTo have an overview of your training job's progress, view\n TrainingJobStatus and SecondaryStatus in DescribeTrainingJob, and StatusMessage together. For\n example, at the start of a training job, you might see the following:
\n TrainingJobStatus - InProgress
\n SecondaryStatus - Training
\n StatusMessage - Downloading the training image
A detailed description of the progress within a secondary status.\n
\nSageMaker provides secondary statuses and status messages that apply to each of\n them:
\nStarting the training job.
\nLaunching requested ML\n instances.
\nInsufficient\n capacity error from EC2 while launching instances,\n retrying!
\nLaunched\n instance was unhealthy, replacing it!
\nPreparing the instances for training.
\nDownloading the training image.
\nTraining\n image download completed. Training in\n progress.
\nStatus messages are subject to change. Therefore, we recommend not including them\n in code that programmatically initiates actions. For examples, don't use status\n messages in if statements.
\nTo have an overview of your training job's progress, view\n TrainingJobStatus and SecondaryStatus in DescribeTrainingJob, and StatusMessage together. For example,\n at the start of a training job, you might see the following:
\n TrainingJobStatus - InProgress
\n SecondaryStatus - Training
\n StatusMessage - Downloading the training image
An array element of SecondaryStatusTransitions for DescribeTrainingJob. It provides\n additional details about a status that the training job has transitioned through. A\n training job can be in one of several states, for example, starting, downloading,\n training, or uploading. Within each state, there are a number of intermediate states.\n For example, within the starting state, SageMaker could be starting the training job or\n launching the ML instances. These transitional states are referred to as the job's\n secondary\n status.\n
An array element of SecondaryStatusTransitions for DescribeTrainingJob. It provides additional details about a status that the\n training job has transitioned through. A training job can be in one of several states,\n for example, starting, downloading, training, or uploading. Within each state, there are\n a number of intermediate states. For example, within the starting state, SageMaker could be\n starting the training job or launching the ML instances. These transitional states are\n referred to as the job's secondary\n status.\n
The Amazon S3 path where the model artifacts, which result from model training, are stored.\n This path must point to a single gzip compressed tar archive\n (.tar.gz suffix).
The model artifacts must be in an S3 bucket that is in the same Amazon Web Services region as the\n algorithm.
\nThe Amazon S3 path where the model artifacts, which result from model training, are stored.\n This path must point to a single gzip compressed tar archive\n (.tar.gz suffix).
The model artifacts must be in an S3 bucket that is in the same Amazon Web Services\n region as the algorithm.
\nThe name of the pipeline.
", + "smithy.api#documentation": "The name or Amazon Resource Name (ARN) of the pipeline.
", "smithy.api#required": {} } }, @@ -52507,6 +52507,18 @@ "smithy.api#enumValue": "ml_inf1" } }, + "ML_INF2": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml_inf2" + } + }, + "ML_TRN1": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml_trn1" + } + }, "ML_EIA2": { "target": "smithy.api#Unit", "traits": { @@ -53569,7 +53581,7 @@ "SecondaryStatus": { "target": "com.amazonaws.sagemaker#SecondaryStatus", "traits": { - "smithy.api#documentation": " Provides detailed information about the state of the training job. For detailed\n information about the secondary status of the training job, see\n StatusMessage under SecondaryStatusTransition.
SageMaker provides primary statuses and secondary statuses that apply to each of\n them:
\n\n Starting\n - Starting the training job.
\n Downloading - An optional stage for algorithms that\n support File training input mode. It indicates that\n data is being downloaded to the ML storage volumes.
\n Training - Training is in progress.
\n Uploading - Training is complete and the model\n artifacts are being uploaded to the S3 location.
\n Completed - The training job has completed.
\n Failed - The training job has failed. The reason for\n the failure is returned in the FailureReason field of\n DescribeTrainingJobResponse.
\n MaxRuntimeExceeded - The job stopped because it\n exceeded the maximum allowed runtime.
\n Stopped - The training job has stopped.
\n Stopping - Stopping the training job.
Valid values for SecondaryStatus are subject to change.
We no longer support the following secondary statuses:
\n\n LaunchingMLInstances\n
\n PreparingTrainingStack\n
\n DownloadingTrainingImage\n
Provides detailed information about the state of the training job. For detailed\n information about the secondary status of the training job, see\n StatusMessage under SecondaryStatusTransition.
SageMaker provides primary statuses and secondary statuses that apply to each of\n them:
\n\n Starting\n - Starting the training job.
\n Downloading - An optional stage for algorithms that\n support File training input mode. It indicates that\n data is being downloaded to the ML storage volumes.
\n Training - Training is in progress.
\n Uploading - Training is complete and the model\n artifacts are being uploaded to the S3 location.
\n Completed - The training job has completed.
\n Failed - The training job has failed. The reason for\n the failure is returned in the FailureReason field of\n DescribeTrainingJobResponse.
\n MaxRuntimeExceeded - The job stopped because it\n exceeded the maximum allowed runtime.
\n Stopped - The training job has stopped.
\n Stopping - Stopping the training job.
Valid values for SecondaryStatus are subject to change.
We no longer support the following secondary statuses:
\n\n LaunchingMLInstances\n
\n PreparingTrainingStack\n
\n DownloadingTrainingImage\n
A VpcConfig object that specifies the VPC that this training job has\n access to. For more information, see Protect Training Jobs by Using an Amazon\n Virtual Private Cloud.
" + "smithy.api#documentation": "A VpcConfig object that specifies the VPC that this training job has access\n to. For more information, see Protect Training Jobs by Using an Amazon\n Virtual Private Cloud.
" } }, "StoppingCondition": { @@ -54589,7 +54601,7 @@ "TransformOutput": { "target": "com.amazonaws.sagemaker#TransformOutput", "traits": { - "smithy.api#documentation": "Identifies the Amazon S3 location where you want Amazon SageMaker to save the results\n from the transform job.
", + "smithy.api#documentation": "Identifies the Amazon S3 location where you want Amazon SageMaker to save the results from the\n transform job.
", "smithy.api#required": {} } }, @@ -56131,7 +56143,7 @@ } ], "traits": { - "smithy.api#documentation": "Deploys the new EndpointConfig specified in the request, switches to\n using newly created endpoint, and then deletes resources provisioned for the endpoint\n using the previous EndpointConfig (there is no availability loss).
When SageMaker receives the request, it sets the endpoint status to\n Updating. After updating the endpoint, it sets the status to\n InService. To check the status of an endpoint, use the DescribeEndpoint API.\n \n
You must not delete an EndpointConfig in use by an endpoint that is\n live or while the UpdateEndpoint or CreateEndpoint\n operations are being performed on the endpoint. To update an endpoint, you must\n create a new EndpointConfig.
If you delete the EndpointConfig of an endpoint that is active or\n being created or updated you may lose visibility into the instance type the endpoint\n is using. The endpoint must be deleted in order to stop incurring charges.
Deploys the new EndpointConfig specified in the request, switches to\n using newly created endpoint, and then deletes resources provisioned for the endpoint\n using the previous EndpointConfig (there is no availability loss).
When SageMaker receives the request, it sets the endpoint status to\n Updating. After updating the endpoint, it sets the status to\n InService. To check the status of an endpoint, use the DescribeEndpoint API.\n \n
You must not delete an EndpointConfig in use by an endpoint that is\n live or while the UpdateEndpoint or CreateEndpoint\n operations are being performed on the endpoint. To update an endpoint, you must\n create a new EndpointConfig.
If you delete the EndpointConfig of an endpoint that is active or\n being created or updated you may lose visibility into the instance type the endpoint\n is using. The endpoint must be deleted in order to stop incurring charges.
When you are updating endpoint resources with RetainAllVariantProperties, whose value is set to\n true, ExcludeRetainedVariantProperties specifies the list\n of type VariantProperty to override with the values provided by\n EndpointConfig. If you don't specify a value for\n ExcludeRetainedVariantProperties, no variant properties are overridden.\n
When you are updating endpoint resources with RetainAllVariantProperties,\n whose value is set to true, ExcludeRetainedVariantProperties\n specifies the list of type VariantProperty\n to override with the values provided by EndpointConfig. If you don't\n specify a value for ExcludeRetainedVariantProperties, no variant properties\n are overridden.
A list of the Elastic Inference (EI) instance types to associate with this notebook\n instance. Currently only one EI instance type can be associated with a notebook\n instance. For more information, see Using Elastic Inference in Amazon SageMaker.
" + "smithy.api#documentation": "A list of the Elastic Inference (EI) instance types to associate with this notebook\n instance. Currently only one EI instance type can be associated with a notebook\n instance. For more information, see Using Elastic Inference in\n Amazon SageMaker.
" } }, "DisassociateAcceleratorTypes": { @@ -58159,13 +58171,13 @@ "VariantPropertyType": { "target": "com.amazonaws.sagemaker#VariantPropertyType", "traits": { - "smithy.api#documentation": "The type of variant property. The supported values are:
\n\n DesiredInstanceCount: Overrides the existing variant instance\n counts using the InitialInstanceCount values\n in the ProductionVariants of CreateEndpointConfig.
\n DesiredWeight: Overrides the existing variant weights using the\n InitialVariantWeight values in the ProductionVariants of CreateEndpointConfig.
\n DataCaptureConfig: (Not currently supported.)
The type of variant property. The supported values are:
\n\n DesiredInstanceCount: Overrides the existing variant instance\n counts using the InitialInstanceCount values in the\n ProductionVariants of CreateEndpointConfig.
\n DesiredWeight: Overrides the existing variant weights using the\n InitialVariantWeight values in the\n ProductionVariants of CreateEndpointConfig.
\n DataCaptureConfig: (Not currently supported.)
Specifies a production variant property type for an Endpoint.
\nIf you are updating an endpoint with the RetainAllVariantProperties\n option of UpdateEndpointInput set to\n true, the VariantProperty objects listed in the ExcludeRetainedVariantProperties parameter of UpdateEndpointInput\n override the\n existing variant properties of the endpoint.
Specifies a production variant property type for an Endpoint.
\nIf you are updating an endpoint with the RetainAllVariantProperties\n option of UpdateEndpointInput set to true, the\n VariantProperty objects listed in the\n ExcludeRetainedVariantProperties parameter of UpdateEndpointInput override the existing variant properties of the\n endpoint.
Provides details about one of the following actions that affects or that was taken on a resource:
\nA remote IP address issued an Amazon Web Services API call
\nA DNS request was received
\nA remote IP address attempted to connect to an EC2 instance
\nA remote IP address attempted a port probe on an EC2 instance
\n\n Specifies that the rule action should update the Types finding field. The Types \n finding field provides one or more finding types in the format of \n namespace/category/classifier that classify a finding. For more information, see\n Types taxonomy for ASFF in \n the Security Hub User Guide.\n
\n Specifies that the automation rule action is an update to a finding field.\n
" + } + } + }, + "traits": { + "smithy.api#documentation": "\n One or more actions to update finding fields if a finding matches the defined criteria \n of the rule.\n
" + } + }, + "com.amazonaws.securityhub#AutomationRulesActionType": { + "type": "enum", + "members": { + "FINDING_FIELDS_UPDATE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FINDING_FIELDS_UPDATE" + } + } + } + }, + "com.amazonaws.securityhub#AutomationRulesArnsList": { + "type": "list", + "member": { + "target": "com.amazonaws.securityhub#NonEmptyString" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 100 + } + } + }, + "com.amazonaws.securityhub#AutomationRulesConfig": { + "type": "structure", + "members": { + "RuleArn": { + "target": "com.amazonaws.securityhub#NonEmptyString", + "traits": { + "smithy.api#documentation": "\n The Amazon Resource Name (ARN) of a rule.\n
" + } + }, + "RuleStatus": { + "target": "com.amazonaws.securityhub#RuleStatus", + "traits": { + "smithy.api#documentation": "\n Whether the rule is active after it is created. If \n this parameter is equal to >ENABLED, Security Hub will apply the rule to findings \n and finding updates after the rule is created.\n
An integer ranging from 1 to 1000 that represents the order in which the rule action is\n applied to findings. Security Hub applies rules with lower values for this parameter\n first.
" + } + }, + "RuleName": { + "target": "com.amazonaws.securityhub#NonEmptyString", + "traits": { + "smithy.api#documentation": "\n The name of the rule.\n
" + } + }, + "Description": { + "target": "com.amazonaws.securityhub#NonEmptyString", + "traits": { + "smithy.api#documentation": "\n A description of the rule.\n
" + } + }, + "IsTerminal": { + "target": "com.amazonaws.securityhub#Boolean", + "traits": { + "smithy.api#default": false, + "smithy.api#documentation": "Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful \n when a finding matches the criteria for multiple rules, and each rule has different actions. If the value of this \n field is set to true for a rule, Security Hub applies the rule action to a finding that matches \n the rule criteria and won't evaluate other rules for the finding.\u2028 The default value of this field is false.\n
\n A set of Amazon Web Services Security Finding Format finding field attributes and corresponding expected values that \n Security Hub uses to filter findings. If a finding matches the conditions specified in\n this parameter, Security Hub applies the rule action to the finding.\n
" + } + }, + "Actions": { + "target": "com.amazonaws.securityhub#ActionList", + "traits": { + "smithy.api#documentation": "\n One or more actions to update finding fields if a finding matches the defined criteria \n of the rule.\n
" + } + }, + "CreatedAt": { + "target": "com.amazonaws.securityhub#Timestamp", + "traits": { + "smithy.api#documentation": "\n A timestamp that indicates when the rule was created.\n
\nUses the date-time format specified in RFC 3339 section 5.6, Internet\n Date/Time Format. The value cannot contain spaces. For example,\n 2020-03-22T13:22:13.933Z.
\n A timestamp that indicates when the rule was most recently updated.\n
\nUses the date-time format specified in RFC 3339 section 5.6, Internet\n Date/Time Format. The value cannot contain spaces. For example,\n 2020-03-22T13:22:13.933Z.
\n The principal that created a rule.\n
" + } + } + }, + "traits": { + "smithy.api#documentation": "\n Defines the configuration of an automation rule.\n
" + } + }, + "com.amazonaws.securityhub#AutomationRulesConfigList": { + "type": "list", + "member": { + "target": "com.amazonaws.securityhub#AutomationRulesConfig" + } + }, + "com.amazonaws.securityhub#AutomationRulesFindingFieldsUpdate": { + "type": "structure", + "members": { + "Note": { + "target": "com.amazonaws.securityhub#NoteUpdate" + }, + "Severity": { + "target": "com.amazonaws.securityhub#SeverityUpdate" + }, + "VerificationState": { + "target": "com.amazonaws.securityhub#VerificationState", + "traits": { + "smithy.api#documentation": "\n The rule action will update the VerificationState field of a finding.\n
\n The rule action will update the Confidence field of a finding.\n
\n The rule action will update the Criticality field of a finding.\n
\n The rule action will update the Types field of a finding.\n
\n The rule action will update the UserDefinedFields field of a finding.\n
\n A list of findings that are related to a finding.\n
" + } + } + }, + "traits": { + "smithy.api#documentation": "\n Identifies the finding fields that the automation rule action will update when a \n finding matches the defined criteria.\n
" + } + }, + "com.amazonaws.securityhub#AutomationRulesFindingFilters": { + "type": "structure", + "members": { + "ProductArn": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "\n The Amazon Resource Name (ARN) for a third-party product that generated a finding in \n Security Hub.\n
" + } + }, + "AwsAccountId": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "The Amazon Web Services account ID in which a finding was generated.
" + } + }, + "Id": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "\n The product-specific identifier for a finding.\n
" + } + }, + "GeneratorId": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "\n The identifier for the solution-specific component that \n generated a finding.\n
" + } + }, + "Type": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "One or more finding types in the format of namespace/category/classifier that classify\n a finding. For a list of namespaces, classifiers, and categories, see Types\n taxonomy for ASFF in the Security Hub User Guide.
" + } + }, + "FirstObservedAt": { + "target": "com.amazonaws.securityhub#DateFilterList", + "traits": { + "smithy.api#documentation": "\n A timestamp that indicates when the potential security issue captured by a \n finding was first observed by the security findings product.\n
\nUses the date-time format specified in RFC 3339 section 5.6, Internet\n Date/Time Format. The value cannot contain spaces. For example,\n 2020-03-22T13:22:13.933Z.
\n A timestamp that indicates when the potential security issue captured by a finding \n was most recently observed by the security findings product.\n
\nUses the date-time format specified in RFC 3339 section 5.6, Internet\n Date/Time Format. The value cannot contain spaces. For example,\n 2020-03-22T13:22:13.933Z.
\n A timestamp that indicates when this finding record was created.\n
\nUses the date-time format specified in RFC 3339 section 5.6, Internet\n Date/Time Format. The value cannot contain spaces. For example,\n 2020-03-22T13:22:13.933Z.
\n A timestamp that indicates when the finding record was most recently updated. \n
\nUses the date-time format specified in RFC 3339 section 5.6, Internet\n Date/Time Format. The value cannot contain spaces. For example,\n 2020-03-22T13:22:13.933Z.
The likelihood that a finding accurately identifies the behavior or issue that it was\n intended to identify. Confidence is scored on a 0–100 basis using a ratio\n scale. A value of 0 means 0 percent confidence, and a value of\n 100 means 100 percent confidence. For example, a data exfiltration\n detection based on a statistical deviation of network traffic has low confidence because an\n actual exfiltration hasn't been verified. For more information, see Confidence in the Security Hub User Guide.
\n The level of importance that is assigned to the resources that are associated with a \n finding. Criticality is scored on a 0–100 basis, using a ratio scale that supports \n only full integers. A score of 0 means that the underlying resources have no \n criticality, and a score of 100 is reserved for the most critical resources. For \n more information, see Criticality in the Security Hub User Guide.
\n A finding's title. \n
" + } + }, + "Description": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "\n A finding's description. \n
" + } + }, + "SourceUrl": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "\n Provides a URL that links to a page about the current finding in the finding product.\n
" + } + }, + "ProductName": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "\n Provides the name of the product that generated the finding. For \n control-based findings, the product name is Security Hub.\n
" + } + }, + "CompanyName": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "\n The name of the company for the product that generated the finding. \n For control-based findings, the company is Amazon Web Services.\n
" + } + }, + "SeverityLabel": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "\n The severity value of the finding.\n
" + } + }, + "ResourceType": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "\n The type of resource that the finding pertains to.\n
" + } + }, + "ResourceId": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "\n The identifier for the given resource type. For Amazon Web Services resources that are identified by \n Amazon Resource Names (ARNs), this is the ARN. For Amazon Web Services resources that lack ARNs, \n this is the identifier as defined by the Amazon Web Service that created the resource. \n For non-Amazon Web Services resources, this is a unique identifier that is associated with the \n resource.\n
" + } + }, + "ResourcePartition": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "\n The partition in which the resource that the finding pertains to is located. \n A partition is a group of Amazon Web Services Regions. Each Amazon Web Services account is scoped to one partition.\n
" + } + }, + "ResourceRegion": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "\n The Amazon Web Services Region where the resource that a finding pertains to is located.\n
" + } + }, + "ResourceTags": { + "target": "com.amazonaws.securityhub#MapFilterList", + "traits": { + "smithy.api#documentation": "\n A list of Amazon Web Services tags associated with a resource at the time the finding was processed.\n
" + } + }, + "ResourceDetailsOther": { + "target": "com.amazonaws.securityhub#MapFilterList", + "traits": { + "smithy.api#documentation": "\n Custom fields and values about the resource that a finding pertains to.\n
" + } + }, + "ComplianceStatus": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "\n The result of a security check. This field is only used for findings generated \n from controls.\n
" + } + }, + "ComplianceSecurityControlId": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "The security control ID for which a finding was generated. Security control IDs are the same across standards.
" + } + }, + "ComplianceAssociatedStandardsId": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of \n the Amazon Resource Name (ARN) returned for a standard in the DescribeStandards API response.
" + } + }, + "VerificationState": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "\n Provides the veracity of a finding.\n
" + } + }, + "WorkflowStatus": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "\n Provides information about the status of the investigation into a finding.\n
" + } + }, + "RecordState": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "\n Provides the current state of a finding.\n
" + } + }, + "RelatedFindingsProductArn": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "\n The ARN for the product that generated a related finding.\n
" + } + }, + "RelatedFindingsId": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "\n The product-generated identifier for a related finding.\n
" + } + }, + "NoteText": { + "target": "com.amazonaws.securityhub#StringFilterList", + "traits": { + "smithy.api#documentation": "\n The text of a user-defined note that's added to a finding.\n
" + } + }, + "NoteUpdatedAt": { + "target": "com.amazonaws.securityhub#DateFilterList", + "traits": { + "smithy.api#documentation": "\n The timestamp of when the note was updated. Uses the date-time format specified in \n RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. \n For example, 2020-03-22T13:22:13.933Z.\n
\n The principal that created a note.\n
" + } + }, + "UserDefinedFields": { + "target": "com.amazonaws.securityhub#MapFilterList", + "traits": { + "smithy.api#documentation": "\n A list of user-defined name and value string pairs added to a finding.\n
" + } + } + }, + "traits": { + "smithy.api#documentation": "\n The criteria that determine which findings a rule applies to.\n
" + } + }, + "com.amazonaws.securityhub#AutomationRulesMetadata": { + "type": "structure", + "members": { + "RuleArn": { + "target": "com.amazonaws.securityhub#NonEmptyString", + "traits": { + "smithy.api#documentation": "\n The Amazon Resource Name (ARN) for the rule.\n
" + } + }, + "RuleStatus": { + "target": "com.amazonaws.securityhub#RuleStatus", + "traits": { + "smithy.api#documentation": "\n Whether the rule is active after it is created. If \n this parameter is equal to ENABLED, Security Hub will apply the rule to findings \n and finding updates after the rule is created. To change the value of this\n parameter after creating a rule, use BatchUpdateAutomationRules.\n
An integer ranging from 1 to 1000 that represents the order in which the rule action is\n applied to findings. Security Hub applies rules with lower values for this parameter\n first.
" + } + }, + "RuleName": { + "target": "com.amazonaws.securityhub#NonEmptyString", + "traits": { + "smithy.api#documentation": "\n The name of the rule.\n
" + } + }, + "Description": { + "target": "com.amazonaws.securityhub#NonEmptyString", + "traits": { + "smithy.api#documentation": "\n A description of the rule.\n
" + } + }, + "IsTerminal": { + "target": "com.amazonaws.securityhub#Boolean", + "traits": { + "smithy.api#default": false, + "smithy.api#documentation": "\n Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful \n when a finding matches the criteria for multiple rules, and each rule has different actions. If the value of this \n field is set to true for a rule, Security Hub applies the rule action to a finding that matches \n the rule criteria and won't evaluate other rules for the finding.\u2028 The default value of this field is false.\n
\n A timestamp that indicates when the rule was created.\n
\nUses the date-time format specified in RFC 3339 section 5.6, Internet\n Date/Time Format. The value cannot contain spaces. For example,\n 2020-03-22T13:22:13.933Z.
\n A timestamp that indicates when the rule was most recently updated.\n
\nUses the date-time format specified in RFC 3339 section 5.6, Internet\n Date/Time Format. The value cannot contain spaces. For example,\n 2020-03-22T13:22:13.933Z.
\n The principal that created a rule.\n
" } } + }, + "traits": { + "smithy.api#documentation": "\n Metadata for automation rules in the calling account. The response includes rules \n with a RuleStatus of ENABLED and DISABLED.\n
Information about the encryption configuration for X-Ray.
" } }, + "com.amazonaws.securityhub#BatchDeleteAutomationRules": { + "type": "operation", + "input": { + "target": "com.amazonaws.securityhub#BatchDeleteAutomationRulesRequest" + }, + "output": { + "target": "com.amazonaws.securityhub#BatchDeleteAutomationRulesResponse" + }, + "errors": [ + { + "target": "com.amazonaws.securityhub#InternalException" + }, + { + "target": "com.amazonaws.securityhub#InvalidAccessException" + }, + { + "target": "com.amazonaws.securityhub#InvalidInputException" + }, + { + "target": "com.amazonaws.securityhub#LimitExceededException" + }, + { + "target": "com.amazonaws.securityhub#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "\n Deletes one or more automation rules.\n
", + "smithy.api#http": { + "method": "POST", + "uri": "/automationrules/delete", + "code": 200 + } + } + }, + "com.amazonaws.securityhub#BatchDeleteAutomationRulesRequest": { + "type": "structure", + "members": { + "AutomationRulesArns": { + "target": "com.amazonaws.securityhub#AutomationRulesArnsList", + "traits": { + "smithy.api#documentation": "\n A list of Amazon Resource Names (ARNs) for the rules that are to be deleted.\n
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.securityhub#BatchDeleteAutomationRulesResponse": { + "type": "structure", + "members": { + "ProcessedAutomationRules": { + "target": "com.amazonaws.securityhub#AutomationRulesArnsList", + "traits": { + "smithy.api#documentation": "\n A list of properly processed rule ARNs.\n
" + } + }, + "UnprocessedAutomationRules": { + "target": "com.amazonaws.securityhub#UnprocessedAutomationRulesList", + "traits": { + "smithy.api#documentation": "\n A list of objects containing RuleArn, ErrorCode, and ErrorMessage. This parameter \n tells you which automation rules the request didn't delete and why.\n
\n Retrieves a list of details for automation rules based on rule Amazon Resource Names \n (ARNs).\n
", + "smithy.api#http": { + "method": "POST", + "uri": "/automationrules/get", + "code": 200 + } + } + }, + "com.amazonaws.securityhub#BatchGetAutomationRulesRequest": { + "type": "structure", + "members": { + "AutomationRulesArns": { + "target": "com.amazonaws.securityhub#AutomationRulesArnsList", + "traits": { + "smithy.api#documentation": "\n A list of rule ARNs to get details for.\n
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.securityhub#BatchGetAutomationRulesResponse": { + "type": "structure", + "members": { + "Rules": { + "target": "com.amazonaws.securityhub#AutomationRulesConfigList", + "traits": { + "smithy.api#documentation": "\n A list of rule details for the provided rule ARNs.\n
" + } + }, + "UnprocessedAutomationRules": { + "target": "com.amazonaws.securityhub#UnprocessedAutomationRulesList", + "traits": { + "smithy.api#documentation": "\n A list of objects containing RuleArn, ErrorCode, and ErrorMessage. This parameter \n tells you which automation rules the request didn't retrieve and why.\n
\n Updates one or more automation rules based on rule Amazon Resource Names (ARNs) \n and input parameters.\n
", + "smithy.api#http": { + "method": "PATCH", + "uri": "/automationrules/update", + "code": 200 + } + } + }, + "com.amazonaws.securityhub#BatchUpdateAutomationRulesRequest": { + "type": "structure", + "members": { + "UpdateAutomationRulesRequestItems": { + "target": "com.amazonaws.securityhub#UpdateAutomationRulesRequestItemsList", + "traits": { + "smithy.api#documentation": "\n An array of ARNs for the rules that are to be updated. Optionally, you can also include \n RuleStatus and RuleOrder.\n
\n A list of properly processed rule ARNs.\n
" + } + }, + "UnprocessedAutomationRules": { + "target": "com.amazonaws.securityhub#UnprocessedAutomationRulesList", + "traits": { + "smithy.api#documentation": "\n A list of objects containing RuleArn, ErrorCode, and ErrorMessage. This parameter \n tells you which automation rules the request didn't update and why.\n
The 2-letter ISO 3166 country code for the country.
" + } + }, + "CountryName": { + "target": "com.amazonaws.securityhub#NonEmptyString", + "traits": { + "smithy.api#documentation": "The name of the country.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about a country.
" + } + }, + "com.amazonaws.securityhub#CreateActionTarget": { + "type": "operation", + "input": { + "target": "com.amazonaws.securityhub#CreateActionTargetRequest" + }, + "output": { + "target": "com.amazonaws.securityhub#CreateActionTargetResponse" + }, + "errors": [ + { + "target": "com.amazonaws.securityhub#InternalException" + }, + { + "target": "com.amazonaws.securityhub#InvalidAccessException" + }, + { + "target": "com.amazonaws.securityhub#InvalidInputException" + }, + { + "target": "com.amazonaws.securityhub#LimitExceededException" + }, + { + "target": "com.amazonaws.securityhub#ResourceConflictException" + } + ], + "traits": { + "smithy.api#documentation": "Creates a custom action target in Security Hub.
\nYou can use custom actions on findings and insights in Security Hub to trigger target actions\n in Amazon CloudWatch Events.
", + "smithy.api#http": { + "method": "POST", + "uri": "/actionTargets", + "code": 200 + } + } + }, + "com.amazonaws.securityhub#CreateActionTargetRequest": { + "type": "structure", + "members": { + "Name": { + "target": "com.amazonaws.securityhub#NonEmptyString", + "traits": { + "smithy.api#documentation": "The name of the custom action target. Can contain up to 20 characters.
", + "smithy.api#required": {} } }, - "DISABLED": { - "target": "smithy.api#Unit", + "Description": { + "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#enumValue": "DISABLED" + "smithy.api#documentation": "The description for the custom action target.
", + "smithy.api#required": {} + } + }, + "Id": { + "target": "com.amazonaws.securityhub#NonEmptyString", + "traits": { + "smithy.api#documentation": "The ID for the custom action target. Can contain up to 20 alphanumeric characters.
", + "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, - "com.amazonaws.securityhub#Country": { + "com.amazonaws.securityhub#CreateActionTargetResponse": { "type": "structure", "members": { - "CountryCode": { - "target": "com.amazonaws.securityhub#NonEmptyString", - "traits": { - "smithy.api#documentation": "The 2-letter ISO 3166 country code for the country.
" - } - }, - "CountryName": { + "ActionTargetArn": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "The name of the country.
" + "smithy.api#documentation": "The Amazon Resource Name (ARN) for the custom action target.
", + "smithy.api#required": {} } } }, "traits": { - "smithy.api#documentation": "Information about a country.
" + "smithy.api#output": {} } }, - "com.amazonaws.securityhub#CreateActionTarget": { + "com.amazonaws.securityhub#CreateAutomationRule": { "type": "operation", "input": { - "target": "com.amazonaws.securityhub#CreateActionTargetRequest" + "target": "com.amazonaws.securityhub#CreateAutomationRuleRequest" }, "output": { - "target": "com.amazonaws.securityhub#CreateActionTargetResponse" + "target": "com.amazonaws.securityhub#CreateAutomationRuleResponse" }, "errors": [ + { + "target": "com.amazonaws.securityhub#AccessDeniedException" + }, { "target": "com.amazonaws.securityhub#InternalException" }, @@ -20050,41 +20821,72 @@ }, { "target": "com.amazonaws.securityhub#LimitExceededException" - }, - { - "target": "com.amazonaws.securityhub#ResourceConflictException" } ], "traits": { - "smithy.api#documentation": "Creates a custom action target in Security Hub.
\nYou can use custom actions on findings and insights in Security Hub to trigger target actions\n in Amazon CloudWatch Events.
", + "smithy.api#documentation": "\n Creates an automation rule based on input parameters.\n
", "smithy.api#http": { "method": "POST", - "uri": "/actionTargets", + "uri": "/automationrules/create", "code": 200 } } }, - "com.amazonaws.securityhub#CreateActionTargetRequest": { + "com.amazonaws.securityhub#CreateAutomationRuleRequest": { "type": "structure", "members": { - "Name": { + "Tags": { + "target": "com.amazonaws.securityhub#TagMap", + "traits": { + "smithy.api#documentation": "\n User-defined tags that help you label the purpose of a rule. \n
" + } + }, + "RuleStatus": { + "target": "com.amazonaws.securityhub#RuleStatus", + "traits": { + "smithy.api#documentation": "\n Whether the rule is active after it is created. If \n this parameter is equal to Enabled, Security Hub will apply the rule to findings \n and finding updates after the rule is created. To change the value of this\n parameter after creating a rule, use BatchUpdateAutomationRules.\n
An integer ranging from 1 to 1000 that represents the order in which the rule action is\n applied to findings. Security Hub applies rules with lower values for this parameter\n first.
", + "smithy.api#required": {} + } + }, + "RuleName": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "The name of the custom action target. Can contain up to 20 characters.
", + "smithy.api#documentation": "\n The name of the rule.\n
", "smithy.api#required": {} } }, "Description": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "The description for the custom action target.
", + "smithy.api#documentation": "\n A description of the rule.\n
", "smithy.api#required": {} } }, - "Id": { - "target": "com.amazonaws.securityhub#NonEmptyString", + "IsTerminal": { + "target": "com.amazonaws.securityhub#Boolean", "traits": { - "smithy.api#documentation": "The ID for the custom action target. Can contain up to 20 alphanumeric characters.
", + "smithy.api#default": false, + "smithy.api#documentation": "Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding \n matches the criteria for multiple rules, and each rule has different actions. If the value of this field is \n set to true for a rule, Security Hub applies the rule action to a finding that matches \n the rule criteria and won't evaluate other rules for the finding. The default value of this field is false.\n
\n A set of ASFF finding field attributes and corresponding expected values that \n Security Hub uses to filter findings. If a finding matches the conditions specified in\n this parameter, Security Hub applies the rule action to the finding.\n
", + "smithy.api#required": {} + } + }, + "Actions": { + "target": "com.amazonaws.securityhub#ActionList", + "traits": { + "smithy.api#documentation": "\n One or more actions to update finding fields if a finding matches the conditions \n specified in Criteria. \n
The Amazon Resource Name (ARN) for the custom action target.
", - "smithy.api#required": {} + "smithy.api#documentation": "\n The Amazon Resource Name (ARN) of the automation rule that you created.\n
" } } }, @@ -23507,6 +24308,83 @@ "smithy.api#httpError": 429 } }, + "com.amazonaws.securityhub#ListAutomationRules": { + "type": "operation", + "input": { + "target": "com.amazonaws.securityhub#ListAutomationRulesRequest" + }, + "output": { + "target": "com.amazonaws.securityhub#ListAutomationRulesResponse" + }, + "errors": [ + { + "target": "com.amazonaws.securityhub#AccessDeniedException" + }, + { + "target": "com.amazonaws.securityhub#InternalException" + }, + { + "target": "com.amazonaws.securityhub#InvalidAccessException" + }, + { + "target": "com.amazonaws.securityhub#InvalidInputException" + }, + { + "target": "com.amazonaws.securityhub#LimitExceededException" + } + ], + "traits": { + "smithy.api#documentation": "\n A list of automation rules and their metadata for the calling account.\n
", + "smithy.api#http": { + "method": "GET", + "uri": "/automationrules/list", + "code": 200 + } + } + }, + "com.amazonaws.securityhub#ListAutomationRulesRequest": { + "type": "structure", + "members": { + "NextToken": { + "target": "com.amazonaws.securityhub#NextToken", + "traits": { + "smithy.api#documentation": "\n A token to specify where to start paginating the response. This is the NextToken \n from a previously truncated response. On your first call to the ListAutomationRules \n API, set the value of this parameter to NULL.\n
The maximum number of rules to return in the response. This currently ranges from 1 to\n 100.
", + "smithy.api#httpQuery": "MaxResults" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.securityhub#ListAutomationRulesResponse": { + "type": "structure", + "members": { + "AutomationRulesMetadata": { + "target": "com.amazonaws.securityhub#AutomationRulesMetadataList", + "traits": { + "smithy.api#documentation": "\n Metadata for rules in the calling account. The response includes rules with a \n RuleStatus of ENABLED and DISABLED.\n
\n A pagination token for the response.\n
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.securityhub#ListEnabledProductsForImport": { "type": "operation", "input": { @@ -26640,6 +27518,33 @@ "smithy.api#documentation": "A list of port ranges.
" } }, + "com.amazonaws.securityhub#RuleOrderValue": { + "type": "integer", + "traits": { + "smithy.api#default": 0, + "smithy.api#range": { + "min": 1, + "max": 1000 + } + } + }, + "com.amazonaws.securityhub#RuleStatus": { + "type": "enum", + "members": { + "ENABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ENABLED" + } + }, + "DISABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DISABLED" + } + } + } + }, "com.amazonaws.securityhub#SecurityControl": { "type": "structure", "members": { @@ -26775,12 +27680,18 @@ { "target": "com.amazonaws.securityhub#AcceptInvitation" }, + { + "target": "com.amazonaws.securityhub#BatchDeleteAutomationRules" + }, { "target": "com.amazonaws.securityhub#BatchDisableStandards" }, { "target": "com.amazonaws.securityhub#BatchEnableStandards" }, + { + "target": "com.amazonaws.securityhub#BatchGetAutomationRules" + }, { "target": "com.amazonaws.securityhub#BatchGetSecurityControls" }, @@ -26790,6 +27701,9 @@ { "target": "com.amazonaws.securityhub#BatchImportFindings" }, + { + "target": "com.amazonaws.securityhub#BatchUpdateAutomationRules" + }, { "target": "com.amazonaws.securityhub#BatchUpdateFindings" }, @@ -26799,6 +27713,9 @@ { "target": "com.amazonaws.securityhub#CreateActionTarget" }, + { + "target": "com.amazonaws.securityhub#CreateAutomationRule" + }, { "target": "com.amazonaws.securityhub#CreateFindingAggregator" }, @@ -26904,6 +27821,9 @@ { "target": "com.amazonaws.securityhub#InviteMembers" }, + { + "target": "com.amazonaws.securityhub#ListAutomationRules" + }, { "target": "com.amazonaws.securityhub#ListEnabledProductsForImport" }, @@ -29294,6 +30214,39 @@ "target": "com.amazonaws.securityhub#NonEmptyString" } }, + "com.amazonaws.securityhub#UnprocessedAutomationRule": { + "type": "structure", + "members": { + "RuleArn": { + "target": "com.amazonaws.securityhub#NonEmptyString", + "traits": { + "smithy.api#documentation": "\n The Amazon Resource Name (ARN) for the unprocessed automation rule.\n
" + } + }, + "ErrorCode": { + "target": "com.amazonaws.securityhub#Integer", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "\n The error code associated with the unprocessed automation rule.\n
" + } + }, + "ErrorMessage": { + "target": "com.amazonaws.securityhub#NonEmptyString", + "traits": { + "smithy.api#documentation": "\n An error message describing why a request didn't process a specific rule.\n
" + } + } + }, + "traits": { + "smithy.api#documentation": "\n A list of objects containing RuleArn, ErrorCode, and ErrorMessage. This parameter \n tells you which automation rules the request didn't process and why.\n
\n The Amazon Resource Name (ARN) for the rule.\n
", + "smithy.api#required": {} + } + }, + "RuleStatus": { + "target": "com.amazonaws.securityhub#RuleStatus", + "traits": { + "smithy.api#documentation": "\n Whether the rule is active after it is created. If \n this parameter is equal to ENABLED, Security Hub will apply the rule to findings \n and finding updates after the rule is created. To change the value of this\n parameter after creating a rule, use BatchUpdateAutomationRules.\n
An integer ranging from 1 to 1000 that represents the order in which the rule action is\n applied to findings. Security Hub applies rules with lower values for this parameter\n first.
" + } + }, + "Description": { + "target": "com.amazonaws.securityhub#NonEmptyString", + "traits": { + "smithy.api#documentation": "\n A description of the rule.\n
" + } + }, + "RuleName": { + "target": "com.amazonaws.securityhub#NonEmptyString", + "traits": { + "smithy.api#documentation": "\n The name of the rule.\n
" + } + }, + "IsTerminal": { + "target": "com.amazonaws.securityhub#Boolean", + "traits": { + "smithy.api#default": false, + "smithy.api#documentation": "Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful \n when a finding matches the criteria for multiple rules, and each rule has different actions. If the value of this \n field is set to true for a rule, Security Hub applies the rule action to a finding that matches \n the rule criteria and won't evaluate other rules for the finding.\u2028 The default value of this field is false.\n
\n A set of ASFF finding field attributes and corresponding expected values that \n Security Hub uses to filter findings. If a finding matches the conditions specified in\n this parameter, Security Hub applies the rule action to the finding.\n
" + } + }, + "Actions": { + "target": "com.amazonaws.securityhub#ActionList", + "traits": { + "smithy.api#documentation": "\n One or more actions to update finding fields if a finding matches the conditions \n specified in Criteria.\n
\n Specifies the parameters to update in an existing automation rule.\n
" + } + }, + "com.amazonaws.securityhub#UpdateAutomationRulesRequestItemsList": { + "type": "list", + "member": { + "target": "com.amazonaws.securityhub#UpdateAutomationRulesRequestItem" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 100 + } + } + }, "com.amazonaws.securityhub#UpdateFindingAggregator": { "type": "operation", "input": { diff --git a/codegen/sdk/aws-models/simspaceweaver.json b/codegen/sdk/aws-models/simspaceweaver.json index 6b8e254a1ce..3f8be46b535 100644 --- a/codegen/sdk/aws-models/simspaceweaver.json +++ b/codegen/sdk/aws-models/simspaceweaver.json @@ -162,7 +162,7 @@ "Destination": { "target": "com.amazonaws.simspaceweaver#S3Destination", "traits": { - "smithy.api#documentation": "The Amazon S3 bucket and optional folder (object key prefix) where SimSpace Weaver creates the snapshot file.
", + "smithy.api#documentation": "The Amazon S3 bucket and optional folder (object key prefix) where SimSpace Weaver creates the snapshot file.
\nThe Amazon S3 bucket must be in the same Amazon Web Services Region as the simulation.
", "smithy.api#required": {} } } @@ -911,7 +911,7 @@ "min": 0, "max": 1600 }, - "smithy.api#pattern": "^arn:(?:aws|aws-cn):log-group:([a-z]{2}-[a-z]+-\\d{1}):(\\d{12})?:role\\/(.+)$" + "smithy.api#pattern": "^arn:(?:aws|aws-cn|aws-us-gov):log-group:([a-z]{2}-[a-z]+-\\d{1}):(\\d{12})?:role\\/(.+)$" } }, "com.amazonaws.simspaceweaver#LoggingConfiguration": { @@ -995,7 +995,7 @@ "min": 0, "max": 1600 }, - "smithy.api#pattern": "^arn:(?:aws|aws-cn):iam::(\\d{12})?:role\\/(.+)$" + "smithy.api#pattern": "^arn:(?:aws|aws-cn|aws-us-gov):iam::(\\d{12})?:role\\/(.+)$" } }, "com.amazonaws.simspaceweaver#S3Destination": { @@ -1472,9 +1472,9 @@ } }, "params": { - "Region": "us-gov-east-1", + "UseDualStack": true, "UseFIPS": true, - "UseDualStack": true + "Region": "us-gov-east-1" } }, { @@ -1485,9 +1485,9 @@ } }, "params": { - "Region": "us-gov-east-1", + "UseDualStack": false, "UseFIPS": true, - "UseDualStack": false + "Region": "us-gov-east-1" } }, { @@ -1498,9 +1498,9 @@ } }, "params": { - "Region": "us-gov-east-1", + "UseDualStack": true, "UseFIPS": false, - "UseDualStack": true + "Region": "us-gov-east-1" } }, { @@ -1511,9 +1511,9 @@ } }, "params": { - "Region": "us-gov-east-1", + "UseDualStack": false, "UseFIPS": false, - "UseDualStack": false + "Region": "us-gov-east-1" } }, { @@ -1524,9 +1524,9 @@ } }, "params": { - "Region": "cn-north-1", + "UseDualStack": true, "UseFIPS": true, - "UseDualStack": true + "Region": "cn-north-1" } }, { @@ -1537,9 +1537,9 @@ } }, "params": { - "Region": "cn-north-1", + "UseDualStack": false, "UseFIPS": true, - "UseDualStack": false + "Region": "cn-north-1" } }, { @@ -1550,9 +1550,9 @@ } }, "params": { - "Region": "cn-north-1", + "UseDualStack": true, "UseFIPS": false, - "UseDualStack": true + "Region": "cn-north-1" } }, { @@ -1563,9 +1563,9 @@ } }, "params": { - "Region": "cn-north-1", + "UseDualStack": false, "UseFIPS": false, - "UseDualStack": false + "Region": "cn-north-1" } }, { @@ -1574,9 +1574,9 @@ "error": "FIPS and DualStack are enabled, but this partition does not support one or both" }, "params": { - "Region": "us-iso-east-1", + "UseDualStack": true, "UseFIPS": true, - "UseDualStack": true + "Region": "us-iso-east-1" } }, { @@ -1587,9 +1587,9 @@ } }, "params": { - "Region": "us-iso-east-1", + "UseDualStack": false, "UseFIPS": true, - "UseDualStack": false + "Region": "us-iso-east-1" } }, { @@ -1598,9 +1598,9 @@ "error": "DualStack is enabled but this partition does not support DualStack" }, "params": { - "Region": "us-iso-east-1", + "UseDualStack": true, "UseFIPS": false, - "UseDualStack": true + "Region": "us-iso-east-1" } }, { @@ -1611,9 +1611,9 @@ } }, "params": { - "Region": "us-iso-east-1", + "UseDualStack": false, "UseFIPS": false, - "UseDualStack": false + "Region": "us-iso-east-1" } }, { @@ -1624,9 +1624,9 @@ } }, "params": { - "Region": "us-east-1", + "UseDualStack": true, "UseFIPS": true, - "UseDualStack": true + "Region": "us-east-1" } }, { @@ -1637,9 +1637,9 @@ } }, "params": { - "Region": "us-east-1", + "UseDualStack": false, "UseFIPS": true, - "UseDualStack": false + "Region": "us-east-1" } }, { @@ -1650,9 +1650,9 @@ } }, "params": { - "Region": "us-east-1", + "UseDualStack": true, "UseFIPS": false, - "UseDualStack": true + "Region": "us-east-1" } }, { @@ -1663,9 +1663,9 @@ } }, "params": { - "Region": "us-east-1", + "UseDualStack": false, "UseFIPS": false, - "UseDualStack": false + "Region": "us-east-1" } }, { @@ -1674,9 +1674,9 @@ "error": "FIPS and DualStack are enabled, but this partition does not support one or both" }, "params": { - "Region": "us-isob-east-1", + "UseDualStack": true, "UseFIPS": true, - "UseDualStack": true + "Region": "us-isob-east-1" } }, { @@ -1687,9 +1687,9 @@ } }, "params": { - "Region": "us-isob-east-1", + "UseDualStack": false, "UseFIPS": true, - "UseDualStack": false + "Region": "us-isob-east-1" } }, { @@ -1698,9 +1698,9 @@ "error": "DualStack is enabled but this partition does not support DualStack" }, "params": { - "Region": "us-isob-east-1", + "UseDualStack": true, "UseFIPS": false, - "UseDualStack": true + "Region": "us-isob-east-1" } }, { @@ -1711,9 +1711,9 @@ } }, "params": { - "Region": "us-isob-east-1", + "UseDualStack": false, "UseFIPS": false, - "UseDualStack": false + "Region": "us-isob-east-1" } }, { @@ -1724,9 +1724,9 @@ } }, "params": { - "Region": "us-east-1", - "UseFIPS": false, "UseDualStack": false, + "UseFIPS": false, + "Region": "us-east-1", "Endpoint": "https://example.com" } }, @@ -1736,9 +1736,9 @@ "error": "Invalid Configuration: FIPS and custom endpoint are not supported" }, "params": { - "Region": "us-east-1", - "UseFIPS": true, "UseDualStack": false, + "UseFIPS": true, + "Region": "us-east-1", "Endpoint": "https://example.com" } }, @@ -1748,9 +1748,9 @@ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" }, "params": { - "Region": "us-east-1", - "UseFIPS": false, "UseDualStack": true, + "UseFIPS": false, + "Region": "us-east-1", "Endpoint": "https://example.com" } } @@ -1766,7 +1766,7 @@ "min": 0, "max": 1600 }, - "smithy.api#pattern": "^arn:(?:aws|aws-cn):simspaceweaver:([a-z]{2}-[a-z]+-\\d{1}):(\\d{12})?:([a-z]+)\\/(.+)$" + "smithy.api#pattern": "^arn:(?:aws|aws-cn|aws-us-gov):simspaceweaver:([a-z]{2}-[a-z]+-\\d{1}):(\\d{12})?:([a-z]+)\\/(.+)$" } }, "com.amazonaws.simspaceweaver#SimSpaceWeaverLongResourceName": { @@ -2361,7 +2361,7 @@ "SnapshotS3Location": { "target": "com.amazonaws.simspaceweaver#S3Location", "traits": { - "smithy.api#documentation": "The location of the snapshot .zip file in Amazon Simple Storage Service (Amazon S3).\n For more information about Amazon S3, see the \n Amazon Simple Storage Service User Guide\n .
\nProvide a SnapshotS3Location to start your simulation from a snapshot.
If you provide a SnapshotS3Location then you can't provide a SchemaS3Location.
The location of the snapshot .zip file in Amazon Simple Storage Service (Amazon S3).\n For more information about Amazon S3, see the \n Amazon Simple Storage Service User Guide\n .
\nProvide a SnapshotS3Location to start your simulation from a snapshot.
The Amazon S3 bucket must be in the same Amazon Web Services Region as the simulation.
\nIf you provide a SnapshotS3Location then you can't provide a SchemaS3Location.
You don't have sufficient access to perform this action.
", + "smithy.api#error": "client", + "smithy.api#httpError": 403 + } + }, + "com.amazonaws.verifiedpermissions#ActionId": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 200 + }, + "smithy.api#pattern": "^.*$" + } + }, + "com.amazonaws.verifiedpermissions#ActionIdentifier": { + "type": "structure", + "members": { + "actionType": { + "target": "com.amazonaws.verifiedpermissions#ActionType", + "traits": { + "smithy.api#documentation": "The type of an action.
", + "smithy.api#required": {} + } + }, + "actionId": { + "target": "com.amazonaws.verifiedpermissions#ActionId", + "traits": { + "smithy.api#documentation": "The ID of an action.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information about an action for a request for which an authorization decision\n is made.
\nThis data type is used as an request parameter to the IsAuthorized and IsAuthorizedWithToken operations.
\nExample: { \"actionId\": \"<action name>\", \"actionType\": \"Action\"\n }\n
An attribute value of Boolean\n type.
\nExample: {\"boolean\": true}\n
An attribute value of type EntityIdentifier.
\nExample: \"entityIdentifier\": { \"entityId\": \"<id>\", \"entityType\":\n \"<entity type>\"}\n
An attribute value of Long\n type.
\nExample: {\"long\": 0}\n
An attribute value of String\n type.
\nExample: {\"string\": \"abc\"}\n
An attribute value of Set\n type.
\nExample: {\"set\": [ {} ] }\n
An attribute value of Record\n type.
\nExample: {\"record\": { \"keyName\": {} } }\n
The value of an attribute.
\nContains information about the runtime context for a request for which an\n authorization decision is made.
\nThis data type is used as a member of the ContextDefinition structure\n which is uses as a request parameter for the IsAuthorized and IsAuthorizedWithToken operations.
" + } + }, + "com.amazonaws.verifiedpermissions#BooleanAttribute": { + "type": "boolean" + }, + "com.amazonaws.verifiedpermissions#ClientId": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 255 + }, + "smithy.api#pattern": "^.*$" + } + }, + "com.amazonaws.verifiedpermissions#ClientIds": { + "type": "list", + "member": { + "target": "com.amazonaws.verifiedpermissions#ClientId" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 1000 + } + } + }, + "com.amazonaws.verifiedpermissions#CognitoUserPoolConfiguration": { + "type": "structure", + "members": { + "userPoolArn": { + "target": "com.amazonaws.verifiedpermissions#UserPoolArn", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool that contains the identities to be\n authorized.
\nExample: \"UserPoolArn\":\n \"cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5\"\n
The unique application client IDs that are associated with the specified Amazon Cognito user\n pool.
\nExample: \"ClientIds\": [\"&ExampleCogClientId;\"]\n
The configuration for an identity source that represents a connection to an Amazon Cognito user pool used\n as an identity provider for Verified Permissions.
\nThis data type is used as a field that is part of an Configuration structure that is\n used as a parameter to the Configuration.
\nExample:\"CognitoUserPoolConfiguration\":{\"UserPoolArn\":\"cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5\",\"ClientIds\":\n [\"a1b2c3d4e5f6g7h8i9j0kalbmc\"]}\n
Contains configuration details of a Amazon Cognito user pool that Verified Permissions can use as a source of\n authenticated identities as entities. It specifies the Amazon Resource Name (ARN) of a Amazon Cognito user pool\n and one or more application client IDs.
\nExample:\n \"configuration\":{\"cognitoUserPoolConfiguration\":{\"userPoolArn\":\"cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5\",\"clientIds\":\n [\"a1b2c3d4e5f6g7h8i9j0kalbmc\"]}}\n
Contains configuration information used when creating a new identity source.
\nAt this time, the only valid member of this structure is a Amazon Cognito user pool\n configuration.
\nYou must specify a userPoolArn, and optionally, a\n ClientId.
This data type is used as a request parameter for the CreateIdentitySource\n operation.
" + } + }, + "com.amazonaws.verifiedpermissions#ConflictException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#required": {} + } + }, + "resources": { + "target": "com.amazonaws.verifiedpermissions#ResourceConflictList", + "traits": { + "smithy.api#documentation": "The list of resources referenced with this failed request.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "The request failed because another request to modify a resource occurred at the\n same.
", + "smithy.api#error": "client", + "smithy.api#httpError": 409 + } + }, + "com.amazonaws.verifiedpermissions#ContextDefinition": { + "type": "union", + "members": { + "contextMap": { + "target": "com.amazonaws.verifiedpermissions#ContextMap", + "traits": { + "smithy.api#documentation": "An list of attributes that are needed to successfully evaluate an authorization\n request. Each attribute in this array must include a map of a data type and its\n value.
\nExample:\n \"Context\":{\"<KeyName1>\":{\"boolean\":true},\"<KeyName2>\":{\"long\":1234}}\n
Contains additional details about the context of the request. Verified Permissions evaluates this\n information in an authorization request as part of the when and\n unless clauses in a policy.
This data type is used as a request parameter for the IsAuthorized and IsAuthorizedWithToken operations.
\nExample:\n \"context\":{\"Context\":{\"<KeyName1>\":{\"boolean\":true},\"<KeyName2>\":{\"long\":1234}}}\n
Creates a reference to an Amazon Cognito user pool as an external identity provider (IdP).\n
\nAfter you create an identity source, you can use the identities provided by the IdP as proxies\n for the principal in authorization queries that use the IsAuthorizedWithToken\n operation. These identities take the form of tokens that contain claims about the user,\n such as IDs, attributes and group memberships. Amazon Cognito provides both identity tokens and\n access tokens, and Verified Permissions can use either or both. Any combination of identity and access\n tokens results in the same Cedar principal. Verified Permissions automatically translates the\n information about the identities into the standard Cedar attributes that can be\n evaluated by your policies. Because the Amazon Cognito identity and access tokens can contain\n different information, the tokens you choose to use determine which principal attributes\n are available to access when evaluating Cedar policies.
\nIf you delete a Amazon Cognito user pool or user, tokens from that deleted pool or that deleted user continue to be usable until they expire.
\nTo reference a user from this identity source in your Cedar policies, use the following\n syntax.
\n\n IdentityType::\"<CognitoUserPoolIdentifier>|<CognitoClientId>\n
\nWhere IdentityType is the string that you provide to the\n PrincipalEntityType parameter for this operation. The\n CognitoUserPoolId and CognitoClientId are defined by\n the Amazon Cognito user pool.
Specifies a unique, case-sensitive ID that you provide to\n ensure the idempotency of the request. This lets you safely retry the request without\n accidentally performing the same operation a second time. Passing the same value to a\n later call to an operation requires that you also pass the same value for all other \n parameters. We recommend that you use a UUID type of \n value..
\nIf you don't provide this value, then Amazon Web Services generates a random one for\n you.
\nIf you retry the operation with the same ClientToken, but with \n different parameters, the retry fails with an IdempotentParameterMismatch\n error.
Specifies the ID of the policy store in which you want to store this identity source. Only policies and\n requests made using this policy store can reference identities from the identity provider\n configured in the new identity source.
", + "smithy.api#required": {} + } + }, + "configuration": { + "target": "com.amazonaws.verifiedpermissions#Configuration", + "traits": { + "smithy.api#documentation": "Specifies the details required to communicate with the identity provider (IdP)\n associated with this identity source.
\nAt this time, the only valid member of this structure is a Amazon Cognito user pool\n configuration.
\nYou must specify a UserPoolArn, and optionally, a\n ClientId.
Specifies the namespace and data type of the principals generated for identities\n authenticated by the new identity source.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.verifiedpermissions#CreateIdentitySourceOutput": { + "type": "structure", + "members": { + "createdDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time the identity source was originally created.
", + "smithy.api#required": {} + } + }, + "identitySourceId": { + "target": "com.amazonaws.verifiedpermissions#IdentitySourceId", + "traits": { + "smithy.api#documentation": "The unique ID of the new identity source.
", + "smithy.api#required": {} + } + }, + "lastUpdatedDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time the identity source was most recently updated.
", + "smithy.api#required": {} + } + }, + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "The ID of the policy store that contains the identity source.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#CreatePolicy": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#CreatePolicyInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#CreatePolicyOutput" + }, + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.verifiedpermissions#ServiceQuotaExceededException" + } + ], + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to create a Cedar policy and save it in the specified policy store", + "smithy.api#documentation": "Creates a Cedar policy and saves it in the specified policy store. You can create either a\n static policy or a policy linked to a policy template.
\nTo create a static policy, provide the Cedar policy text in the\n StaticPolicy section of the\n PolicyDefinition.
To create a policy that is dynamically linked to a policy template, specify the policy template ID\n and the principal and resource to associate with this policy in the\n templateLinked section of the PolicyDefinition. If the\n policy template is ever updated, any policies linked to the policy template automatically use the\n updated template.
Creating a policy causes it to be validated against the schema in the policy store. If the\n policy doesn't pass validation, the operation fails and the policy isn't\n stored.
\nSpecifies a unique, case-sensitive ID that you provide to\n ensure the idempotency of the request. This lets you safely retry the request without\n accidentally performing the same operation a second time. Passing the same value to a\n later call to an operation requires that you also pass the same value for all other \n parameters. We recommend that you use a UUID type of \n value..
\nIf you don't provide this value, then Amazon Web Services generates a random one for\n you.
\nIf you retry the operation with the same ClientToken, but with \n different parameters, the retry fails with an IdempotentParameterMismatch\n error.
Specifies the PolicyStoreId of the policy store you want to store the policy\n in.
A structure that specifies the policy type and content to use for the new policy. You\n must include either a static or a templateLinked element. The policy content must be written\n in the Cedar policy language.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.verifiedpermissions#CreatePolicyOutput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "The ID of the policy store that contains the new policy.
", + "smithy.api#required": {} + } + }, + "policyId": { + "target": "com.amazonaws.verifiedpermissions#PolicyId", + "traits": { + "smithy.api#documentation": "The unique ID of the new policy.
", + "smithy.api#required": {} + } + }, + "policyType": { + "target": "com.amazonaws.verifiedpermissions#PolicyType", + "traits": { + "smithy.api#documentation": "The policy type of the new policy.
", + "smithy.api#required": {} + } + }, + "principal": { + "target": "com.amazonaws.verifiedpermissions#EntityIdentifier", + "traits": { + "smithy.api#documentation": "The principal specified in the new policy's scope. This response element isn't present\n when principal isn't specified in the policy content.
The resource specified in the new policy's scope. This response element isn't present\n when the resource isn't specified in the policy content.
The date and time the policy was originally created.
", + "smithy.api#required": {} + } + }, + "lastUpdatedDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time the policy was last updated.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#CreatePolicyStore": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#CreatePolicyStoreInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#CreatePolicyStoreOutput" + }, + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#ServiceQuotaExceededException" + } + ], + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to create a Cedar policy and save it in the specified policy store", + "smithy.api#documentation": "Creates a policy store. A policy store is a container for policy resources.
", + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.verifiedpermissions#CreatePolicyStoreInput": { + "type": "structure", + "members": { + "clientToken": { + "target": "com.amazonaws.verifiedpermissions#IdempotencyToken", + "traits": { + "smithy.api#documentation": "Specifies a unique, case-sensitive ID that you provide to\n ensure the idempotency of the request. This lets you safely retry the request without\n accidentally performing the same operation a second time. Passing the same value to a\n later call to an operation requires that you also pass the same value for all other \n parameters. We recommend that you use a UUID type of \n value..
\nIf you don't provide this value, then Amazon Web Services generates a random one for\n you.
\nIf you retry the operation with the same ClientToken, but with \n different parameters, the retry fails with an IdempotentParameterMismatch\n error.
Specifies the validation setting for this policy store.
\nCurrently, the only valid and required value is Mode.
We recommend that you turn on STRICT mode only after you define a\n schema. If a schema doesn't exist, then STRICT mode causes any policy\n to fail validation, and Verified Permissions rejects the policy. You can turn off validation by\n using the UpdatePolicyStore. Then, when you have a schema defined, use UpdatePolicyStore again to turn validation back on.
The unique ID of the new policy store.
", + "smithy.api#required": {} + } + }, + "arn": { + "target": "com.amazonaws.verifiedpermissions#ResourceArn", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the new policy store.
", + "smithy.api#required": {} + } + }, + "createdDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time the policy store was originally created.
", + "smithy.api#required": {} + } + }, + "lastUpdatedDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time the policy store was last updated.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#CreatePolicyTemplate": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#CreatePolicyTemplateInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#CreatePolicyTemplateOutput" + }, + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.verifiedpermissions#ServiceQuotaExceededException" + } + ], + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to create a policy template", + "smithy.api#documentation": "Creates a policy template. A template can use placeholders for the principal and resource. A\n template must be instantiated into a policy by associating it with specific principals\n and resources to use for the placeholders. That instantiated policy can then be\n considered in authorization decisions. The instantiated policy works identically to any\n other policy, except that it is dynamically linked to the template. If the template\n changes, then any policies that are linked to that template are immediately updated as\n well.
", + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.verifiedpermissions#CreatePolicyTemplateInput": { + "type": "structure", + "members": { + "clientToken": { + "target": "com.amazonaws.verifiedpermissions#IdempotencyToken", + "traits": { + "smithy.api#documentation": "Specifies a unique, case-sensitive ID that you provide to\n ensure the idempotency of the request. This lets you safely retry the request without\n accidentally performing the same operation a second time. Passing the same value to a\n later call to an operation requires that you also pass the same value for all other \n parameters. We recommend that you use a UUID type of \n value..
\nIf you don't provide this value, then Amazon Web Services generates a random one for\n you.
\nIf you retry the operation with the same ClientToken, but with \n different parameters, the retry fails with an IdempotentParameterMismatch\n error.
The ID of the policy store in which to create the policy template.
", + "smithy.api#required": {} + } + }, + "description": { + "target": "com.amazonaws.verifiedpermissions#PolicyTemplateDescription", + "traits": { + "smithy.api#documentation": "Specifies a description for the policy template.
" + } + }, + "statement": { + "target": "com.amazonaws.verifiedpermissions#PolicyStatement", + "traits": { + "smithy.api#documentation": "Specifies the content that you want to use for the new policy template, written in the Cedar\n policy language.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.verifiedpermissions#CreatePolicyTemplateOutput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "The ID of the policy store that contains the policy template.
", + "smithy.api#required": {} + } + }, + "policyTemplateId": { + "target": "com.amazonaws.verifiedpermissions#PolicyTemplateId", + "traits": { + "smithy.api#documentation": "The unique ID of the new policy template.
", + "smithy.api#required": {} + } + }, + "createdDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time the policy template was originally created.
", + "smithy.api#required": {} + } + }, + "lastUpdatedDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time the policy template was most recently updated.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#Decision": { + "type": "enum", + "members": { + "ALLOW": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ALLOW" + } + }, + "DENY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DENY" + } + } + } + }, + "com.amazonaws.verifiedpermissions#DeleteIdentitySource": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#DeleteIdentitySourceInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#DeleteIdentitySourceOutput" + }, + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#ConflictException" + }, + { + "target": "com.amazonaws.verifiedpermissions#ResourceNotFoundException" + } + ], + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to delete an identity source that references an identity provider (IdP) such as Amazon Cognito", + "smithy.api#documentation": "Deletes an identity source that references an identity provider (IdP) such as Amazon Cognito. After\n you delete the identity source, you can no longer use tokens for identities from that identity source to\n represent principals in authorization queries made using IsAuthorizedWithToken.\n operations.
", + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.verifiedpermissions#DeleteIdentitySourceInput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the policy store that contains the identity source that you want to delete.
", + "smithy.api#required": {} + } + }, + "identitySourceId": { + "target": "com.amazonaws.verifiedpermissions#IdentitySourceId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the identity source that you want to delete.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.verifiedpermissions#DeleteIdentitySourceOutput": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#DeletePolicy": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#DeletePolicyInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#DeletePolicyOutput" + }, + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#ConflictException" + }, + { + "target": "com.amazonaws.verifiedpermissions#ResourceNotFoundException" + } + ], + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to delete the specified policy from the policy store", + "smithy.api#documentation": "Deletes the specified policy from the policy store.
\nThis operation is idempotent; if you specify a policy that doesn't \n exist, the request response returns a successful HTTP 200 status code.
Specifies the ID of the policy store that contains the policy that you want to delete.
", + "smithy.api#required": {} + } + }, + "policyId": { + "target": "com.amazonaws.verifiedpermissions#PolicyId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the policy that you want to delete.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.verifiedpermissions#DeletePolicyOutput": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#DeletePolicyStore": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#DeletePolicyStoreInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#DeletePolicyStoreOutput" + }, + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to delete the specified policy store", + "smithy.api#documentation": "Deletes the specified policy store.
\nThis operation is idempotent. If you specify a policy store that does not exist, the request\n response will still return a successful HTTP 200 status code.
", + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.verifiedpermissions#DeletePolicyStoreInput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the policy store that you want to delete.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.verifiedpermissions#DeletePolicyStoreOutput": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#DeletePolicyTemplate": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#DeletePolicyTemplateInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#DeletePolicyTemplateOutput" + }, + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#ConflictException" + }, + { + "target": "com.amazonaws.verifiedpermissions#ResourceNotFoundException" + } + ], + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to delete the specified policy template from the policy store", + "smithy.api#documentation": "Deletes the specified policy template from the policy store.
\nThis operation also deletes any policies that were created from the specified\n policy template. Those policies are immediately removed from all future API responses, and are\n asynchronously deleted from the policy store.
\nSpecifies the ID of the policy store that contains the policy template that you want to delete.
", + "smithy.api#required": {} + } + }, + "policyTemplateId": { + "target": "com.amazonaws.verifiedpermissions#PolicyTemplateId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the policy template that you want to delete.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.verifiedpermissions#DeletePolicyTemplateOutput": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#DeterminingPolicyItem": { + "type": "structure", + "members": { + "policyId": { + "target": "com.amazonaws.verifiedpermissions#PolicyId", + "traits": { + "smithy.api#documentation": "The Id of a policy that determined to an authorization decision.
\nExample: \"policyId\":\"SPEXAMPLEabcdefg111111\"\n
Contains information about one of the policies that determined an authorization\n decision.
\nThis data type is used as an element in a response parameter for the IsAuthorized\n and IsAuthorizedWithToken operations.
\nExample: \"determiningPolicies\":[{\"policyId\":\"SPEXAMPLEabcdefg111111\"}]\n
An array of entities that are needed to successfully evaluate an authorization\n request. Each entity in this array must include an identifier for the entity, the\n attributes of the entity, and a list of any parent entities.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains the list of entities to be considered during an authorization request. This\n includes all principals, resources, and actions required to successfully evaluate the\n request.
\nThis data type is used as a field in the response parameter for the IsAuthorized\n and IsAuthorizedWithToken operations.
" + } + }, + "com.amazonaws.verifiedpermissions#EntityAttributes": { + "type": "map", + "key": { + "target": "smithy.api#String" + }, + "value": { + "target": "com.amazonaws.verifiedpermissions#AttributeValue" + }, + "traits": { + "smithy.api#length": { + "min": 0 + } + } + }, + "com.amazonaws.verifiedpermissions#EntityId": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 200 + }, + "smithy.api#pattern": "^.*$" + } + }, + "com.amazonaws.verifiedpermissions#EntityIdentifier": { + "type": "structure", + "members": { + "entityType": { + "target": "com.amazonaws.verifiedpermissions#EntityType", + "traits": { + "smithy.api#documentation": "The type of an entity.
\nExample: \"entityType\":\"typeName\"\n
The identifier of an entity.
\n\n \"entityId\":\"identifier\"\n
Contains the identifier of an entity, including its ID and type.
\nThis data type is used as a request parameter for IsAuthorized operation, and as a\n response parameter for the CreatePolicy, GetPolicy, and\n UpdatePolicy operations.
\nExample:\n {\"entityId\":\"string\",\"entityType\":\"string\"}\n
The identifier of the entity.
", + "smithy.api#required": {} + } + }, + "attributes": { + "target": "com.amazonaws.verifiedpermissions#EntityAttributes", + "traits": { + "smithy.api#documentation": "A list of attributes for the entity.
" + } + }, + "parents": { + "target": "com.amazonaws.verifiedpermissions#ParentList", + "traits": { + "smithy.api#documentation": "The parents in the hierarchy that contains the entity.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information about an entity that can be referenced in a Cedar\n policy.
\nThis data type is used as one of the fields in the EntitiesDefinition\n structure.
\n\n {\n \"id\": {\n \"entityType\": \"Photo\",\n \"entityId\": \"VacationPhoto94.jpg\"\n },\n \"Attributes\": {},\n \"Parents\": [\n {\n \"entityType\": \"Album\",\n \"entityId\": \"alice_folder\"\n }\n ]\n}\n
Used to indicate that a principal or resource is not specified. This can be used to\n search for policies that are not associated with a specific principal or\n resource.
" + } + }, + "identifier": { + "target": "com.amazonaws.verifiedpermissions#EntityIdentifier", + "traits": { + "smithy.api#documentation": "The identifier of the entity. It can consist of either an EntityType and EntityId, a\n principal, or a resource.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information about a principal or resource that can be referenced in a Cedar\n policy.
\nThis data type is used as part of the PolicyFilter structure that is\n used as a request parameter for the ListPolicies operation..
" + } + }, + "com.amazonaws.verifiedpermissions#EntityType": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 200 + }, + "smithy.api#pattern": "^.*$" + } + }, + "com.amazonaws.verifiedpermissions#EvaluationErrorItem": { + "type": "structure", + "members": { + "errorDescription": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The error description.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Contains a description of an evaluation error.
\nThis data type is used as a request parameter in the IsAuthorized and IsAuthorizedWithToken operations.
" + } + }, + "com.amazonaws.verifiedpermissions#EvaluationErrorList": { + "type": "list", + "member": { + "target": "com.amazonaws.verifiedpermissions#EvaluationErrorItem" + }, + "traits": { + "smithy.api#uniqueItems": {} + } + }, + "com.amazonaws.verifiedpermissions#GetIdentitySource": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#GetIdentitySourceInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#GetIdentitySourceOutput" + }, + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#ResourceNotFoundException" + } + ], + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to retrieve the details about the specified identity source", + "smithy.api#documentation": "Retrieves the details about the specified identity source.
", + "smithy.api#readonly": {} + } + }, + "com.amazonaws.verifiedpermissions#GetIdentitySourceInput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the policy store that contains the identity source you want information about.
", + "smithy.api#required": {} + } + }, + "identitySourceId": { + "target": "com.amazonaws.verifiedpermissions#IdentitySourceId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the identity source you want information about.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.verifiedpermissions#GetIdentitySourceOutput": { + "type": "structure", + "members": { + "createdDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "aws.cloudformation#cfnExcludeProperty": {}, + "smithy.api#documentation": "The date and time that the identity source was originally created.
", + "smithy.api#required": {} + } + }, + "details": { + "target": "com.amazonaws.verifiedpermissions#IdentitySourceDetails", + "traits": { + "smithy.api#documentation": "A structure that describes the configuration of the identity source.
", + "smithy.api#required": {} + } + }, + "identitySourceId": { + "target": "com.amazonaws.verifiedpermissions#IdentitySourceId", + "traits": { + "smithy.api#documentation": "The ID of the identity source.
", + "smithy.api#required": {} + } + }, + "lastUpdatedDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "aws.cloudformation#cfnExcludeProperty": {}, + "smithy.api#documentation": "The date and time that the identity source was most recently updated.
", + "smithy.api#required": {} + } + }, + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "The ID of the policy store that contains the identity source.
", + "smithy.api#required": {} + } + }, + "principalEntityType": { + "target": "com.amazonaws.verifiedpermissions#PrincipalEntityType", + "traits": { + "smithy.api#documentation": "The data type of principals generated for identities authenticated by this\n identity source.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#GetPolicy": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#GetPolicyInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#GetPolicyOutput" + }, + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#ResourceNotFoundException" + } + ], + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to retrieve information about the specified policy", + "smithy.api#documentation": "Retrieves information about the specified policy.
", + "smithy.api#readonly": {} + } + }, + "com.amazonaws.verifiedpermissions#GetPolicyInput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the policy store that contains the policy that you want information\n about.
", + "smithy.api#required": {} + } + }, + "policyId": { + "target": "com.amazonaws.verifiedpermissions#PolicyId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the policy you want information about.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.verifiedpermissions#GetPolicyOutput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "The ID of the policy store that contains the policy that you want information about.
", + "smithy.api#required": {} + } + }, + "policyId": { + "target": "com.amazonaws.verifiedpermissions#PolicyId", + "traits": { + "smithy.api#documentation": "The unique ID of the policy that you want information about.
", + "smithy.api#required": {} + } + }, + "policyType": { + "target": "com.amazonaws.verifiedpermissions#PolicyType", + "traits": { + "smithy.api#documentation": "The type of the policy.
", + "smithy.api#required": {} + } + }, + "principal": { + "target": "com.amazonaws.verifiedpermissions#EntityIdentifier", + "traits": { + "smithy.api#documentation": "The principal specified in the policy's scope. This element isn't included in the\n response when Principal isn't present in the policy content.
The resource specified in the policy's scope. This element isn't included in the\n response when Resource isn't present in the policy content.
The definition of the requested policy.
", + "smithy.api#required": {} + } + }, + "createdDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "aws.cloudformation#cfnExcludeProperty": {}, + "smithy.api#documentation": "The date and time that the policy was originally created.
", + "smithy.api#required": {} + } + }, + "lastUpdatedDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "aws.cloudformation#cfnExcludeProperty": {}, + "smithy.api#documentation": "The date and time that the policy was last updated.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#GetPolicyStore": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#GetPolicyStoreInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#GetPolicyStoreOutput" + }, + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#ResourceNotFoundException" + } + ], + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to retrieve details about a policy store", + "smithy.api#documentation": "Retrieves details about a policy store.
", + "smithy.api#readonly": {} + } + }, + "com.amazonaws.verifiedpermissions#GetPolicyStoreInput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the policy store that you want information about.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.verifiedpermissions#GetPolicyStoreOutput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "The ID of the policy store;
", + "smithy.api#required": {} + } + }, + "arn": { + "target": "com.amazonaws.verifiedpermissions#ResourceArn", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the policy store.
", + "smithy.api#required": {} + } + }, + "validationSettings": { + "target": "com.amazonaws.verifiedpermissions#ValidationSettings", + "traits": { + "smithy.api#documentation": "The current validation settings for the policy store.
", + "smithy.api#required": {} + } + }, + "createdDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "aws.cloudformation#cfnExcludeProperty": {}, + "smithy.api#documentation": "The date and time that the policy store was originally created.
", + "smithy.api#required": {} + } + }, + "lastUpdatedDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "aws.cloudformation#cfnExcludeProperty": {}, + "smithy.api#documentation": "The date and time that the policy store was last updated.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#GetPolicyTemplate": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#GetPolicyTemplateInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#GetPolicyTemplateOutput" + }, + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#ResourceNotFoundException" + } + ], + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to retrieve the details for the specified policy template in the specified policy store", + "smithy.api#documentation": "Retrieve the details for the specified policy template in the specified policy store.
", + "smithy.api#readonly": {} + } + }, + "com.amazonaws.verifiedpermissions#GetPolicyTemplateInput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the policy store that contains the policy template that you want information\n about.
", + "smithy.api#required": {} + } + }, + "policyTemplateId": { + "target": "com.amazonaws.verifiedpermissions#PolicyTemplateId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the policy template that you want information about.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.verifiedpermissions#GetPolicyTemplateOutput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "The ID of the policy store that contains the policy template.
", + "smithy.api#required": {} + } + }, + "policyTemplateId": { + "target": "com.amazonaws.verifiedpermissions#PolicyTemplateId", + "traits": { + "smithy.api#documentation": "The ID of the policy template.
", + "smithy.api#required": {} + } + }, + "description": { + "target": "com.amazonaws.verifiedpermissions#PolicyTemplateDescription", + "traits": { + "smithy.api#documentation": "The description of the policy template.
" + } + }, + "statement": { + "target": "com.amazonaws.verifiedpermissions#PolicyStatement", + "traits": { + "smithy.api#documentation": "The content of the body of the policy template written in the Cedar policy language.
", + "smithy.api#required": {} + } + }, + "createdDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "aws.cloudformation#cfnExcludeProperty": {}, + "smithy.api#documentation": "The date and time that the policy template was originally created.
", + "smithy.api#required": {} + } + }, + "lastUpdatedDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "aws.cloudformation#cfnExcludeProperty": {}, + "smithy.api#documentation": "The date and time that the policy template was most recently updated.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#GetSchema": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#GetSchemaInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#GetSchemaOutput" + }, + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#ResourceNotFoundException" + } + ], + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to retrieve the details for the specified schema in the specified policy store", + "smithy.api#documentation": "Retrieve the details for the specified schema in the specified policy store.
", + "smithy.api#readonly": {} + } + }, + "com.amazonaws.verifiedpermissions#GetSchemaInput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the policy store that contains the schema.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.verifiedpermissions#GetSchemaOutput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "The ID of the policy store that contains the schema.
", + "smithy.api#required": {} + } + }, + "schema": { + "target": "com.amazonaws.verifiedpermissions#SchemaJson", + "traits": { + "smithy.api#documentation": "The body of the schema, written in Cedar schema JSON.
", + "smithy.api#required": {} + } + }, + "createdDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time that the schema was originally created.
", + "smithy.api#required": {} + } + }, + "lastUpdatedDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time that the schema was most recently updated.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#IdempotencyToken": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 64 + }, + "smithy.api#pattern": "^[a-zA-Z0-9-]*$" + } + }, + "com.amazonaws.verifiedpermissions#IdentitySource": { + "type": "resource", + "identifiers": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId" + }, + "identitySourceId": { + "target": "com.amazonaws.verifiedpermissions#IdentitySourceId" + } + }, + "create": { + "target": "com.amazonaws.verifiedpermissions#CreateIdentitySource" + }, + "read": { + "target": "com.amazonaws.verifiedpermissions#GetIdentitySource" + }, + "update": { + "target": "com.amazonaws.verifiedpermissions#UpdateIdentitySource" + }, + "delete": { + "target": "com.amazonaws.verifiedpermissions#DeleteIdentitySource" + }, + "list": { + "target": "com.amazonaws.verifiedpermissions#ListIdentitySources" + }, + "traits": { + "aws.cloudformation#cfnResource": {}, + "aws.iam#disableConditionKeyInference": {} + } + }, + "com.amazonaws.verifiedpermissions#IdentitySourceDetails": { + "type": "structure", + "members": { + "clientIds": { + "target": "com.amazonaws.verifiedpermissions#ClientIds", + "traits": { + "smithy.api#documentation": "The application client IDs associated with the specified Amazon Cognito user pool that are\n enabled for this identity source.
" + } + }, + "userPoolArn": { + "target": "com.amazonaws.verifiedpermissions#UserPoolArn", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool whose identities are accessible to this Verified Permissions\n policy store.
" + } + }, + "discoveryUrl": { + "target": "com.amazonaws.verifiedpermissions#DiscoveryUrl", + "traits": { + "smithy.api#documentation": "The well-known URL that points to this user pool's OIDC discovery endpoint. This is a\n URL string in the following format. This URL replaces the placeholders for both the\n Amazon Web Services Region and the user pool identifier with those appropriate for this user\n pool.
\n\n https://cognito-idp.<region>.amazonaws.com/<user-pool-id>/.well-known/openid-configuration\n
A string that identifies the type of OIDC service represented by this identity source.
\nAt this time, the only valid value is cognito.
A structure that contains configuration of the identity source.
\nThis data type is used as a response parameter for the CreateIdentitySource\n operation.
" + } + }, + "com.amazonaws.verifiedpermissions#IdentitySourceFilter": { + "type": "structure", + "members": { + "principalEntityType": { + "target": "com.amazonaws.verifiedpermissions#PrincipalEntityType", + "traits": { + "smithy.api#documentation": "The Cedar entity type of the principals returned by the identity provider (IdP)\n associated with this identity source.
" + } + } + }, + "traits": { + "smithy.api#documentation": "A structure that defines characteristics of an identity source that you can use to\n filter.
\nThis data type is used as a request parameter for the ListIdentityStores\n operation.
" + } + }, + "com.amazonaws.verifiedpermissions#IdentitySourceFilters": { + "type": "list", + "member": { + "target": "com.amazonaws.verifiedpermissions#IdentitySourceFilter" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 10 + } + } + }, + "com.amazonaws.verifiedpermissions#IdentitySourceId": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 200 + }, + "smithy.api#pattern": "^[a-zA-Z0-9-]*$" + } + }, + "com.amazonaws.verifiedpermissions#IdentitySourceItem": { + "type": "structure", + "members": { + "createdDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time the identity source was originally created.
", + "smithy.api#required": {} + } + }, + "details": { + "target": "com.amazonaws.verifiedpermissions#IdentitySourceItemDetails", + "traits": { + "smithy.api#documentation": "A structure that contains the details of the associated identity provider\n (IdP).
", + "smithy.api#required": {} + } + }, + "identitySourceId": { + "target": "com.amazonaws.verifiedpermissions#IdentitySourceId", + "traits": { + "smithy.api#documentation": "The unique identifier of the identity source.
", + "smithy.api#required": {} + } + }, + "lastUpdatedDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time the identity source was most recently updated.
", + "smithy.api#required": {} + } + }, + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "The identifier of the policy store that contains the identity source.
", + "smithy.api#required": {} + } + }, + "principalEntityType": { + "target": "com.amazonaws.verifiedpermissions#PrincipalEntityType", + "traits": { + "smithy.api#documentation": "The Cedar entity type of the principals returned from the IdP associated with this\n identity source.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "A structure that defines an identity source.
\nThis data type is used as a request parameter for the ListIdentityStores\n operation.
" + } + }, + "com.amazonaws.verifiedpermissions#IdentitySourceItemDetails": { + "type": "structure", + "members": { + "clientIds": { + "target": "com.amazonaws.verifiedpermissions#ClientIds", + "traits": { + "smithy.api#documentation": "The application client IDs associated with the specified Amazon Cognito user pool that are\n enabled for this identity source.
" + } + }, + "userPoolArn": { + "target": "com.amazonaws.verifiedpermissions#UserPoolArn", + "traits": { + "smithy.api#documentation": "The Amazon Cognito user pool whose identities are accessible to this Verified Permissions policy store.
" + } + }, + "discoveryUrl": { + "target": "com.amazonaws.verifiedpermissions#DiscoveryUrl", + "traits": { + "smithy.api#documentation": "The well-known URL that points to this user pool's OIDC discovery endpoint. This is a\n URL string in the following format. This URL replaces the placeholders for both the\n Amazon Web Services Region and the user pool identifier with those appropriate for this user\n pool.
\n\n https://cognito-idp.<region>.amazonaws.com/<user-pool-id>/.well-known/openid-configuration\n
A string that identifies the type of OIDC service represented by this identity source.
\nAt this time, the only valid value is cognito.
A structure that contains configuration of the identity source.
\nThis data type is used as a response parameter for the CreateIdentitySource\n operation.
" + } + }, + "com.amazonaws.verifiedpermissions#IdentitySources": { + "type": "list", + "member": { + "target": "com.amazonaws.verifiedpermissions#IdentitySourceItem" + } + }, + "com.amazonaws.verifiedpermissions#InternalServerException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "The request failed because of an internal error. Try your request again later
", + "smithy.api#error": "server", + "smithy.api#httpError": 500, + "smithy.api#retryable": {} + } + }, + "com.amazonaws.verifiedpermissions#IsAuthorized": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#IsAuthorizedInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#IsAuthorizedOutput" + }, + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#ResourceNotFoundException" + } + ], + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to make an authorization decision about a service request described in the parameters", + "smithy.api#documentation": "Makes an authorization decision about a service request described in the parameters.\n The information in the parameters can also define additional context that Verified Permissions can\n include in the evaluation. The request is evaluated against all matching policies in the\n specified policy store. The result of the decision is either Allow or\n Deny, along with a list of the policies that resulted in the\n decision.
Specifies the ID of the policy store. Policies in this policy store will be used to make an\n authorization decision for the input.
", + "smithy.api#required": {} + } + }, + "principal": { + "target": "com.amazonaws.verifiedpermissions#EntityIdentifier", + "traits": { + "smithy.api#documentation": "Specifies the principal for which the authorization decision is to be made.
" + } + }, + "action": { + "target": "com.amazonaws.verifiedpermissions#ActionIdentifier", + "traits": { + "smithy.api#documentation": "Specifies the requested action to be authorized. For example, is the principal\n authorized to perform this action on the resource?
" + } + }, + "resource": { + "target": "com.amazonaws.verifiedpermissions#EntityIdentifier", + "traits": { + "smithy.api#documentation": "Specifies the resource for which the authorization decision is to be made.
" + } + }, + "context": { + "target": "com.amazonaws.verifiedpermissions#ContextDefinition", + "traits": { + "smithy.api#documentation": "Specifies additional context that can be used to make more granular authorization\n decisions.
" + } + }, + "entities": { + "target": "com.amazonaws.verifiedpermissions#EntitiesDefinition", + "traits": { + "smithy.api#documentation": "Specifies the list of entities and their associated attributes that Verified Permissions can examine\n when evaluating the policies.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.verifiedpermissions#IsAuthorizedOutput": { + "type": "structure", + "members": { + "decision": { + "target": "com.amazonaws.verifiedpermissions#Decision", + "traits": { + "smithy.api#documentation": "An authorization decision that indicates if the authorization request should be\n allowed or denied.
", + "smithy.api#required": {} + } + }, + "determiningPolicies": { + "target": "com.amazonaws.verifiedpermissions#DeterminingPolicyList", + "traits": { + "smithy.api#documentation": "The list of determining policies used to make the authorization decision. For example,\n if there are two matching policies, where one is a forbid and the other is a permit,\n then the forbid policy will be the determining policy. In the case of multiple matching\n permit policies then there would be multiple determining policies. In the case that no\n policies match, and hence the response is DENY, there would be no determining\n policies.
", + "smithy.api#required": {} + } + }, + "errors": { + "target": "com.amazonaws.verifiedpermissions#EvaluationErrorList", + "traits": { + "smithy.api#documentation": "Errors that occurred while making an authorization decision, for example, a policy\n references an Entity or entity Attribute that does not exist in the slice.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#IsAuthorizedWithToken": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#IsAuthorizedWithTokenInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#IsAuthorizedWithTokenOutput" + }, + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#ResourceNotFoundException" + } + ], + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to make an authorization decision about a service request described in the parameters. The principal in this request comes from an external identity source", + "smithy.api#documentation": "Makes an authorization decision about a service request described in the parameters.\n The principal in this request comes from an external identity source. The information in the\n parameters can also define additional context that Verified Permissions can include in the evaluation.\n The request is evaluated against all matching policies in the specified policy store. The result\n of the decision is either Allow or Deny, along with a list of\n the policies that resulted in the decision.
If you delete a Amazon Cognito user pool or user, tokens from that deleted pool or that deleted user continue to be usable until they expire.
\nSpecifies the ID of the policy store. Policies in this policy store will be used to make an\n authorization decision for the input.
", + "smithy.api#required": {} + } + }, + "identityToken": { + "target": "com.amazonaws.verifiedpermissions#Token", + "traits": { + "smithy.api#documentation": "Specifies an identity token for the principal to be authorized. This token is provided\n to you by the identity provider (IdP) associated with the specified identity source. You must\n specify either an AccessToken or an IdentityToken, but not\n both.
Specifies an access token for the principal to be authorized. This token is provided\n to you by the identity provider (IdP) associated with the specified identity source. You must\n specify either an AccessToken or an IdentityToken, but not\n both.
Specifies the requested action to be authorized. Is the specified principal authorized\n to perform this action on the specified resource.
" + } + }, + "resource": { + "target": "com.amazonaws.verifiedpermissions#EntityIdentifier", + "traits": { + "smithy.api#documentation": "Specifies the resource for which the authorization decision is made. For example, is\n the principal allowed to perform the action on the resource?
" + } + }, + "context": { + "target": "com.amazonaws.verifiedpermissions#ContextDefinition", + "traits": { + "smithy.api#documentation": "Specifies additional context that can be used to make more granular authorization\n decisions.
" + } + }, + "entities": { + "target": "com.amazonaws.verifiedpermissions#EntitiesDefinition", + "traits": { + "smithy.api#documentation": "Specifies the list of entities and their associated attributes that Verified Permissions can examine\n when evaluating the policies.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.verifiedpermissions#IsAuthorizedWithTokenOutput": { + "type": "structure", + "members": { + "decision": { + "target": "com.amazonaws.verifiedpermissions#Decision", + "traits": { + "smithy.api#documentation": "An authorization decision that indicates if the authorization request should be\n allowed or denied.
", + "smithy.api#required": {} + } + }, + "determiningPolicies": { + "target": "com.amazonaws.verifiedpermissions#DeterminingPolicyList", + "traits": { + "smithy.api#documentation": "The list of determining policies used to make the authorization decision. For example,\n if there are multiple matching policies, where at least one is a forbid policy, then\n because forbid always overrides permit the forbid policies are the determining policies.\n If all matching policies are permit policies, then those policies are the determining\n policies. When no policies match and the response is the default DENY, there are no\n determining policies.
", + "smithy.api#required": {} + } + }, + "errors": { + "target": "com.amazonaws.verifiedpermissions#EvaluationErrorList", + "traits": { + "smithy.api#documentation": "Errors that occurred while making an authorization decision. For example, a policy\n references an entity or entity attribute that does not exist in the slice.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#ListIdentitySources": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#ListIdentitySourcesInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#ListIdentitySourcesOutput" + }, + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#ResourceNotFoundException" + } + ], + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to return a paginated list of all of the identity sources defined in the specified policy store", + "smithy.api#documentation": "Returns a paginated list of all of the identity sources defined in the specified policy store.
", + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "pageSize": "maxResults", + "items": "identitySources" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.verifiedpermissions#ListIdentitySourcesInput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the policy store that contains the identity sources that you want to list.
", + "smithy.api#required": {} + } + }, + "nextToken": { + "target": "com.amazonaws.verifiedpermissions#NextToken", + "traits": { + "smithy.api#documentation": "Specifies that you want to receive the next page of results. Valid \n only if you received a NextToken response in the previous request. If you\n did, it indicates that more output is available. Set this parameter to the value \n provided by the previous call's NextToken response to request the \n next page of results.
Specifies the total number of results that you want included on each page \n of the response. If you do not include this parameter, it defaults to a value that is \n specific to the operation. If additional items exist beyond the number you specify, the\n NextToken response element is returned with a value (not null).\n Include the specified value as the NextToken request parameter in the next \n call to the operation to get the next part of the results. Note that the service might \n return fewer results than the maximum even when there are more results available. You \n should check NextToken after every operation to ensure that you receive all\n of the results.
Specifies characteristics of an identity source that you can use to limit the output to matching\n identity sources.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.verifiedpermissions#ListIdentitySourcesMaxResults": { + "type": "integer", + "traits": { + "smithy.api#range": { + "min": 1, + "max": 200 + } + } + }, + "com.amazonaws.verifiedpermissions#ListIdentitySourcesOutput": { + "type": "structure", + "members": { + "nextToken": { + "target": "com.amazonaws.verifiedpermissions#NextToken", + "traits": { + "smithy.api#documentation": "If present, this value indicates that more output is available than \n is included in the current response. Use this value in the NextToken \n request parameter in a subsequent call to the operation to get the next part of the \n output. You should repeat this until the NextToken response element comes \n back as null. This indicates that this is the last page of results.
The list of identity sources stored in the specified policy store.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#ListPolicies": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#ListPoliciesInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#ListPoliciesOutput" + }, + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#ResourceNotFoundException" + } + ], + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to return a paginated list of all policies stored in the specified policy store", + "smithy.api#documentation": "Returns a paginated list of all policies stored in the specified policy store.
", + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "pageSize": "maxResults", + "items": "policies" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.verifiedpermissions#ListPoliciesInput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the policy store you want to list policies from.
", + "smithy.api#required": {} + } + }, + "nextToken": { + "target": "com.amazonaws.verifiedpermissions#NextToken", + "traits": { + "smithy.api#documentation": "Specifies that you want to receive the next page of results. Valid \n only if you received a NextToken response in the previous request. If you\n did, it indicates that more output is available. Set this parameter to the value \n provided by the previous call's NextToken response to request the \n next page of results.
Specifies the total number of results that you want included on each page \n of the response. If you do not include this parameter, it defaults to a value that is \n specific to the operation. If additional items exist beyond the number you specify, the\n NextToken response element is returned with a value (not null).\n Include the specified value as the NextToken request parameter in the next \n call to the operation to get the next part of the results. Note that the service might \n return fewer results than the maximum even when there are more results available. You \n should check NextToken after every operation to ensure that you receive all\n of the results.
Specifies a filter that limits the response to only policies that match the specified\n criteria. For example, you list only the policies that reference a specified\n principal.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.verifiedpermissions#ListPoliciesOutput": { + "type": "structure", + "members": { + "nextToken": { + "target": "com.amazonaws.verifiedpermissions#NextToken", + "traits": { + "smithy.api#documentation": "If present, this value indicates that more output is available than \n is included in the current response. Use this value in the NextToken \n request parameter in a subsequent call to the operation to get the next part of the \n output. You should repeat this until the NextToken response element comes \n back as null. This indicates that this is the last page of results.
Lists all policies that are available in the specified policy store.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#ListPolicyStores": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#ListPolicyStoresInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#ListPolicyStoresOutput" + }, + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to return a paginated list of all policy stores in the calling Amazon Web Services account", + "smithy.api#documentation": "Returns a paginated list of all policy stores in the calling Amazon Web Services account.
", + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "pageSize": "maxResults", + "items": "policyStores" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.verifiedpermissions#ListPolicyStoresInput": { + "type": "structure", + "members": { + "nextToken": { + "target": "com.amazonaws.verifiedpermissions#NextToken", + "traits": { + "smithy.api#documentation": "Specifies that you want to receive the next page of results. Valid \n only if you received a NextToken response in the previous request. If you\n did, it indicates that more output is available. Set this parameter to the value \n provided by the previous call's NextToken response to request the \n next page of results.
Specifies the total number of results that you want included on each page \n of the response. If you do not include this parameter, it defaults to a value that is \n specific to the operation. If additional items exist beyond the number you specify, the\n NextToken response element is returned with a value (not null).\n Include the specified value as the NextToken request parameter in the next \n call to the operation to get the next part of the results. Note that the service might \n return fewer results than the maximum even when there are more results available. You \n should check NextToken after every operation to ensure that you receive all\n of the results.
If present, this value indicates that more output is available than \n is included in the current response. Use this value in the NextToken \n request parameter in a subsequent call to the operation to get the next part of the \n output. You should repeat this until the NextToken response element comes \n back as null. This indicates that this is the last page of results.
The list of policy stores in the account.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#ListPolicyTemplates": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#ListPolicyTemplatesInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#ListPolicyTemplatesOutput" + }, + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#ResourceNotFoundException" + } + ], + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to return a paginated list of all policy templates in the specified policy store", + "smithy.api#documentation": "Returns a paginated list of all policy templates in the specified policy store.
", + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "pageSize": "maxResults", + "items": "policyTemplates" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.verifiedpermissions#ListPolicyTemplatesInput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the policy store that contains the policy templates you want to list.
", + "smithy.api#required": {} + } + }, + "nextToken": { + "target": "com.amazonaws.verifiedpermissions#NextToken", + "traits": { + "smithy.api#documentation": "Specifies that you want to receive the next page of results. Valid \n only if you received a NextToken response in the previous request. If you\n did, it indicates that more output is available. Set this parameter to the value \n provided by the previous call's NextToken response to request the \n next page of results.
Specifies the total number of results that you want included on each page \n of the response. If you do not include this parameter, it defaults to a value that is \n specific to the operation. If additional items exist beyond the number you specify, the\n NextToken response element is returned with a value (not null).\n Include the specified value as the NextToken request parameter in the next \n call to the operation to get the next part of the results. Note that the service might \n return fewer results than the maximum even when there are more results available. You \n should check NextToken after every operation to ensure that you receive all\n of the results.
If present, this value indicates that more output is available than \n is included in the current response. Use this value in the NextToken \n request parameter in a subsequent call to the operation to get the next part of the \n output. You should repeat this until the NextToken response element comes \n back as null. This indicates that this is the last page of results.
The list of the policy templates in the specified policy store.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#LongAttribute": { + "type": "long" + }, + "com.amazonaws.verifiedpermissions#MaxResults": { + "type": "integer", + "traits": { + "smithy.api#range": { + "min": 1, + "max": 20 + } + } + }, + "com.amazonaws.verifiedpermissions#Namespace": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 100 + }, + "smithy.api#pattern": "^.*$" + } + }, + "com.amazonaws.verifiedpermissions#NamespaceList": { + "type": "list", + "member": { + "target": "com.amazonaws.verifiedpermissions#Namespace" + } + }, + "com.amazonaws.verifiedpermissions#NextToken": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 8000 + }, + "smithy.api#pattern": "^[A-Za-z0-9-_=+/\\.]*$" + } + }, + "com.amazonaws.verifiedpermissions#OpenIdIssuer": { + "type": "enum", + "members": { + "COGNITO": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "COGNITO" + } + } + } + }, + "com.amazonaws.verifiedpermissions#ParentList": { + "type": "list", + "member": { + "target": "com.amazonaws.verifiedpermissions#EntityIdentifier" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 100 + }, + "smithy.api#uniqueItems": {} + } + }, + "com.amazonaws.verifiedpermissions#Policy": { + "type": "resource", + "identifiers": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId" + }, + "policyId": { + "target": "com.amazonaws.verifiedpermissions#PolicyId" + } + }, + "create": { + "target": "com.amazonaws.verifiedpermissions#CreatePolicy" + }, + "read": { + "target": "com.amazonaws.verifiedpermissions#GetPolicy" + }, + "update": { + "target": "com.amazonaws.verifiedpermissions#UpdatePolicy" + }, + "delete": { + "target": "com.amazonaws.verifiedpermissions#DeletePolicy" + }, + "list": { + "target": "com.amazonaws.verifiedpermissions#ListPolicies" + }, + "traits": { + "aws.cloudformation#cfnResource": {}, + "aws.iam#disableConditionKeyInference": {} + } + }, + "com.amazonaws.verifiedpermissions#PolicyDefinition": { + "type": "union", + "members": { + "static": { + "target": "com.amazonaws.verifiedpermissions#StaticPolicyDefinition", + "traits": { + "smithy.api#documentation": "A structure that describes a static policy. An static policy doesn't use a template or allow\n placeholders for entities.
" + } + }, + "templateLinked": { + "target": "com.amazonaws.verifiedpermissions#TemplateLinkedPolicyDefinition", + "traits": { + "smithy.api#documentation": "A structure that describes a policy that was instantiated from a template. The\n template can specify placeholders for principal and resource.\n When you use CreatePolicy to create a policy from a template, you specify the exact\n principal and resource to use for the instantiated policy.
A structure that contains the details for a Cedar policy definition. It includes the\n policy type, a description, and a policy body. This is a top level data type used to\n create a policy.
\nThis data type is used as a request parameter for the CreatePolicy operation. This\n structure must always have either an static or a templateLinked\n element.
Information about a static policy that wasn't created with a policy template.
" + } + }, + "templateLinked": { + "target": "com.amazonaws.verifiedpermissions#TemplateLinkedPolicyDefinitionDetail", + "traits": { + "smithy.api#documentation": "Information about a template-linked policy that was created by instantiating a policy template.
" + } + } + }, + "traits": { + "smithy.api#documentation": "A structure that describes a policy definition. It must always have either an\n static or a templateLinked element.
This data type is used as a response parameter for the GetPolicy operation.
" + } + }, + "com.amazonaws.verifiedpermissions#PolicyDefinitionItem": { + "type": "union", + "members": { + "static": { + "target": "com.amazonaws.verifiedpermissions#StaticPolicyDefinitionItem", + "traits": { + "smithy.api#documentation": "Information about a static policy that wasn't created with a policy template.
" + } + }, + "templateLinked": { + "target": "com.amazonaws.verifiedpermissions#TemplateLinkedPolicyDefinitionItem", + "traits": { + "smithy.api#documentation": "Information about a template-linked policy that was created by instantiating a policy template.
" + } + } + }, + "traits": { + "smithy.api#documentation": "A structure that describes a PolicyDefinintion. It will\n always have either an StaticPolicy or a TemplateLinkedPolicy\n element.
This data type is used as a response parameter for the CreatePolicy and ListPolicies\n operations.
" + } + }, + "com.amazonaws.verifiedpermissions#PolicyFilter": { + "type": "structure", + "members": { + "principal": { + "target": "com.amazonaws.verifiedpermissions#EntityReference", + "traits": { + "smithy.api#documentation": "Filters the output to only policies that reference the specified principal.
" + } + }, + "resource": { + "target": "com.amazonaws.verifiedpermissions#EntityReference", + "traits": { + "smithy.api#documentation": "Filters the output to only policies that reference the specified resource.
" + } + }, + "policyType": { + "target": "com.amazonaws.verifiedpermissions#PolicyType", + "traits": { + "smithy.api#documentation": "Filters the output to only policies of the specified type.
" + } + }, + "policyTemplateId": { + "target": "com.amazonaws.verifiedpermissions#PolicyTemplateId", + "traits": { + "smithy.api#documentation": "Filters the output to only template-linked policies that were instantiated from the specified\n policy template.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information about a filter to refine policies returned in a query.
\nThis data type is used as a response parameter for the ListPolicies operation.
" + } + }, + "com.amazonaws.verifiedpermissions#PolicyId": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 200 + }, + "smithy.api#pattern": "^[a-zA-Z0-9-]*$" + } + }, + "com.amazonaws.verifiedpermissions#PolicyItem": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "The identifier of the PolicyStore where the policy you want information about is\n stored.
", + "smithy.api#required": {} + } + }, + "policyId": { + "target": "com.amazonaws.verifiedpermissions#PolicyId", + "traits": { + "smithy.api#documentation": "The identifier of the policy you want information about.
", + "smithy.api#required": {} + } + }, + "policyType": { + "target": "com.amazonaws.verifiedpermissions#PolicyType", + "traits": { + "smithy.api#documentation": "The type of the policy. This is one of the following values:
\n\n static\n
\n templateLinked\n
The principal associated with the policy.
" + } + }, + "resource": { + "target": "com.amazonaws.verifiedpermissions#EntityIdentifier", + "traits": { + "smithy.api#documentation": "The resource associated with the policy.
" + } + }, + "definition": { + "target": "com.amazonaws.verifiedpermissions#PolicyDefinitionItem", + "traits": { + "smithy.api#documentation": "The policy definition of an item in the list of policies returned.
", + "smithy.api#required": {} + } + }, + "createdDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time the policy was created.
", + "smithy.api#required": {} + } + }, + "lastUpdatedDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time the policy was most recently updated.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information about a policy.
\nThis data type is used as a response parameter for the ListPolicies operation.
" + } + }, + "com.amazonaws.verifiedpermissions#PolicyList": { + "type": "list", + "member": { + "target": "com.amazonaws.verifiedpermissions#PolicyItem" + } + }, + "com.amazonaws.verifiedpermissions#PolicyStatement": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 10000 + } + } + }, + "com.amazonaws.verifiedpermissions#PolicyStore": { + "type": "resource", + "identifiers": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId" + } + }, + "create": { + "target": "com.amazonaws.verifiedpermissions#CreatePolicyStore" + }, + "read": { + "target": "com.amazonaws.verifiedpermissions#GetPolicyStore" + }, + "update": { + "target": "com.amazonaws.verifiedpermissions#UpdatePolicyStore" + }, + "delete": { + "target": "com.amazonaws.verifiedpermissions#DeletePolicyStore" + }, + "list": { + "target": "com.amazonaws.verifiedpermissions#ListPolicyStores" + }, + "operations": [ + { + "target": "com.amazonaws.verifiedpermissions#GetSchema" + }, + { + "target": "com.amazonaws.verifiedpermissions#IsAuthorized" + }, + { + "target": "com.amazonaws.verifiedpermissions#IsAuthorizedWithToken" + }, + { + "target": "com.amazonaws.verifiedpermissions#PutSchema" + } + ], + "resources": [ + { + "target": "com.amazonaws.verifiedpermissions#IdentitySource" + }, + { + "target": "com.amazonaws.verifiedpermissions#Policy" + }, + { + "target": "com.amazonaws.verifiedpermissions#PolicyTemplate" + } + ], + "traits": { + "aws.api#arn": { + "template": "policy-store/{policyStoreId}", + "noRegion": true + }, + "aws.cloudformation#cfnResource": {}, + "aws.iam#disableConditionKeyInference": {}, + "aws.iam#iamResource": { + "name": "policy-store" + }, + "smithy.api#documentation": "Represents a policy store that you can place schema, policies, and policy templates in to validate authorization requests" + } + }, + "com.amazonaws.verifiedpermissions#PolicyStoreId": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 200 + }, + "smithy.api#pattern": "^[a-zA-Z0-9-]*$" + } + }, + "com.amazonaws.verifiedpermissions#PolicyStoreItem": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "The unique identifier of the policy store.
", + "smithy.api#required": {} + } + }, + "arn": { + "target": "com.amazonaws.verifiedpermissions#ResourceArn", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the policy store.
", + "smithy.api#required": {} + } + }, + "createdDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time the policy was created.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information about a policy store.
\nThis data type is used as a response parameter for the ListPolicyStores\n operation.
" + } + }, + "com.amazonaws.verifiedpermissions#PolicyStoreList": { + "type": "list", + "member": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreItem" + } + }, + "com.amazonaws.verifiedpermissions#PolicyTemplate": { + "type": "resource", + "identifiers": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId" + }, + "policyTemplateId": { + "target": "com.amazonaws.verifiedpermissions#PolicyTemplateId" + } + }, + "create": { + "target": "com.amazonaws.verifiedpermissions#CreatePolicyTemplate" + }, + "read": { + "target": "com.amazonaws.verifiedpermissions#GetPolicyTemplate" + }, + "update": { + "target": "com.amazonaws.verifiedpermissions#UpdatePolicyTemplate" + }, + "delete": { + "target": "com.amazonaws.verifiedpermissions#DeletePolicyTemplate" + }, + "list": { + "target": "com.amazonaws.verifiedpermissions#ListPolicyTemplates" + }, + "traits": { + "aws.cloudformation#cfnResource": {}, + "aws.iam#disableConditionKeyInference": {} + } + }, + "com.amazonaws.verifiedpermissions#PolicyTemplateDescription": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 150 + } + } + }, + "com.amazonaws.verifiedpermissions#PolicyTemplateId": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 200 + }, + "smithy.api#pattern": "^[a-zA-Z0-9-]*$" + } + }, + "com.amazonaws.verifiedpermissions#PolicyTemplateItem": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "The unique identifier of the policy store that contains the template.
", + "smithy.api#required": {} + } + }, + "policyTemplateId": { + "target": "com.amazonaws.verifiedpermissions#PolicyTemplateId", + "traits": { + "smithy.api#documentation": "The unique identifier of the policy template.
", + "smithy.api#required": {} + } + }, + "description": { + "target": "com.amazonaws.verifiedpermissions#PolicyTemplateDescription", + "traits": { + "smithy.api#documentation": "The description attached to the policy template.
" + } + }, + "createdDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time that the policy template was created.
", + "smithy.api#required": {} + } + }, + "lastUpdatedDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time that the policy template was most recently updated.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Contains details about a policy template
\nThis data type is used as a response parameter for the ListPolicyTemplates\n operation.
" + } + }, + "com.amazonaws.verifiedpermissions#PolicyTemplatesList": { + "type": "list", + "member": { + "target": "com.amazonaws.verifiedpermissions#PolicyTemplateItem" + } + }, + "com.amazonaws.verifiedpermissions#PolicyType": { + "type": "enum", + "members": { + "STATIC": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "STATIC" + } + }, + "TEMPLATE_LINKED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "TEMPLATE_LINKED" + } + } + } + }, + "com.amazonaws.verifiedpermissions#PrincipalEntityType": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 200 + }, + "smithy.api#pattern": "^.*$" + } + }, + "com.amazonaws.verifiedpermissions#PutSchema": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#PutSchemaInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#PutSchemaOutput" + }, + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#ConflictException" + }, + { + "target": "com.amazonaws.verifiedpermissions#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.verifiedpermissions#ServiceQuotaExceededException" + } + ], + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to create or update the policy schema in the specified policy store", + "smithy.api#documentation": "Creates or updates the policy schema in the specified policy store. The schema is used to\n validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema\n validate only policies and templates submitted after the schema change. Existing\n policies and templates are not re-evaluated against the changed schema. If you later\n update a policy, then it is evaluated against the new schema at that time.
", + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.verifiedpermissions#PutSchemaInput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the policy store in which to place the schema.
", + "smithy.api#required": {} + } + }, + "definition": { + "target": "com.amazonaws.verifiedpermissions#SchemaDefinition", + "traits": { + "smithy.api#documentation": "Specifies the definition of the schema to be stored. The schema definition must be\n written in Cedar schema JSON.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.verifiedpermissions#PutSchemaOutput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "The unique ID of the policy store that contains the schema.
", + "smithy.api#required": {} + } + }, + "namespaces": { + "target": "com.amazonaws.verifiedpermissions#NamespaceList", + "traits": { + "smithy.api#documentation": "Identifies the namespaces of the entities referenced by this schema.
", + "smithy.api#required": {} + } + }, + "createdDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time that the schema was originally created.
", + "smithy.api#required": {} + } + }, + "lastUpdatedDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time that the schema was last updated.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#RecordAttribute": { + "type": "map", + "key": { + "target": "smithy.api#String" + }, + "value": { + "target": "com.amazonaws.verifiedpermissions#AttributeValue" + } + }, + "com.amazonaws.verifiedpermissions#ResourceArn": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 2500 + }, + "smithy.api#pattern": "^arn:[^:]*:[^:]*:[^:]*:[^:]*:.*$" + } + }, + "com.amazonaws.verifiedpermissions#ResourceConflict": { + "type": "structure", + "members": { + "resourceId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The unique identifier of the resource involved in a conflict.
", + "smithy.api#required": {} + } + }, + "resourceType": { + "target": "com.amazonaws.verifiedpermissions#ResourceType", + "traits": { + "smithy.api#documentation": "The type of the resource involved in a conflict.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information about a resource conflict.
" + } + }, + "com.amazonaws.verifiedpermissions#ResourceConflictList": { + "type": "list", + "member": { + "target": "com.amazonaws.verifiedpermissions#ResourceConflict" + } + }, + "com.amazonaws.verifiedpermissions#ResourceNotFoundException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#required": {} + } + }, + "resourceId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The unique ID of the resource referenced in the failed request.
", + "smithy.api#required": {} + } + }, + "resourceType": { + "target": "com.amazonaws.verifiedpermissions#ResourceType", + "traits": { + "smithy.api#documentation": "The resource type of the resource referenced in the failed request.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "The request failed because it references a resource that doesn't exist.
", + "smithy.api#error": "client", + "smithy.api#httpError": 404 + } + }, + "com.amazonaws.verifiedpermissions#ResourceType": { + "type": "enum", + "members": { + "IDENTITY_SOURCE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "IDENTITY_SOURCE" + } + }, + "POLICY_STORE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "POLICY_STORE" + } + }, + "POLICY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "POLICY" + } + }, + "POLICY_TEMPLATE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "POLICY_TEMPLATE" + } + }, + "SCHEMA": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SCHEMA" + } + } + } + }, + "com.amazonaws.verifiedpermissions#SchemaDefinition": { + "type": "union", + "members": { + "cedarJson": { + "target": "com.amazonaws.verifiedpermissions#SchemaJson", + "traits": { + "smithy.api#documentation": "A JSON string representation of the schema supported by applications that use this\n policy store. For more information, see Policy store schema in the\n Amazon Verified Permissions User Guide.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains a list of principal types, resource types, and actions that can be specified\n in policies stored in the same policy store. If the validation mode for the policy store is set to\n STRICT, then policies that can't be validated by this schema are\n rejected by Verified Permissions and can't be stored in the policy store.
The unique ID of the resource referenced in the failed request.
" + } + }, + "resourceType": { + "target": "com.amazonaws.verifiedpermissions#ResourceType", + "traits": { + "smithy.api#documentation": "The resource type of the resource referenced in the failed request.
", + "smithy.api#required": {} + } + }, + "serviceCode": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The code for the Amazon Web Service that owns the quota.
" + } + }, + "quotaCode": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The quota code recognized by the Amazon Web Services Service Quotas service.
" + } + } + }, + "traits": { + "smithy.api#documentation": "The request failed because it would cause a service quota to be exceeded.
", + "smithy.api#error": "client", + "smithy.api#httpError": 402 + } + }, + "com.amazonaws.verifiedpermissions#SetAttribute": { + "type": "list", + "member": { + "target": "com.amazonaws.verifiedpermissions#AttributeValue" + } + }, + "com.amazonaws.verifiedpermissions#StaticPolicyDefinition": { + "type": "structure", + "members": { + "description": { + "target": "com.amazonaws.verifiedpermissions#StaticPolicyDescription", + "traits": { + "smithy.api#documentation": "The description of the static policy.
" + } + }, + "statement": { + "target": "com.amazonaws.verifiedpermissions#PolicyStatement", + "traits": { + "smithy.api#documentation": "The policy content of the static policy, written in the Cedar policy language.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information about a static policy.
\nThis data type is used as a field that is part of the PolicyDefinitionDetail\n type.
" + } + }, + "com.amazonaws.verifiedpermissions#StaticPolicyDefinitionDetail": { + "type": "structure", + "members": { + "description": { + "target": "com.amazonaws.verifiedpermissions#StaticPolicyDescription", + "traits": { + "smithy.api#documentation": "A description of the static policy.
" + } + }, + "statement": { + "target": "com.amazonaws.verifiedpermissions#PolicyStatement", + "traits": { + "smithy.api#documentation": "The content of the static policy written in the Cedar policy language.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "A structure that contains details about a static policy. It includes the description and\n policy body.
\nThis data type is used within a PolicyDefinition structure as\n part of a request parameter for the CreatePolicy operation.
" + } + }, + "com.amazonaws.verifiedpermissions#StaticPolicyDefinitionItem": { + "type": "structure", + "members": { + "description": { + "target": "com.amazonaws.verifiedpermissions#StaticPolicyDescription", + "traits": { + "smithy.api#documentation": "A description of the static policy.
" + } + } + }, + "traits": { + "smithy.api#documentation": "A structure that contains details about a static policy. It includes the description and\n policy statement.
\nThis data type is used within a PolicyDefinition structure as\n part of a request parameter for the CreatePolicy operation.
" + } + }, + "com.amazonaws.verifiedpermissions#StaticPolicyDescription": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 150 + } + } + }, + "com.amazonaws.verifiedpermissions#StringAttribute": { + "type": "string" + }, + "com.amazonaws.verifiedpermissions#TemplateLinkedPolicyDefinition": { + "type": "structure", + "members": { + "policyTemplateId": { + "target": "com.amazonaws.verifiedpermissions#PolicyTemplateId", + "traits": { + "smithy.api#documentation": "The unique identifier of the policy template used to create this policy.
", + "smithy.api#required": {} + } + }, + "principal": { + "target": "com.amazonaws.verifiedpermissions#EntityIdentifier", + "traits": { + "smithy.api#documentation": "The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the\n ?principal placeholder in the policy template when it evaluates an authorization\n request.
The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the\n ?resource placeholder in the policy template when it evaluates an authorization\n request.
Contains information about a policy created by instantiating a policy template.
" + } + }, + "com.amazonaws.verifiedpermissions#TemplateLinkedPolicyDefinitionDetail": { + "type": "structure", + "members": { + "policyTemplateId": { + "target": "com.amazonaws.verifiedpermissions#PolicyTemplateId", + "traits": { + "smithy.api#documentation": "The unique identifier of the policy template used to create this policy.
", + "smithy.api#required": {} + } + }, + "principal": { + "target": "com.amazonaws.verifiedpermissions#EntityIdentifier", + "traits": { + "smithy.api#documentation": "The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the\n ?principal placeholder in the policy template when it evaluates an authorization\n request.
The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the\n ?resource placeholder in the policy template when it evaluates an authorization\n request.
Contains information about a policy that was
\n \ncreated by instantiating a policy template.
\nThis
" + } + }, + "com.amazonaws.verifiedpermissions#TemplateLinkedPolicyDefinitionItem": { + "type": "structure", + "members": { + "policyTemplateId": { + "target": "com.amazonaws.verifiedpermissions#PolicyTemplateId", + "traits": { + "smithy.api#documentation": "The unique identifier of the policy template used to create this policy.
", + "smithy.api#required": {} + } + }, + "principal": { + "target": "com.amazonaws.verifiedpermissions#EntityIdentifier", + "traits": { + "smithy.api#documentation": "The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the\n ?principal placeholder in the policy template when it evaluates an authorization\n request.
The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the\n ?resource placeholder in the policy template when it evaluates an authorization\n request.
Contains information about a policy created by instantiating a policy template.
\nThis
" + } + }, + "com.amazonaws.verifiedpermissions#ThrottlingException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#required": {} + } + }, + "serviceCode": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The code for the Amazon Web Service that owns the quota.
" + } + }, + "quotaCode": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The quota code recognized by the Amazon Web Services Service Quotas service.
" + } + } + }, + "traits": { + "smithy.api#documentation": "The request failed because it exceeded a throttling quota.
", + "smithy.api#error": "client", + "smithy.api#httpError": 429, + "smithy.api#retryable": { + "throttling": true + } + } + }, + "com.amazonaws.verifiedpermissions#TimestampFormat": { + "type": "timestamp", + "traits": { + "smithy.api#timestampFormat": "date-time" + } + }, + "com.amazonaws.verifiedpermissions#Token": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 131072 + }, + "smithy.api#pattern": "^[A-Za-z0-9-_=]+.[A-Za-z0-9-_=]+.[A-Za-z0-9-_=]+$" + } + }, + "com.amazonaws.verifiedpermissions#UpdateCognitoUserPoolConfiguration": { + "type": "structure", + "members": { + "userPoolArn": { + "target": "com.amazonaws.verifiedpermissions#UserPoolArn", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool associated with this identity source.
", + "smithy.api#required": {} + } + }, + "clientIds": { + "target": "com.amazonaws.verifiedpermissions#ClientIds", + "traits": { + "smithy.api#documentation": "The client ID of an app client that is configured for the specified Amazon Cognito user\n pool.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains configuration details of a Amazon Cognito user pool for use with an identity source.
" + } + }, + "com.amazonaws.verifiedpermissions#UpdateConfiguration": { + "type": "union", + "members": { + "cognitoUserPoolConfiguration": { + "target": "com.amazonaws.verifiedpermissions#UpdateCognitoUserPoolConfiguration", + "traits": { + "smithy.api#documentation": "Contains configuration details of a Amazon Cognito user pool.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains an updated configuration to replace the configuration in an existing\n identity source.
\nAt this time, the only valid member of this structure is a Amazon Cognito user pool\n configuration.
\nYou must specify a userPoolArn, and optionally, a\n ClientId.
Updates the specified identity source to use a new identity provider (IdP) source, or to change\n the mapping of identities from the IdP to a different principal entity type.
", + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.verifiedpermissions#UpdateIdentitySourceInput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the policy store that contains the identity source that you want to update.
", + "smithy.api#required": {} + } + }, + "identitySourceId": { + "target": "com.amazonaws.verifiedpermissions#IdentitySourceId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the identity source that you want to update.
", + "smithy.api#required": {} + } + }, + "updateConfiguration": { + "target": "com.amazonaws.verifiedpermissions#UpdateConfiguration", + "traits": { + "aws.cloudformation#cfnExcludeProperty": {}, + "smithy.api#documentation": "Specifies the details required to communicate with the identity provider (IdP)\n associated with this identity source.
\nAt this time, the only valid member of this structure is a Amazon Cognito user pool\n configuration.
\nYou must specify a userPoolArn, and optionally, a\n ClientId.
Specifies the data type of principals generated for identities authenticated by the\n identity source.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.verifiedpermissions#UpdateIdentitySourceOutput": { + "type": "structure", + "members": { + "createdDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time that the updated identity source was originally created.
", + "smithy.api#required": {} + } + }, + "identitySourceId": { + "target": "com.amazonaws.verifiedpermissions#IdentitySourceId", + "traits": { + "smithy.api#documentation": "The ID of the updated identity source.
", + "smithy.api#required": {} + } + }, + "lastUpdatedDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time that the identity source was most recently updated.
", + "smithy.api#required": {} + } + }, + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "The ID of the policy store that contains the updated identity source.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#UpdatePolicy": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#UpdatePolicyInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#UpdatePolicyOutput" + }, + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#ConflictException" + }, + { + "target": "com.amazonaws.verifiedpermissions#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.verifiedpermissions#ServiceQuotaExceededException" + } + ], + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to modify the specified Cedar static policy in the specified policy store", + "smithy.api#documentation": "Modifies a Cedar static policy in the specified policy store. You can change only certain elements of\n the UpdatePolicyDefinition parameter. You can directly update only static policies. To\n change a template-linked policy, you must update the template instead, using UpdatePolicyTemplate.
\nIf policy validation is enabled in the policy store, then updating a static policy causes Verified Permissions to\n validate the policy against the schema in the policy store. If the updated static policy doesn't pass\n validation, the operation fails and the update isn't stored.
\nContains details about the updates to be applied to a static policy.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information about updates to be applied to a policy.
\nThis data type is used as a request parameter in the UpdatePolicy operation.
" + } + }, + "com.amazonaws.verifiedpermissions#UpdatePolicyInput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the policy store that contains the policy that you want to update.
", + "smithy.api#required": {} + } + }, + "policyId": { + "target": "com.amazonaws.verifiedpermissions#PolicyId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the policy that you want to update. To find this value, you can\n use ListPolicies.
", + "smithy.api#required": {} + } + }, + "definition": { + "target": "com.amazonaws.verifiedpermissions#UpdatePolicyDefinition", + "traits": { + "aws.cloudformation#cfnExcludeProperty": {}, + "smithy.api#documentation": "Specifies the updated policy content that you want to replace on the specified policy.\n The content must be valid Cedar policy language text.
\nYou can change only the following elements from the policy definition:
\nThe action referenced by the policy.
Any conditional clauses, such as when or unless\n clauses.
You can't change the following elements:
\nChanging from static to templateLinked.
Changing the effect of the policy from permit or\n forbid.
The principal referenced by the policy.
The resource referenced by the policy.
The ID of the policy store that contains the policy that was updated.
", + "smithy.api#required": {} + } + }, + "policyId": { + "target": "com.amazonaws.verifiedpermissions#PolicyId", + "traits": { + "smithy.api#documentation": "The ID of the policy that was updated.
", + "smithy.api#required": {} + } + }, + "policyType": { + "target": "com.amazonaws.verifiedpermissions#PolicyType", + "traits": { + "smithy.api#documentation": "The type of the policy that was updated.
", + "smithy.api#required": {} + } + }, + "principal": { + "target": "com.amazonaws.verifiedpermissions#EntityIdentifier", + "traits": { + "smithy.api#documentation": "The principal specified in the policy's scope. This element isn't included in the\n response when Principal isn't present in the policy content.
The resource specified in the policy's scope. This element isn't included in the\n response when Resource isn't present in the policy content.
The date and time that the policy was originally created.
", + "smithy.api#required": {} + } + }, + "lastUpdatedDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time that the policy was most recently updated.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#UpdatePolicyStore": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#UpdatePolicyStoreInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#UpdatePolicyStoreOutput" + }, + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#ConflictException" + }, + { + "target": "com.amazonaws.verifiedpermissions#ResourceNotFoundException" + } + ], + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to modify the validation setting for a policy store", + "smithy.api#documentation": "Modifies the validation setting for a policy store.
", + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.verifiedpermissions#UpdatePolicyStoreInput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the policy store that you want to update
", + "smithy.api#required": {} + } + }, + "validationSettings": { + "target": "com.amazonaws.verifiedpermissions#ValidationSettings", + "traits": { + "smithy.api#documentation": "A structure that defines the validation settings that want to enable for the\n policy store.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.verifiedpermissions#UpdatePolicyStoreOutput": { + "type": "structure", + "members": { + "policyStoreId": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreId", + "traits": { + "smithy.api#documentation": "The ID of the updated policy store.
", + "smithy.api#required": {} + } + }, + "arn": { + "target": "com.amazonaws.verifiedpermissions#ResourceArn", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the updated policy store.
", + "smithy.api#required": {} + } + }, + "createdDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time that the policy store was originally created.
", + "smithy.api#required": {} + } + }, + "lastUpdatedDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time that the policy store was most recently updated.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#UpdatePolicyTemplate": { + "type": "operation", + "input": { + "target": "com.amazonaws.verifiedpermissions#UpdatePolicyTemplateInput" + }, + "output": { + "target": "com.amazonaws.verifiedpermissions#UpdatePolicyTemplateOutput" + }, + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#ConflictException" + }, + { + "target": "com.amazonaws.verifiedpermissions#ResourceNotFoundException" + } + ], + "traits": { + "aws.iam#actionPermissionDescription": "Grants permission to update the specified policy template", + "smithy.api#documentation": "Updates the specified policy template. You can update only the description and the some elements\n of the policyBody.
\nChanges you make to the policy template content are immediately reflected in authorization\n decisions that involve all template-linked policies instantiated from this template.
\nSpecifies the ID of the policy store that contains the policy template that you want to update.
", + "smithy.api#required": {} + } + }, + "policyTemplateId": { + "target": "com.amazonaws.verifiedpermissions#PolicyTemplateId", + "traits": { + "smithy.api#documentation": "Specifies the ID of the policy template that you want to update.
", + "smithy.api#required": {} + } + }, + "description": { + "target": "com.amazonaws.verifiedpermissions#PolicyTemplateDescription", + "traits": { + "smithy.api#documentation": "Specifies a new description to apply to the policy template.
" + } + }, + "statement": { + "target": "com.amazonaws.verifiedpermissions#PolicyStatement", + "traits": { + "smithy.api#documentation": "Specifies new statement content written in Cedar policy language to replace the\n current body of the policy template.
\nYou can change only the following elements of the policy body:
\nThe action referenced by the policy template.
Any conditional clauses, such as when or unless\n clauses.
You can't change the following elements:
\nThe effect (permit or forbid) of the policy template.
The principal referenced by the policy template.
The resource referenced by the policy template.
The ID of the policy store that contains the updated policy template.
", + "smithy.api#required": {} + } + }, + "policyTemplateId": { + "target": "com.amazonaws.verifiedpermissions#PolicyTemplateId", + "traits": { + "smithy.api#documentation": "The ID of the updated policy template.
", + "smithy.api#required": {} + } + }, + "createdDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time that the policy template was originally created.
", + "smithy.api#required": {} + } + }, + "lastUpdatedDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "The date and time that the policy template was most recently updated.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.verifiedpermissions#UpdateStaticPolicyDefinition": { + "type": "structure", + "members": { + "description": { + "target": "com.amazonaws.verifiedpermissions#StaticPolicyDescription", + "traits": { + "smithy.api#documentation": "Specifies the description to be added to or replaced on the static policy.
" + } + }, + "statement": { + "target": "com.amazonaws.verifiedpermissions#PolicyStatement", + "traits": { + "smithy.api#documentation": "Specifies the Cedar policy language text to be added to or replaced on the static policy.
\nYou can change only the following elements from the original content:
\nThe action referenced by the policy.
Any conditional clauses, such as when or unless\n clauses.
You can't change the following elements:
\nChanging from StaticPolicy to\n TemplateLinkedPolicy.
The effect (permit or forbid) of the\n policy.
The principal referenced by the policy.
The resource referenced by the policy.
Contains information about an update to a static policy.
" + } + }, + "com.amazonaws.verifiedpermissions#UserPoolArn": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 255 + }, + "smithy.api#pattern": "^arn:[a-zA-Z0-9-]+:cognito-idp:(([a-zA-Z0-9-]+:\\d{12}:userpool/[\\w-]+_[0-9a-zA-Z]+))$" + } + }, + "com.amazonaws.verifiedpermissions#ValidationException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#required": {} + } + }, + "fieldList": { + "target": "com.amazonaws.verifiedpermissions#ValidationExceptionFieldList", + "traits": { + "smithy.api#documentation": "The list of fields that aren't valid.
" + } + } + }, + "traits": { + "smithy.api#documentation": "The request failed because one or more input parameters don't satisfy their constraint\n requirements. The output is provided as a list of fields and a reason for each field that\n isn't valid.
\nThe possible reasons include the following:
\n\n UnrecognizedEntityType\n
\nThe policy includes an entity type that isn't found in the schema.
\n\n UnrecognizedActionId\n
\nThe policy includes an action id that isn't found in the schema.
\n\n InvalidActionApplication\n
\nThe policy includes an action that, according to the schema, doesn't support\n the specified principal and resource.
\n\n UnexpectedType\n
\nThe policy included an operand that isn't a valid type for the specified\n operation.
\n\n IncompatibleTypes\n
\nThe types of elements included in a set, or the types of\n expressions used in an if...then...else clause aren't compatible in\n this context.
\n MissingAttribute\n
\nThe policy attempts to access a record or entity attribute that isn't\n specified in the schema. Test for the existence of the attribute first before\n attempting to access its value. For more information, see the has (presence of attribute test) operator in the\n Cedar Policy Language Guide.
\n\n UnsafeOptionalAttributeAccess\n
\nThe policy attempts to access a record or entity attribute that is optional\n and isn't guaranteed to be present. Test for the existence of the attribute\n first before attempting to access its value. For more information, see the\n has (presence of attribute test) operator in the\n Cedar Policy Language Guide.
\n\n ImpossiblePolicy\n
\nCedar has determined that a policy condition always evaluates to false. If\n the policy is always false, it can never apply to any query, and so it can never\n affect an authorization decision.
\n\n WrongNumberArguments\n
\nThe policy references an extension type with the wrong number of\n arguments.
\n\n FunctionArgumentValidationError\n
\nCedar couldn't parse the argument passed to an extension type. For example,\n a string that is to be parsed as an IPv4 address can contain only digits and the\n period character.
\nThe path to the specific element that Verified Permissions found to be not valid.
", + "smithy.api#required": {} + } + }, + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Describes the policy validation error.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Details about a field that failed policy validation.
" + } + }, + "com.amazonaws.verifiedpermissions#ValidationExceptionFieldList": { + "type": "list", + "member": { + "target": "com.amazonaws.verifiedpermissions#ValidationExceptionField" + } + }, + "com.amazonaws.verifiedpermissions#ValidationMode": { + "type": "enum", + "members": { + "OFF": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "OFF" + } + }, + "STRICT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "STRICT" + } + } + } + }, + "com.amazonaws.verifiedpermissions#ValidationSettings": { + "type": "structure", + "members": { + "mode": { + "target": "com.amazonaws.verifiedpermissions#ValidationMode", + "traits": { + "smithy.api#documentation": "The validation mode currently configured for this policy store. The valid values are:
\n\n OFF – Neither Verified Permissions nor Cedar\n perform any validation on policies. No validation errors are reported by either\n service.
\n\n STRICT – Requires a schema to be\n present in the policy store. Cedar performs validation on all submitted new or updated\n static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store\n them in the policy store.
\nIf Mode=STRICT and the policy store doesn't contain a schema, Verified Permissions rejects\n all static policies and policy templates because there is no schema to validate against.
To submit a static policy or policy template without a schema, you must turn off validation.
\nA structure that contains Cedar policy validation settings for the policy store. The\n validation mode determines which validation failures that Cedar considers serious\n enough to block acceptance of a new or edited static policy or policy template.
\nThis data type is used as a request parameter in the CreatePolicyStore and UpdatePolicyStore operations.
" + } + }, + "com.amazonaws.verifiedpermissions#VerifiedPermissions": { + "type": "service", + "version": "2021-12-01", + "resources": [ + { + "target": "com.amazonaws.verifiedpermissions#PolicyStore" + } + ], + "errors": [ + { + "target": "com.amazonaws.verifiedpermissions#AccessDeniedException" + }, + { + "target": "com.amazonaws.verifiedpermissions#InternalServerException" + }, + { + "target": "com.amazonaws.verifiedpermissions#ThrottlingException" + }, + { + "target": "com.amazonaws.verifiedpermissions#ThrottlingException" + }, + { + "target": "com.amazonaws.verifiedpermissions#ValidationException" + } + ], + "traits": { + "aws.api#service": { + "sdkId": "VerifiedPermissions", + "arnNamespace": "verifiedpermissions", + "endpointPrefix": "verifiedpermissions" + }, + "aws.auth#sigv4": { + "name": "verifiedpermissions" + }, + "aws.iam#supportedPrincipalTypes": [ + "Root", + "IAMUser", + "IAMRole", + "FederatedUser" + ], + "aws.protocols#awsJson1_0": {}, + "smithy.api#documentation": "Amazon Verified Permissions is a permissions management service from Amazon Web Services. You can use Verified Permissions to manage\n permissions for your application, and authorize user access based on those permissions.\n Using Verified Permissions, application developers can grant access based on information about the\n users, resources, and requested actions. You can also evaluate additional information\n like group membership, attributes of the resources, and session context, such as time of\n request and IP addresses. Verified Permissions manages these permissions by letting you create and\n store authorization policies for your applications, such as consumer-facing web sites\n and enterprise business systems.
\nVerified Permissions uses Cedar as the policy language to express your permission requirements.\n Cedar supports both role-based access control (RBAC) and attribute-based access\n control (ABAC) authorization models.
\nFor more information about configuring, administering, and using Amazon Verified Permissions in your\n applications, see the Amazon Verified Permissions User Guide.
\nFor more information about the Cedar policy language, see the Cedar Policy Language Guide.
\nWhen you write Cedar policies that reference principals, resources and actions,\n you can define the unique identifiers used for each of those elements. We strongly\n recommend that you follow these best practices:
\n\n Use values like universally unique identifiers\n (UUIDs) for all principal and resource identifiers.\n
\nFor example, if user jane leaves the company, and you later\n let someone else use the name jane, then that new user\n automatically gets access to everything granted by policies that still\n reference User::\"jane\". Cedar can’t distinguish between the\n new user and the old. This applies to both principal and resource\n identifiers. Always use identifiers that are guaranteed unique and never\n reused to ensure that you don’t unintentionally grant access because of the\n presence of an old identifier in a policy.
Where you use a UUID for an entity, we recommend that you follow it with\n the // comment specifier and the ‘friendly’ name of your entity. This helps\n to make your policies easier to understand. For example: principal ==\n User::\"a1b2c3d4-e5f6-a1b2-c3d4-EXAMPLE11111\", // alice
\n\n Do not include personally identifying, confidential,\n or sensitive information as part of the unique identifier for your\n principals or resources. These identifiers are included in\n log entries shared in CloudTrail trails.
\nSeveral operations return structures that appear similar, but have different purposes.\n As new functionality is added to the product, the structure used in a parameter of one\n operation might need to change in a way that wouldn't make sense for the same parameter\n in a different operation. To help you understand the purpose of each, the following\n naming convention is used for the structures:
\nParameters that end in Detail are used in Get\n operations.
Parameters that end in Item are used in List\n operations.
Parameters that use neither suffix are used in the mutating (create and\n update) operations.
\nThe path of the account creation endpoint for your application. This is the page on your website that accepts the completed registration form for a new user. This page must accept POST requests.
For example, for the URL https://example.com/web/signup, you would provide the path /web/signup.
The path of the account registration endpoint for your application. This is the page on your website that presents the registration form to new users.
\nThis page must accept GET text/html requests.
For example, for the URL https://example.com/web/register, you would provide the path /web/register.
The criteria for inspecting account creation requests, used by the ACFP rule group to validate and track account creation attempts.
", + "smithy.api#required": {} + } + }, + "ResponseInspection": { + "target": "com.amazonaws.wafv2#ResponseInspection", + "traits": { + "smithy.api#documentation": "The criteria for inspecting responses to account creation requests, used by the ACFP rule group to track account creation success rates.
\nResponse inspection is available only in web ACLs that protect Amazon CloudFront distributions.
\nThe ACFP rule group evaluates the responses that your protected resources send back to client account creation attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels \n and mitigates requests from client sessions and IP addresses that have had too many successful account creation attempts in a short amount of time.
" + } + }, + "EnableRegexInPath": { + "target": "com.amazonaws.wafv2#Boolean", + "traits": { + "smithy.api#default": false, + "smithy.api#documentation": "Allow the use of regular expressions in the registration page path and the account creation path.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Details for your use of the account creation fraud prevention managed rule group, AWSManagedRulesACFPRuleSet. This configuration is used in ManagedRuleGroupConfig.
The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.
\nThe ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels \n and mitigates requests from client sessions and IP addresses that submit too many failed login attempts in a short amount of time.
\nResponse inspection is available only in web ACLs that protect Amazon CloudFront distributions.
\nThe criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.
\nResponse inspection is available only in web ACLs that protect Amazon CloudFront distributions.
\nThe ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts for each IP address and client session. Using this information, the rule group labels \n and mitigates requests from client sessions and IP addresses that have had too many failed login attempts in a short amount of time.
" + } + }, + "EnableRegexInPath": { + "target": "com.amazonaws.wafv2#Boolean", + "traits": { + "smithy.api#default": false, + "smithy.api#documentation": "Allow the use of regular expressions in the login page path.
" } } }, @@ -1644,6 +1693,27 @@ } } }, + "com.amazonaws.wafv2#AddressField": { + "type": "structure", + "members": { + "Identifier": { + "target": "com.amazonaws.wafv2#FieldIdentifier", + "traits": { + "smithy.api#documentation": "The name of a single primary address field.
\nHow you specify the address fields depends on the request inspection payload type.
\nFor JSON payloads, specify the field identifiers in JSON\n pointer syntax. For information about the JSON Pointer\n syntax, see the Internet Engineering Task Force (IETF)\n documentation JavaScript\n \tObject Notation (JSON) Pointer.
\nFor example, for the JSON payload { \"form\": { \"primaryaddressline1\": \"THE_ADDRESS1\", \"primaryaddressline2\": \"THE_ADDRESS2\", \"primaryaddressline3\": \"THE_ADDRESS3\" } }, \n the address field idenfiers are /form/primaryaddressline1, /form/primaryaddressline2, and /form/primaryaddressline3.
For form encoded payload types, use the HTML form names.
\nFor example, for an HTML form with input elements\n named primaryaddressline1, primaryaddressline2, and primaryaddressline3, the address fields identifiers are primaryaddressline1, primaryaddressline2, and primaryaddressline3.
The name of a field in the request payload that contains part or all of your customer's primary physical address.
\nThis data type is used in the RequestInspectionACFP data type.
The name of the email field.
\nHow you specify this depends on the request inspection payload type.
\nFor JSON payloads, specify the field name in JSON\n pointer syntax. For information about the JSON Pointer\n syntax, see the Internet Engineering Task Force (IETF)\n documentation JavaScript\n \tObject Notation (JSON) Pointer.
\nFor example, for the JSON payload { \"form\": { \"email\": \"THE_EMAIL\" } }, \n the email field specification is /form/email.
For form encoded payload types, use the HTML form names.
\nFor example, for an HTML form with the input element\n named email1, the email field specification is email1.
The name of the field in the request payload that contains your customer's email.
\nThis data type is used in the RequestInspectionACFP data type.
Inspect a string containing the list of the request's header names, ordered as they appear in the web request\nthat WAF receives for inspection. \n WAF generates the string and then uses that as the field to match component in its inspection. \n WAF separates the header names in the string using commas and no added spaces.
\nMatches against the header order string are case insensitive.
" + "smithy.api#documentation": "Inspect a string containing the list of the request's header names, ordered as they appear in the web request\nthat WAF receives for inspection. \n WAF generates the string and then uses that as the field to match component in its inspection. \n WAF separates the header names in the string using colons and no added spaces, for example host:user-agent:accept:authorization:referer.
The URL to use in SDK integrations with Amazon Web Services managed rule groups. For example, you can use the integration SDKs with the account takeover prevention managed rule group AWSManagedRulesATPRuleSet. This is only populated if you are using a rule group in your web ACL that integrates with your applications in this way. For more information, see WAF client application integration \nin the WAF Developer Guide.
The URL to use in SDK integrations with Amazon Web Services managed rule groups. For example, you can use the integration SDKs with the account takeover prevention managed rule group AWSManagedRulesATPRuleSet and the account creation fraud prevention managed rule group AWSManagedRulesACFPRuleSet. This is only populated if you are using a rule group in your web ACL that integrates with your applications in this way. For more information, see WAF client application integration \nin the WAF Developer Guide.
Inspect a string containing the list of the request's header names, ordered as they appear in the web request\nthat WAF receives for inspection. \n WAF generates the string and then uses that as the field to match component in its inspection. \n WAF separates the header names in the string using commas and no added spaces.
\nMatches against the header order string are case insensitive.
" + "smithy.api#documentation": "Inspect a string containing the list of the request's header names, ordered as they appear in the web request\nthat WAF receives for inspection. \n WAF generates the string and then uses that as the field to match component in its inspection. \n WAF separates the header names in the string using colons and no added spaces, for example host:user-agent:accept:authorization:referer.
The parts of the request that you want to keep out of the logs. For example, if you\n redact the SingleHeader field, the HEADER field in the logs will\n be REDACTED.
You can specify only the following fields for redaction: UriPath,\n QueryString, SingleHeader, Method, and\n JsonBody.
The parts of the request that you want to keep out of the logs.
\nFor example, if you\n redact the SingleHeader field, the HEADER field in the logs will\n be REDACTED for all rules that use the SingleHeader\n FieldToMatch setting.
Redaction applies only to the component that's specified in the rule's FieldToMatch setting, so the SingleHeader redaction \n doesn't apply to rules that use the Headers\n FieldToMatch.
You can specify only the following fields for redaction: UriPath,\n QueryString, SingleHeader, and Method.
Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet\n RequestInspection.
Instead of this setting, provide your configuration under the request inspection configuration for AWSManagedRulesATPRuleSet or AWSManagedRulesACFPRuleSet.
Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet\n RequestInspection.
Instead of this setting, provide your configuration under the request inspection configuration for AWSManagedRulesATPRuleSet or AWSManagedRulesACFPRuleSet.
Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet\n RequestInspection.
Instead of this setting, provide your configuration under the request inspection configuration for AWSManagedRulesATPRuleSet or AWSManagedRulesACFPRuleSet.
Additional configuration for using the account takeover prevention (ATP) managed rule group, AWSManagedRulesATPRuleSet. \n Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide\n the information about how your distribution responds to login requests.
This configuration replaces the individual configuration fields in ManagedRuleGroupConfig and provides additional feature configuration.
For information \n about using the ATP managed rule group, see WAF Fraud Control account takeover prevention (ATP) rule group \n and WAF Fraud Control account takeover prevention (ATP)\n in the WAF Developer Guide.
" } + }, + "AWSManagedRulesACFPRuleSet": { + "target": "com.amazonaws.wafv2#AWSManagedRulesACFPRuleSet", + "traits": { + "smithy.api#documentation": "Additional configuration for using the account creation fraud prevention (ACFP) managed rule group, AWSManagedRulesACFPRuleSet. \n Use this to provide account creation request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide\n the information about how your distribution responds to account creation requests.
For information \n about using the ACFP managed rule group, see WAF Fraud Control account creation fraud prevention (ACFP) rule group \n and WAF Fraud Control account creation fraud prevention (ACFP)\n in the WAF Developer Guide.
" + } } }, "traits": { - "smithy.api#documentation": "Additional information that's used by a managed rule group. Many managed rule groups don't require this.
\nUse the AWSManagedRulesATPRuleSet configuration object for the account takeover prevention managed rule group, to provide information such as the sign-in page of your application and the type of content to accept or reject from the client.
Use the AWSManagedRulesBotControlRuleSet configuration object to configure the \n protection level that you want the Bot Control rule group to use.
For example specifications, see the examples section of CreateWebACL.
" + "smithy.api#documentation": "Additional information that's used by a managed rule group. Many managed rule groups don't require this.
\nThe rule groups used for intelligent threat mitigation require additional configuration:
\nUse the AWSManagedRulesACFPRuleSet configuration object to configure the account creation fraud prevention managed rule group. The configuration includes the registration and sign-up pages of your application and the locations in the account creation request payload of data, such as the user email and phone number fields.
Use the AWSManagedRulesATPRuleSet configuration object to configure the account takeover prevention managed rule group. The configuration includes the sign-in page of your application and the locations in the login request payload of data such as the username and password.
Use the AWSManagedRulesBotControlRuleSet configuration object to configure the \n protection level that you want the Bot Control rule group to use.
For example specifications, see the examples section of CreateWebACL.
" } }, "com.amazonaws.wafv2#ManagedRuleGroupConfigs": { @@ -8302,7 +8403,7 @@ "ManagedRuleGroupConfigs": { "target": "com.amazonaws.wafv2#ManagedRuleGroupConfigs", "traits": { - "smithy.api#documentation": "Additional information that's used by a managed rule group. Many managed rule groups don't require this.
\nUse the AWSManagedRulesATPRuleSet configuration object for the account takeover prevention managed rule group, to provide information such as the sign-in page of your application and the type of content to accept or reject from the client.
Use the AWSManagedRulesBotControlRuleSet configuration object to configure the \n protection level that you want the Bot Control rule group to use.
Additional information that's used by a managed rule group. Many managed rule groups don't require this.
\nThe rule groups used for intelligent threat mitigation require additional configuration:
\nUse the AWSManagedRulesACFPRuleSet configuration object to configure the account creation fraud prevention managed rule group. The configuration includes the registration and sign-up pages of your application and the locations in the account creation request payload of data, such as the user email and phone number fields.
Use the AWSManagedRulesATPRuleSet configuration object to configure the account takeover prevention managed rule group. The configuration includes the sign-in page of your application and the locations in the login request payload of data such as the username and password.
Use the AWSManagedRulesBotControlRuleSet configuration object to configure the \n protection level that you want the Bot Control rule group to use.
A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names by calling ListAvailableManagedRuleGroups.
\nYou cannot nest a ManagedRuleGroupStatement, for example for use inside a NotStatement or OrStatement. It can only be referenced as a top-level statement within a rule.
You are charged additional fees when you use the WAF Bot Control managed rule group AWSManagedRulesBotControlRuleSet or the WAF Fraud Control account takeover prevention (ATP) managed rule group AWSManagedRulesATPRuleSet. For more information, see WAF Pricing.
A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names by calling ListAvailableManagedRuleGroups.
\nYou cannot nest a ManagedRuleGroupStatement, for example for use inside a NotStatement or OrStatement. It can only be referenced as a top-level statement within a rule.
You are charged additional fees when you use the WAF Bot Control managed rule group AWSManagedRulesBotControlRuleSet, the WAF Fraud Control account takeover prevention (ATP) managed rule group AWSManagedRulesATPRuleSet, or the WAF Fraud Control account creation fraud prevention (ACFP) managed rule group AWSManagedRulesACFPRuleSet. For more information, see WAF Pricing.
The name of the password field. For example /form/password.
The name of the password field.
\nHow you specify this depends on the request inspection payload type.
\nFor JSON payloads, specify the field name in JSON\n pointer syntax. For information about the JSON Pointer\n syntax, see the Internet Engineering Task Force (IETF)\n documentation JavaScript\n \tObject Notation (JSON) Pointer.
\nFor example, for the JSON payload { \"form\": { \"password\": \"THE_PASSWORD\" } }, \n the password field specification is /form/password.
For form encoded payload types, use the HTML form names.
\nFor example, for an HTML form with the input element\n named password1, the password field specification is password1.
Details about your login page password field for request inspection, used in the \n AWSManagedRulesATPRuleSet\n RequestInspection configuration.
The name of the field in the request payload that contains your customer's password.
\nThis data type is used in the RequestInspection and RequestInspectionACFP data types.
The name of a single primary phone number field.
\nHow you specify the phone number fields depends on the request inspection payload type.
\nFor JSON payloads, specify the field identifiers in JSON\n pointer syntax. For information about the JSON Pointer\n syntax, see the Internet Engineering Task Force (IETF)\n documentation JavaScript\n \tObject Notation (JSON) Pointer.
\nFor example, for the JSON payload { \"form\": { \"primaryphoneline1\": \"THE_PHONE1\", \"primaryphoneline2\": \"THE_PHONE2\", \"primaryphoneline3\": \"THE_PHONE3\" } }, \n the phone number field identifiers are /form/primaryphoneline1, /form/primaryphoneline2, and /form/primaryphoneline3.
For form encoded payload types, use the HTML form names.
\nFor example, for an HTML form with input elements\n named primaryphoneline1, primaryphoneline2, and primaryphoneline3, the phone number field identifiers are primaryphoneline1, primaryphoneline2, and primaryphoneline3.
The name of a field in the request payload that contains part or all of your customer's primary phone number.
\nThis data type is used in the RequestInspectionACFP data type.
Details about your login page username field.
\nHow you specify this depends on the payload type.
\nFor JSON payloads, specify the field name in JSON\n pointer syntax. For information about the JSON Pointer\n syntax, see the Internet Engineering Task Force (IETF)\n documentation JavaScript\n \tObject Notation (JSON) Pointer.
\nFor example, for the JSON payload { \"login\": { \"username\": \"THE_USERNAME\", \"password\": \"THE_PASSWORD\" } }, \n the username field specification is\n /login/username and the password field\n specification is /login/password.
For form encoded payload types, use the HTML form names.
\nFor example, for an HTML form with input elements\n named username1 and password1,\n the username field specification is\n username1 and the password field\n specification is password1.
The name of the field in the request payload that contains your customer's username.
\nHow you specify this depends on the request inspection payload type.
\nFor JSON payloads, specify the field name in JSON\n pointer syntax. For information about the JSON Pointer\n syntax, see the Internet Engineering Task Force (IETF)\n documentation JavaScript\n \tObject Notation (JSON) Pointer.
\nFor example, for the JSON payload { \"form\": { \"username\": \"THE_USERNAME\" } }, \n the username field specification is /form/username.
For form encoded payload types, use the HTML form names.
\nFor example, for an HTML form with the input element\n named username1, the username field specification is\n username1\n
Details about your login page password field.
\nHow you specify this depends on the payload type.
\nFor JSON payloads, specify the field name in JSON\n pointer syntax. For information about the JSON Pointer\n syntax, see the Internet Engineering Task Force (IETF)\n documentation JavaScript\n \tObject Notation (JSON) Pointer.
\nFor example, for the JSON payload { \"login\": { \"username\": \"THE_USERNAME\", \"password\": \"THE_PASSWORD\" } }, \n the username field specification is\n /login/username and the password field\n specification is /login/password.
For form encoded payload types, use the HTML form names.
\nFor example, for an HTML form with input elements\n named username1 and password1,\n the username field specification is\n username1 and the password field\n specification is password1.
The name of the field in the request payload that contains your customer's password.
\nHow you specify this depends on the request inspection payload type.
\nFor JSON payloads, specify the field name in JSON\n pointer syntax. For information about the JSON Pointer\n syntax, see the Internet Engineering Task Force (IETF)\n documentation JavaScript\n \tObject Notation (JSON) Pointer.
\nFor example, for the JSON payload { \"form\": { \"password\": \"THE_PASSWORD\" } }, \n the password field specification is /form/password.
For form encoded payload types, use the HTML form names.
\nFor example, for an HTML form with the input element\n named password1, the password field specification is password1.
The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage.
\nThis is part of the AWSManagedRulesATPRuleSet configuration in ManagedRuleGroupConfig.
In these settings, you specify how your application accepts login attempts\n by providing the request payload type and the names of the fields \n within the request body where the username and password are provided.
" } }, + "com.amazonaws.wafv2#RequestInspectionACFP": { + "type": "structure", + "members": { + "PayloadType": { + "target": "com.amazonaws.wafv2#PayloadType", + "traits": { + "smithy.api#documentation": "The payload type for your account creation endpoint, either JSON or form encoded.
", + "smithy.api#required": {} + } + }, + "UsernameField": { + "target": "com.amazonaws.wafv2#UsernameField", + "traits": { + "smithy.api#documentation": "The name of the field in the request payload that contains your customer's username.
\nHow you specify this depends on the request inspection payload type.
\nFor JSON payloads, specify the field name in JSON\n pointer syntax. For information about the JSON Pointer\n syntax, see the Internet Engineering Task Force (IETF)\n documentation JavaScript\n \tObject Notation (JSON) Pointer.
\nFor example, for the JSON payload { \"form\": { \"username\": \"THE_USERNAME\" } }, \n the username field specification is /form/username.
For form encoded payload types, use the HTML form names.
\nFor example, for an HTML form with the input element\n named username1, the username field specification is\n username1\n
The name of the field in the request payload that contains your customer's password.
\nHow you specify this depends on the request inspection payload type.
\nFor JSON payloads, specify the field name in JSON\n pointer syntax. For information about the JSON Pointer\n syntax, see the Internet Engineering Task Force (IETF)\n documentation JavaScript\n \tObject Notation (JSON) Pointer.
\nFor example, for the JSON payload { \"form\": { \"password\": \"THE_PASSWORD\" } }, \n the password field specification is /form/password.
For form encoded payload types, use the HTML form names.
\nFor example, for an HTML form with the input element\n named password1, the password field specification is password1.
The name of the field in the request payload that contains your customer's email.
\nHow you specify this depends on the request inspection payload type.
\nFor JSON payloads, specify the field name in JSON\n pointer syntax. For information about the JSON Pointer\n syntax, see the Internet Engineering Task Force (IETF)\n documentation JavaScript\n \tObject Notation (JSON) Pointer.
\nFor example, for the JSON payload { \"form\": { \"email\": \"THE_EMAIL\" } }, \n the email field specification is /form/email.
For form encoded payload types, use the HTML form names.
\nFor example, for an HTML form with the input element\n named email1, the email field specification is email1.
The names of the fields in the request payload that contain your customer's primary phone number.
\nOrder the phone number fields in the array exactly as they are ordered in the request payload.
\nHow you specify the phone number fields depends on the request inspection payload type.
\nFor JSON payloads, specify the field identifiers in JSON\n pointer syntax. For information about the JSON Pointer\n syntax, see the Internet Engineering Task Force (IETF)\n documentation JavaScript\n \tObject Notation (JSON) Pointer.
\nFor example, for the JSON payload { \"form\": { \"primaryphoneline1\": \"THE_PHONE1\", \"primaryphoneline2\": \"THE_PHONE2\", \"primaryphoneline3\": \"THE_PHONE3\" } }, \n the phone number field identifiers are /form/primaryphoneline1, /form/primaryphoneline2, and /form/primaryphoneline3.
For form encoded payload types, use the HTML form names.
\nFor example, for an HTML form with input elements\n named primaryphoneline1, primaryphoneline2, and primaryphoneline3, the phone number field identifiers are primaryphoneline1, primaryphoneline2, and primaryphoneline3.
The names of the fields in the request payload that contain your customer's primary physical address.
\nOrder the address fields in the array exactly as they are ordered in the request payload.
\nHow you specify the address fields depends on the request inspection payload type.
\nFor JSON payloads, specify the field identifiers in JSON\n pointer syntax. For information about the JSON Pointer\n syntax, see the Internet Engineering Task Force (IETF)\n documentation JavaScript\n \tObject Notation (JSON) Pointer.
\nFor example, for the JSON payload { \"form\": { \"primaryaddressline1\": \"THE_ADDRESS1\", \"primaryaddressline2\": \"THE_ADDRESS2\", \"primaryaddressline3\": \"THE_ADDRESS3\" } }, \n the address field idenfiers are /form/primaryaddressline1, /form/primaryaddressline2, and /form/primaryaddressline3.
For form encoded payload types, use the HTML form names.
\nFor example, for an HTML form with input elements\n named primaryaddressline1, primaryaddressline2, and primaryaddressline3, the address fields identifiers are primaryaddressline1, primaryaddressline2, and primaryaddressline3.
The criteria for inspecting account creation requests, used by the ACFP rule group to validate and track account creation attempts.
\nThis is part of the AWSManagedRulesACFPRuleSet configuration in ManagedRuleGroupConfig.
In these settings, you specify how your application accepts account creation attempts\n by providing the request payload type and the names of the fields \n within the request body where the username, password, email, and primary address and phone number fields are provided.
" + } + }, "com.amazonaws.wafv2#ResourceArn": { "type": "string", "traits": { @@ -10145,30 +10328,30 @@ "StatusCode": { "target": "com.amazonaws.wafv2#ResponseInspectionStatusCode", "traits": { - "smithy.api#documentation": "Configures inspection of the response status code.
" + "smithy.api#documentation": "Configures inspection of the response status code for success and failure indicators.
" } }, "Header": { "target": "com.amazonaws.wafv2#ResponseInspectionHeader", "traits": { - "smithy.api#documentation": "Configures inspection of the response header.
" + "smithy.api#documentation": "Configures inspection of the response header for success and failure indicators.
" } }, "BodyContains": { "target": "com.amazonaws.wafv2#ResponseInspectionBodyContains", "traits": { - "smithy.api#documentation": "Configures inspection of the response body. WAF can inspect the first 65,536 bytes (64 KB) of the response body.
" + "smithy.api#documentation": "Configures inspection of the response body for success and failure indicators. WAF can inspect the first 65,536 bytes (64 KB) of the response body.
" } }, "Json": { "target": "com.amazonaws.wafv2#ResponseInspectionJson", "traits": { - "smithy.api#documentation": "Configures inspection of the response JSON. WAF can inspect the first 65,536 bytes (64 KB) of the response JSON.
" + "smithy.api#documentation": "Configures inspection of the response JSON for success and failure indicators. WAF can inspect the first 65,536 bytes (64 KB) of the response JSON.
" } } }, "traits": { - "smithy.api#documentation": "The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.
\nThe ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels \n and mitigates requests from client sessions and IP addresses that submit too many failed login attempts in a short amount of time.
\nResponse inspection is available only in web ACLs that protect Amazon CloudFront distributions.
\nThis is part of the AWSManagedRulesATPRuleSet configuration in ManagedRuleGroupConfig.
Enable login response inspection by configuring exactly one component of the response to inspect. You can't configure more than one. If you don't configure any of the response inspection options, response inspection is disabled.
" + "smithy.api#documentation": "The criteria for inspecting responses to login requests and account creation requests, used by the ATP and ACFP rule groups to track login and account creation success and failure rates.
\nResponse inspection is available only in web ACLs that protect Amazon CloudFront distributions.
\nThe rule groups evaluates the responses that your protected resources send back to client login and account creation attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels \n and mitigates requests from client sessions and IP addresses with too much suspicious activity in a short amount of time.
\nThis is part of the AWSManagedRulesATPRuleSet and AWSManagedRulesACFPRuleSet configurations in ManagedRuleGroupConfig.
Enable response inspection by configuring exactly one component of the response to inspect, for example, Header or StatusCode. You can't configure more than one component for inspection. If you don't configure any of the response inspection options, response inspection is disabled.
Strings in the body of the response that indicate a successful login attempt. To be counted as a successful login, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.
\nJSON example: \"SuccessStrings\": [ \"Login successful\", \"Welcome to our site!\" ]\n
Strings in the body of the response that indicate a successful login or account creation attempt. To be counted as a success, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.
\nJSON examples: \"SuccessStrings\": [ \"Login successful\" ] and \"SuccessStrings\": [ \"Account creation successful\", \"Welcome to our site!\" ]\n
Strings in the body of the response that indicate a failed login attempt. To be counted as a failed login, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.
\nJSON example: \"FailureStrings\": [ \"Login failed\" ]\n
Strings in the body of the response that indicate a failed login or account creation attempt. To be counted as a failure, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.
\nJSON example: \"FailureStrings\": [ \"Request failed\" ]\n
Configures inspection of the response body. WAF can inspect the first 65,536 bytes (64 KB) of the response body. This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet.
Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.
\nConfigures inspection of the response body. WAF can inspect the first 65,536 bytes (64 KB) of the response body. \n This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet and AWSManagedRulesACFPRuleSet.
Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.
\nThe name of the header to match against. The name must be an exact match, including case.
\nJSON example: \"Name\": [ \"LoginResult\" ]\n
The name of the header to match against. The name must be an exact match, including case.
\nJSON example: \"Name\": [ \"RequestResult\" ]\n
Values in the response header with the specified name that indicate a successful login attempt. To be counted as a successful login, the value must be an exact match, including case. Each value must be unique among the success and failure values.
\nJSON example: \"SuccessValues\": [ \"LoginPassed\", \"Successful login\" ]\n
Values in the response header with the specified name that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.
\nJSON examples: \"SuccessValues\": [ \"LoginPassed\", \"Successful login\" ] and \"SuccessValues\": [ \"AccountCreated\", \"Successful account creation\" ]\n
Values in the response header with the specified name that indicate a failed login attempt. To be counted as a failed login, the value must be an exact match, including case. Each value must be unique among the success and failure values.
\nJSON example: \"FailureValues\": [ \"LoginFailed\", \"Failed login\" ]\n
Values in the response header with the specified name that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.
\nJSON examples: \"FailureValues\": [ \"LoginFailed\", \"Failed login\" ] and \"FailureValues\": [ \"AccountCreationFailed\" ]\n
Configures inspection of the response header. This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet.
Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.
\nConfigures inspection of the response header. \n This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet and AWSManagedRulesACFPRuleSet.
Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.
\nThe identifier for the value to match against in the JSON. The identifier must be an exact match, including case.
\nJSON example: \"Identifier\": [ \"/login/success\" ]\n
The identifier for the value to match against in the JSON. The identifier must be an exact match, including case.
\nJSON examples: \"Identifier\": [ \"/login/success\" ] and \"Identifier\": [ \"/sign-up/success\" ]\n
Values for the specified identifier in the response JSON that indicate a successful login attempt. To be counted as a successful login, the value must be an exact match, including case. Each value must be unique among the success and failure values.
\nJSON example: \"SuccessValues\": [ \"True\", \"Succeeded\" ]\n
Values for the specified identifier in the response JSON that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.
\nJSON example: \"SuccessValues\": [ \"True\", \"Succeeded\" ]\n
Values for the specified identifier in the response JSON that indicate a failed login attempt. To be counted as a failed login, the value must be an exact match, including case. Each value must be unique among the success and failure values.
\nJSON example: \"FailureValues\": [ \"False\", \"Failed\" ]\n
Values for the specified identifier in the response JSON that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.
\nJSON example: \"FailureValues\": [ \"False\", \"Failed\" ]\n
Configures inspection of the response JSON. WAF can inspect the first 65,536 bytes (64 KB) of the response JSON. This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet.
Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.
\nConfigures inspection of the response JSON. WAF can inspect the first 65,536 bytes (64 KB) of the response JSON. \n This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet and AWSManagedRulesACFPRuleSet.
Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.
\nStatus codes in the response that indicate a successful login attempt. To be counted as a successful login, the response status code must match one of these. Each code must be unique among the success and failure status codes.
\nJSON example: \"SuccessCodes\": [ 200, 201 ]\n
Status codes in the response that indicate a successful login or account creation attempt. To be counted as a success, the response status code must match one of these. Each code must be unique among the success and failure status codes.
\nJSON example: \"SuccessCodes\": [ 200, 201 ]\n
Status codes in the response that indicate a failed login attempt. To be counted as a failed login, the response status code must match one of these. Each code must be unique among the success and failure status codes.
\nJSON example: \"FailureCodes\": [ 400, 404 ]\n
Status codes in the response that indicate a failed login or account creation attempt. To be counted as a failure, the response status code must match one of these. Each code must be unique among the success and failure status codes.
\nJSON example: \"FailureCodes\": [ 400, 404 ]\n
Configures inspection of the response status code. This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet.
Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.
\nConfigures inspection of the response status code. \n This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet and AWSManagedRulesACFPRuleSet.
Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.
\nA rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names by calling ListAvailableManagedRuleGroups.
\nYou cannot nest a ManagedRuleGroupStatement, for example for use inside a NotStatement or OrStatement. It can only be referenced as a top-level statement within a rule.
You are charged additional fees when you use the WAF Bot Control managed rule group AWSManagedRulesBotControlRuleSet or the WAF Fraud Control account takeover prevention (ATP) managed rule group AWSManagedRulesATPRuleSet. For more information, see WAF Pricing.
A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names by calling ListAvailableManagedRuleGroups.
\nYou cannot nest a ManagedRuleGroupStatement, for example for use inside a NotStatement or OrStatement. It can only be referenced as a top-level statement within a rule.
You are charged additional fees when you use the WAF Bot Control managed rule group AWSManagedRulesBotControlRuleSet, the WAF Fraud Control account takeover prevention (ATP) managed rule group AWSManagedRulesATPRuleSet, or the WAF Fraud Control account creation fraud prevention (ACFP) managed rule group AWSManagedRulesACFPRuleSet. For more information, see WAF Pricing.
The name of the username field. For example /form/username.
The name of the username field.
\nHow you specify this depends on the request inspection payload type.
\nFor JSON payloads, specify the field name in JSON\n pointer syntax. For information about the JSON Pointer\n syntax, see the Internet Engineering Task Force (IETF)\n documentation JavaScript\n \tObject Notation (JSON) Pointer.
\nFor example, for the JSON payload { \"form\": { \"username\": \"THE_USERNAME\" } }, \n the username field specification is /form/username.
For form encoded payload types, use the HTML form names.
\nFor example, for an HTML form with the input element\n named username1, the username field specification is\n username1\n
Details about your login page username field for request inspection, used in the \n AWSManagedRulesATPRuleSet\n RequestInspection configuration.
The name of the field in the request payload that contains your customer's username.
\nThis data type is used in the RequestInspection and RequestInspectionACFP data types.
The reason why a choice is non-applicable to a question in your workload.
" } + }, + "QuestionType": { + "target": "com.amazonaws.wellarchitected#QuestionType", + "traits": { + "smithy.api#documentation": "The type of the question.
" + } } }, "traits": { @@ -319,10 +325,73 @@ "smithy.api#input": {} } }, + "com.amazonaws.wellarchitected#AssociateProfiles": { + "type": "operation", + "input": { + "target": "com.amazonaws.wellarchitected#AssociateProfilesInput" + }, + "output": { + "target": "smithy.api#Unit" + }, + "errors": [ + { + "target": "com.amazonaws.wellarchitected#AccessDeniedException" + }, + { + "target": "com.amazonaws.wellarchitected#ConflictException" + }, + { + "target": "com.amazonaws.wellarchitected#InternalServerException" + }, + { + "target": "com.amazonaws.wellarchitected#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.wellarchitected#ThrottlingException" + }, + { + "target": "com.amazonaws.wellarchitected#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Associate a profile with a workload.
", + "smithy.api#http": { + "method": "PATCH", + "uri": "/workloads/{WorkloadId}/associateProfiles", + "code": 200 + } + } + }, + "com.amazonaws.wellarchitected#AssociateProfilesInput": { + "type": "structure", + "members": { + "WorkloadId": { + "target": "com.amazonaws.wellarchitected#WorkloadId", + "traits": { + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "ProfileArns": { + "target": "com.amazonaws.wellarchitected#ProfileArns", + "traits": { + "smithy.api#documentation": "The list of profile ARNs to associate with the workload.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, "com.amazonaws.wellarchitected#AwsAccountId": { "type": "string", "traits": { "smithy.api#documentation": "An Amazon Web Services account ID.
", + "smithy.api#length": { + "min": 12, + "max": 12 + }, "smithy.api#pattern": "^[0-9]{12}$" } }, @@ -910,7 +979,11 @@ "com.amazonaws.wellarchitected#ClientRequestToken": { "type": "string", "traits": { - "smithy.api#documentation": "A unique case-sensitive string used to ensure that this request is idempotent\n (executes only once).
\nYou should not reuse the same token for other requests. If you retry a request with\n the same client request token and the same parameters after the original request has completed\n successfully, the result of the original request is returned.
\nThis token is listed as required, however, if you do not specify it, the Amazon Web Services SDKs\n automatically generate one for you. If you are not using the Amazon Web Services SDK or the CLI,\n you must provide this token or the request will fail.
\nA unique case-sensitive string used to ensure that this request is idempotent\n (executes only once).
\nYou should not reuse the same token for other requests. If you retry a request with\n the same client request token and the same parameters after the original request has completed\n successfully, the result of the original request is returned.
\nThis token is listed as required, however, if you do not specify it, the Amazon Web Services SDKs\n automatically generate one for you. If you are not using the Amazon Web Services SDK or the CLI,\n you must provide this token or the request will fail.
\nCreate a profile.
", + "smithy.api#http": { + "method": "POST", + "uri": "/profiles", + "code": 200 + } + } + }, + "com.amazonaws.wellarchitected#CreateProfileInput": { + "type": "structure", + "members": { + "ProfileName": { + "target": "com.amazonaws.wellarchitected#ProfileName", + "traits": { + "smithy.api#documentation": "Name of the profile.
", + "smithy.api#required": {} + } + }, + "ProfileDescription": { + "target": "com.amazonaws.wellarchitected#ProfileDescription", + "traits": { + "smithy.api#documentation": "The profile description.
", + "smithy.api#required": {} + } + }, + "ProfileQuestions": { + "target": "com.amazonaws.wellarchitected#ProfileQuestionUpdates", + "traits": { + "smithy.api#documentation": "The profile questions.
", + "smithy.api#required": {} + } + }, + "ClientRequestToken": { + "target": "com.amazonaws.wellarchitected#ClientRequestToken", + "traits": { + "smithy.api#idempotencyToken": {}, + "smithy.api#required": {} + } + }, + "Tags": { + "target": "com.amazonaws.wellarchitected#TagMap", + "traits": { + "smithy.api#documentation": "The tags assigned to the profile.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.wellarchitected#CreateProfileOutput": { + "type": "structure", + "members": { + "ProfileArn": { + "target": "com.amazonaws.wellarchitected#ProfileArn", + "traits": { + "smithy.api#documentation": "The profile ARN.
" + } + }, + "ProfileVersion": { + "target": "com.amazonaws.wellarchitected#ProfileVersion", + "traits": { + "smithy.api#documentation": "Version of the profile.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.wellarchitected#CreateProfileShare": { + "type": "operation", + "input": { + "target": "com.amazonaws.wellarchitected#CreateProfileShareInput" + }, + "output": { + "target": "com.amazonaws.wellarchitected#CreateProfileShareOutput" + }, + "errors": [ + { + "target": "com.amazonaws.wellarchitected#AccessDeniedException" + }, + { + "target": "com.amazonaws.wellarchitected#ConflictException" + }, + { + "target": "com.amazonaws.wellarchitected#InternalServerException" + }, + { + "target": "com.amazonaws.wellarchitected#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.wellarchitected#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.wellarchitected#ThrottlingException" + }, + { + "target": "com.amazonaws.wellarchitected#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Create a profile share.
", + "smithy.api#http": { + "method": "POST", + "uri": "/profiles/{ProfileArn}/shares", + "code": 200 + } + } + }, + "com.amazonaws.wellarchitected#CreateProfileShareInput": { + "type": "structure", + "members": { + "ProfileArn": { + "target": "com.amazonaws.wellarchitected#ProfileArn", + "traits": { + "smithy.api#documentation": "The profile ARN.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "SharedWith": { + "target": "com.amazonaws.wellarchitected#SharedWith", + "traits": { + "smithy.api#required": {} + } + }, + "ClientRequestToken": { + "target": "com.amazonaws.wellarchitected#ClientRequestToken", + "traits": { + "smithy.api#idempotencyToken": {}, + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.wellarchitected#CreateProfileShareOutput": { + "type": "structure", + "members": { + "ShareId": { + "target": "com.amazonaws.wellarchitected#ShareId" + }, + "ProfileArn": { + "target": "com.amazonaws.wellarchitected#ProfileArn", + "traits": { + "smithy.api#documentation": "The profile ARN.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.wellarchitected#CreateWorkload": { "type": "operation", "input": { @@ -1379,6 +1637,12 @@ "traits": { "smithy.api#documentation": "List of AppRegistry application ARNs associated to the workload.
" } + }, + "ProfileArns": { + "target": "com.amazonaws.wellarchitected#WorkloadProfileArns", + "traits": { + "smithy.api#documentation": "The list of profile ARNs associated with the workload.
" + } } }, "traits": { @@ -1643,10 +1907,10 @@ "smithy.api#input": {} } }, - "com.amazonaws.wellarchitected#DeleteWorkload": { + "com.amazonaws.wellarchitected#DeleteProfile": { "type": "operation", "input": { - "target": "com.amazonaws.wellarchitected#DeleteWorkloadInput" + "target": "com.amazonaws.wellarchitected#DeleteProfileInput" }, "output": { "target": "smithy.api#Unit" @@ -1672,20 +1936,21 @@ } ], "traits": { - "smithy.api#documentation": "Delete an existing workload.
", + "smithy.api#documentation": "Delete a profile.
\n\n Disclaimer\n
\nBy sharing your profile with other Amazon Web Services accounts, \n you acknowledge that Amazon Web Services will make your profile available to those \n other accounts. Those other accounts may continue to access and use your \n shared profile even if you delete the profile \n from your own Amazon Web Services account or terminate \n your Amazon Web Services account.
\nThe profile ARN.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -1700,14 +1965,13 @@ } }, "traits": { - "smithy.api#documentation": "Input for workload deletion.
", "smithy.api#input": {} } }, - "com.amazonaws.wellarchitected#DeleteWorkloadShare": { + "com.amazonaws.wellarchitected#DeleteProfileShare": { "type": "operation", "input": { - "target": "com.amazonaws.wellarchitected#DeleteWorkloadShareInput" + "target": "com.amazonaws.wellarchitected#DeleteProfileShareInput" }, "output": { "target": "smithy.api#Unit" @@ -1733,15 +1997,15 @@ } ], "traits": { - "smithy.api#documentation": "Delete a workload share.
", + "smithy.api#documentation": "Delete a profile share.
", "smithy.api#http": { "method": "DELETE", - "uri": "/workloads/{WorkloadId}/shares/{ShareId}", + "uri": "/profiles/{ProfileArn}/shares/{ShareId}", "code": 200 } } }, - "com.amazonaws.wellarchitected#DeleteWorkloadShareInput": { + "com.amazonaws.wellarchitected#DeleteProfileShareInput": { "type": "structure", "members": { "ShareId": { @@ -1751,9 +2015,10 @@ "smithy.api#required": {} } }, - "WorkloadId": { - "target": "com.amazonaws.wellarchitected#WorkloadId", + "ProfileArn": { + "target": "com.amazonaws.wellarchitected#ProfileArn", "traits": { + "smithy.api#documentation": "The profile ARN.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -1768,37 +2033,165 @@ } }, "traits": { - "smithy.api#documentation": "Input for Delete Workload Share
", "smithy.api#input": {} } }, - "com.amazonaws.wellarchitected#DifferenceStatus": { - "type": "enum", - "members": { - "UPDATED": { - "target": "smithy.api#Unit", - "traits": { - "smithy.api#enumValue": "UPDATED" - } - }, - "NEW": { - "target": "smithy.api#Unit", - "traits": { - "smithy.api#enumValue": "NEW" - } - }, - "DELETED": { - "target": "smithy.api#Unit", - "traits": { - "smithy.api#enumValue": "DELETED" - } - } - } - }, - "com.amazonaws.wellarchitected#DisassociateLenses": { + "com.amazonaws.wellarchitected#DeleteWorkload": { "type": "operation", "input": { - "target": "com.amazonaws.wellarchitected#DisassociateLensesInput" + "target": "com.amazonaws.wellarchitected#DeleteWorkloadInput" + }, + "output": { + "target": "smithy.api#Unit" + }, + "errors": [ + { + "target": "com.amazonaws.wellarchitected#AccessDeniedException" + }, + { + "target": "com.amazonaws.wellarchitected#ConflictException" + }, + { + "target": "com.amazonaws.wellarchitected#InternalServerException" + }, + { + "target": "com.amazonaws.wellarchitected#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.wellarchitected#ThrottlingException" + }, + { + "target": "com.amazonaws.wellarchitected#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Delete an existing workload.
", + "smithy.api#http": { + "method": "DELETE", + "uri": "/workloads/{WorkloadId}", + "code": 200 + } + } + }, + "com.amazonaws.wellarchitected#DeleteWorkloadInput": { + "type": "structure", + "members": { + "WorkloadId": { + "target": "com.amazonaws.wellarchitected#WorkloadId", + "traits": { + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "ClientRequestToken": { + "target": "com.amazonaws.wellarchitected#ClientRequestToken", + "traits": { + "smithy.api#httpQuery": "ClientRequestToken", + "smithy.api#idempotencyToken": {}, + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Input for workload deletion.
", + "smithy.api#input": {} + } + }, + "com.amazonaws.wellarchitected#DeleteWorkloadShare": { + "type": "operation", + "input": { + "target": "com.amazonaws.wellarchitected#DeleteWorkloadShareInput" + }, + "output": { + "target": "smithy.api#Unit" + }, + "errors": [ + { + "target": "com.amazonaws.wellarchitected#AccessDeniedException" + }, + { + "target": "com.amazonaws.wellarchitected#ConflictException" + }, + { + "target": "com.amazonaws.wellarchitected#InternalServerException" + }, + { + "target": "com.amazonaws.wellarchitected#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.wellarchitected#ThrottlingException" + }, + { + "target": "com.amazonaws.wellarchitected#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Delete a workload share.
", + "smithy.api#http": { + "method": "DELETE", + "uri": "/workloads/{WorkloadId}/shares/{ShareId}", + "code": 200 + } + } + }, + "com.amazonaws.wellarchitected#DeleteWorkloadShareInput": { + "type": "structure", + "members": { + "ShareId": { + "target": "com.amazonaws.wellarchitected#ShareId", + "traits": { + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "WorkloadId": { + "target": "com.amazonaws.wellarchitected#WorkloadId", + "traits": { + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "ClientRequestToken": { + "target": "com.amazonaws.wellarchitected#ClientRequestToken", + "traits": { + "smithy.api#httpQuery": "ClientRequestToken", + "smithy.api#idempotencyToken": {}, + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Input for Delete Workload Share
", + "smithy.api#input": {} + } + }, + "com.amazonaws.wellarchitected#DifferenceStatus": { + "type": "enum", + "members": { + "UPDATED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "UPDATED" + } + }, + "NEW": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NEW" + } + }, + "DELETED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DELETED" + } + } + } + }, + "com.amazonaws.wellarchitected#DisassociateLenses": { + "type": "operation", + "input": { + "target": "com.amazonaws.wellarchitected#DisassociateLensesInput" }, "output": { "target": "smithy.api#Unit" @@ -1854,6 +2247,65 @@ "smithy.api#input": {} } }, + "com.amazonaws.wellarchitected#DisassociateProfiles": { + "type": "operation", + "input": { + "target": "com.amazonaws.wellarchitected#DisassociateProfilesInput" + }, + "output": { + "target": "smithy.api#Unit" + }, + "errors": [ + { + "target": "com.amazonaws.wellarchitected#AccessDeniedException" + }, + { + "target": "com.amazonaws.wellarchitected#ConflictException" + }, + { + "target": "com.amazonaws.wellarchitected#InternalServerException" + }, + { + "target": "com.amazonaws.wellarchitected#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.wellarchitected#ThrottlingException" + }, + { + "target": "com.amazonaws.wellarchitected#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Disassociate a profile from a workload.
", + "smithy.api#http": { + "method": "PATCH", + "uri": "/workloads/{WorkloadId}/disassociateProfiles", + "code": 200 + } + } + }, + "com.amazonaws.wellarchitected#DisassociateProfilesInput": { + "type": "structure", + "members": { + "WorkloadId": { + "target": "com.amazonaws.wellarchitected#WorkloadId", + "traits": { + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "ProfileArns": { + "target": "com.amazonaws.wellarchitected#ProfileArns", + "traits": { + "smithy.api#documentation": "The list of profile ARNs to disassociate from the workload.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, "com.amazonaws.wellarchitected#DiscoveryIntegrationStatus": { "type": "enum", "members": { @@ -2600,13 +3052,13 @@ "smithy.api#output": {} } }, - "com.amazonaws.wellarchitected#GetWorkload": { + "com.amazonaws.wellarchitected#GetProfile": { "type": "operation", "input": { - "target": "com.amazonaws.wellarchitected#GetWorkloadInput" + "target": "com.amazonaws.wellarchitected#GetProfileInput" }, "output": { - "target": "com.amazonaws.wellarchitected#GetWorkloadOutput" + "target": "com.amazonaws.wellarchitected#GetProfileOutput" }, "errors": [ { @@ -2626,76 +3078,69 @@ } ], "traits": { - "smithy.api#documentation": "Get an existing workload.
", + "smithy.api#documentation": "Get profile information.
", "smithy.api#http": { "method": "GET", - "uri": "/workloads/{WorkloadId}", + "uri": "/profiles/{ProfileArn}", "code": 200 } } }, - "com.amazonaws.wellarchitected#GetWorkloadInput": { + "com.amazonaws.wellarchitected#GetProfileInput": { "type": "structure", "members": { - "WorkloadId": { - "target": "com.amazonaws.wellarchitected#WorkloadId", + "ProfileArn": { + "target": "com.amazonaws.wellarchitected#ProfileArn", "traits": { + "smithy.api#documentation": "The profile ARN.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } + }, + "ProfileVersion": { + "target": "com.amazonaws.wellarchitected#ProfileVersion", + "traits": { + "smithy.api#documentation": "The profile version.
", + "smithy.api#httpQuery": "ProfileVersion" + } } }, "traits": { - "smithy.api#documentation": "Input to get a workload.
", "smithy.api#input": {} } }, - "com.amazonaws.wellarchitected#GetWorkloadOutput": { + "com.amazonaws.wellarchitected#GetProfileOutput": { "type": "structure", "members": { - "Workload": { - "target": "com.amazonaws.wellarchitected#Workload" + "Profile": { + "target": "com.amazonaws.wellarchitected#Profile", + "traits": { + "smithy.api#documentation": "The profile.
" + } } }, "traits": { - "smithy.api#documentation": "Output of a get workload call.
", "smithy.api#output": {} } }, - "com.amazonaws.wellarchitected#HelpfulResourceUrl": { - "type": "string", - "traits": { - "smithy.api#documentation": "The helpful resource URL.
\nFor Amazon Web Services official lenses, this is the helpful resource URL for a question or choice.
\nFor custom lenses, this is the helpful resource URL for a question and is only provided\n if HelpfulResourceDisplayText was specified for the question.
Import a new custom lens or update an existing custom lens.
\nTo update an existing custom lens, specify its ARN as the LensAlias. If\n no ARN is specified, a new custom lens is created.
The new or updated lens will have a status of DRAFT. The lens cannot be\n applied to workloads or shared with other Amazon Web Services accounts until it's\n published with CreateLensVersion.
Lenses are defined in JSON. For more information, see JSON format specification \n in the Well-Architected Tool User Guide.
\nA custom lens cannot exceed 500 KB in size.
\n\n Disclaimer\n
\nDo not include or gather personal identifiable information (PII) of end users or \n other identifiable individuals in or via your custom lenses. If your custom \n lens or those shared with you and used in your account do include or collect \n PII you are responsible for: ensuring that the included PII is processed in accordance \n with applicable law, providing adequate privacy notices, and obtaining necessary \n consents for processing such data.
\nGet profile template.
", "smithy.api#http": { - "method": "PUT", - "uri": "/importLens", + "method": "GET", + "uri": "/profileTemplate", "code": 200 } } }, - "com.amazonaws.wellarchitected#ImportLensInput": { + "com.amazonaws.wellarchitected#GetProfileTemplateInput": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.wellarchitected#GetProfileTemplateOutput": { "type": "structure", "members": { - "LensAlias": { - "target": "com.amazonaws.wellarchitected#LensAlias" - }, - "JSONString": { - "target": "com.amazonaws.wellarchitected#LensJSON", + "ProfileTemplate": { + "target": "com.amazonaws.wellarchitected#ProfileTemplate", + "traits": { + "smithy.api#documentation": "The profile template.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.wellarchitected#GetWorkload": { + "type": "operation", + "input": { + "target": "com.amazonaws.wellarchitected#GetWorkloadInput" + }, + "output": { + "target": "com.amazonaws.wellarchitected#GetWorkloadOutput" + }, + "errors": [ + { + "target": "com.amazonaws.wellarchitected#AccessDeniedException" + }, + { + "target": "com.amazonaws.wellarchitected#InternalServerException" + }, + { + "target": "com.amazonaws.wellarchitected#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.wellarchitected#ThrottlingException" + }, + { + "target": "com.amazonaws.wellarchitected#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Get an existing workload.
", + "smithy.api#http": { + "method": "GET", + "uri": "/workloads/{WorkloadId}", + "code": 200 + } + } + }, + "com.amazonaws.wellarchitected#GetWorkloadInput": { + "type": "structure", + "members": { + "WorkloadId": { + "target": "com.amazonaws.wellarchitected#WorkloadId", + "traits": { + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Input to get a workload.
", + "smithy.api#input": {} + } + }, + "com.amazonaws.wellarchitected#GetWorkloadOutput": { + "type": "structure", + "members": { + "Workload": { + "target": "com.amazonaws.wellarchitected#Workload" + } + }, + "traits": { + "smithy.api#documentation": "Output of a get workload call.
", + "smithy.api#output": {} + } + }, + "com.amazonaws.wellarchitected#HelpfulResourceUrl": { + "type": "string", + "traits": { + "smithy.api#documentation": "The helpful resource URL.
\nFor Amazon Web Services official lenses, this is the helpful resource URL for a question or choice.
\nFor custom lenses, this is the helpful resource URL for a question and is only provided\n if HelpfulResourceDisplayText was specified for the question.
Import a new custom lens or update an existing custom lens.
\nTo update an existing custom lens, specify its ARN as the LensAlias. If\n no ARN is specified, a new custom lens is created.
The new or updated lens will have a status of DRAFT. The lens cannot be\n applied to workloads or shared with other Amazon Web Services accounts until it's\n published with CreateLensVersion.
Lenses are defined in JSON. For more information, see JSON format specification \n in the Well-Architected Tool User Guide.
\nA custom lens cannot exceed 500 KB in size.
\n\n Disclaimer\n
\nDo not include or gather personal identifiable information (PII) of end users or \n other identifiable individuals in or via your custom lenses. If your custom \n lens or those shared with you and used in your account do include or collect \n PII you are responsible for: ensuring that the included PII is processed in accordance \n with applicable law, providing adequate privacy notices, and obtaining necessary \n consents for processing such data.
\nThe JSON representation of a lens.
", "smithy.api#required": {} @@ -3055,6 +3633,15 @@ }, "NextToken": { "target": "com.amazonaws.wellarchitected#NextToken" + }, + "Profiles": { + "target": "com.amazonaws.wellarchitected#WorkloadProfiles", + "traits": { + "smithy.api#documentation": "The profiles associated with the workload.
" + } + }, + "PrioritizedRiskCounts": { + "target": "com.amazonaws.wellarchitected#RiskCounts" } }, "traits": { @@ -3122,6 +3709,15 @@ }, "RiskCounts": { "target": "com.amazonaws.wellarchitected#RiskCounts" + }, + "Profiles": { + "target": "com.amazonaws.wellarchitected#WorkloadProfiles", + "traits": { + "smithy.api#documentation": "The profiles associated with the workload.
" + } + }, + "PrioritizedRiskCounts": { + "target": "com.amazonaws.wellarchitected#RiskCounts" } }, "traits": { @@ -3432,6 +4028,13 @@ "smithy.api#documentation": "The maximum number of results to return for this request.
", "smithy.api#httpQuery": "MaxResults" } + }, + "QuestionPriority": { + "target": "com.amazonaws.wellarchitected#QuestionPriority", + "traits": { + "smithy.api#documentation": "The priority of the question.
", + "smithy.api#httpQuery": "QuestionPriority" + } } }, "traits": { @@ -3774,6 +4377,13 @@ "smithy.api#documentation": "The maximum number of results to return for this request.
", "smithy.api#httpQuery": "MaxResults" } + }, + "QuestionPriority": { + "target": "com.amazonaws.wellarchitected#QuestionPriority", + "traits": { + "smithy.api#documentation": "The priority of the question.
", + "smithy.api#httpQuery": "QuestionPriority" + } } }, "traits": { @@ -4280,13 +4890,13 @@ "smithy.api#output": {} } }, - "com.amazonaws.wellarchitected#ListShareInvitations": { + "com.amazonaws.wellarchitected#ListProfileNotifications": { "type": "operation", "input": { - "target": "com.amazonaws.wellarchitected#ListShareInvitationsInput" + "target": "com.amazonaws.wellarchitected#ListProfileNotificationsInput" }, "output": { - "target": "com.amazonaws.wellarchitected#ListShareInvitationsOutput" + "target": "com.amazonaws.wellarchitected#ListProfileNotificationsOutput" }, "errors": [ { @@ -4303,10 +4913,10 @@ } ], "traits": { - "smithy.api#documentation": "List the workload invitations.
", + "smithy.api#documentation": "List profile notifications.
", "smithy.api#http": { "method": "GET", - "uri": "/shareInvitations", + "uri": "/profileNotifications", "code": 200 }, "smithy.api#paginated": { @@ -4316,27 +4926,13 @@ } } }, - "com.amazonaws.wellarchitected#ListShareInvitationsInput": { + "com.amazonaws.wellarchitected#ListProfileNotificationsInput": { "type": "structure", "members": { - "WorkloadNamePrefix": { - "target": "com.amazonaws.wellarchitected#WorkloadNamePrefix", - "traits": { - "smithy.api#httpQuery": "WorkloadNamePrefix" - } - }, - "LensNamePrefix": { - "target": "com.amazonaws.wellarchitected#LensNamePrefix", - "traits": { - "smithy.api#documentation": "An optional string added to the beginning of each lens name returned in the results.
", - "smithy.api#httpQuery": "LensNamePrefix" - } - }, - "ShareResourceType": { - "target": "com.amazonaws.wellarchitected#ShareResourceType", + "WorkloadId": { + "target": "com.amazonaws.wellarchitected#WorkloadId", "traits": { - "smithy.api#documentation": "The type of share invitations to be returned.
", - "smithy.api#httpQuery": "ShareResourceType" + "smithy.api#httpQuery": "WorkloadId" } }, "NextToken": { @@ -4346,108 +4942,41 @@ } }, "MaxResults": { - "target": "com.amazonaws.wellarchitected#ListShareInvitationsMaxResults", + "target": "com.amazonaws.wellarchitected#MaxResults", "traits": { "smithy.api#default": 0, - "smithy.api#documentation": "The maximum number of results to return for this request.
", "smithy.api#httpQuery": "MaxResults" } } }, "traits": { - "smithy.api#documentation": "Input for List Share Invitations
", "smithy.api#input": {} } }, - "com.amazonaws.wellarchitected#ListShareInvitationsMaxResults": { - "type": "integer", - "traits": { - "smithy.api#default": 0, - "smithy.api#range": { - "min": 1, - "max": 50 - } - } - }, - "com.amazonaws.wellarchitected#ListShareInvitationsOutput": { + "com.amazonaws.wellarchitected#ListProfileNotificationsOutput": { "type": "structure", "members": { - "ShareInvitationSummaries": { - "target": "com.amazonaws.wellarchitected#ShareInvitationSummaries", + "NotificationSummaries": { + "target": "com.amazonaws.wellarchitected#ProfileNotificationSummaries", "traits": { - "smithy.api#documentation": "List of share invitation summaries in a workload.
" + "smithy.api#documentation": "Notification summaries.
" } }, "NextToken": { "target": "com.amazonaws.wellarchitected#NextToken" } }, - "traits": { - "smithy.api#documentation": "Input for List Share Invitations
", - "smithy.api#output": {} - } - }, - "com.amazonaws.wellarchitected#ListTagsForResource": { - "type": "operation", - "input": { - "target": "com.amazonaws.wellarchitected#ListTagsForResourceInput" - }, - "output": { - "target": "com.amazonaws.wellarchitected#ListTagsForResourceOutput" - }, - "errors": [ - { - "target": "com.amazonaws.wellarchitected#InternalServerException" - }, - { - "target": "com.amazonaws.wellarchitected#ResourceNotFoundException" - } - ], - "traits": { - "smithy.api#documentation": "List the tags for a resource.
\nThe WorkloadArn parameter can be either a workload ARN or a custom lens ARN.
\nThe tags for the resource.
" - } - } - }, "traits": { "smithy.api#output": {} } }, - "com.amazonaws.wellarchitected#ListWorkloadShares": { + "com.amazonaws.wellarchitected#ListProfileShares": { "type": "operation", "input": { - "target": "com.amazonaws.wellarchitected#ListWorkloadSharesInput" + "target": "com.amazonaws.wellarchitected#ListProfileSharesInput" }, "output": { - "target": "com.amazonaws.wellarchitected#ListWorkloadSharesOutput" + "target": "com.amazonaws.wellarchitected#ListProfileSharesOutput" }, "errors": [ { @@ -4467,10 +4996,10 @@ } ], "traits": { - "smithy.api#documentation": "List the workload shares associated with the workload.
", + "smithy.api#documentation": "List profile shares.
", "smithy.api#http": { "method": "GET", - "uri": "/workloads/{WorkloadId}/shares", + "uri": "/profiles/{ProfileArn}/shares", "code": 200 }, "smithy.api#paginated": { @@ -4480,12 +5009,13 @@ } } }, - "com.amazonaws.wellarchitected#ListWorkloadSharesInput": { + "com.amazonaws.wellarchitected#ListProfileSharesInput": { "type": "structure", "members": { - "WorkloadId": { - "target": "com.amazonaws.wellarchitected#WorkloadId", + "ProfileArn": { + "target": "com.amazonaws.wellarchitected#ProfileArn", "traits": { + "smithy.api#documentation": "The profile ARN.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -4493,7 +5023,7 @@ "SharedWithPrefix": { "target": "com.amazonaws.wellarchitected#SharedWithPrefix", "traits": { - "smithy.api#documentation": "The Amazon Web Services account ID, IAM role, organization ID, or organizational unit (OU) ID with which the workload is shared.
", + "smithy.api#documentation": "The Amazon Web Services account ID, IAM role, organization ID, or organizational unit (OU) ID with which the profile is shared.
", "smithy.api#httpQuery": "SharedWithPrefix" } }, @@ -4504,7 +5034,7 @@ } }, "MaxResults": { - "target": "com.amazonaws.wellarchitected#ListWorkloadSharesMaxResults", + "target": "com.amazonaws.wellarchitected#ListProfileSharesMaxResults", "traits": { "smithy.api#default": 0, "smithy.api#documentation": "The maximum number of results to return for this request.
", @@ -4519,11 +5049,10 @@ } }, "traits": { - "smithy.api#documentation": "Input for List Workload Share
", "smithy.api#input": {} } }, - "com.amazonaws.wellarchitected#ListWorkloadSharesMaxResults": { + "com.amazonaws.wellarchitected#ListProfileSharesMaxResults": { "type": "integer", "traits": { "smithy.api#default": 0, @@ -4533,31 +5062,118 @@ } } }, - "com.amazonaws.wellarchitected#ListWorkloadSharesOutput": { + "com.amazonaws.wellarchitected#ListProfileSharesOutput": { "type": "structure", "members": { - "WorkloadId": { - "target": "com.amazonaws.wellarchitected#WorkloadId" + "ProfileShareSummaries": { + "target": "com.amazonaws.wellarchitected#ProfileShareSummaries", + "traits": { + "smithy.api#documentation": "Profile share summaries.
" + } }, - "WorkloadShareSummaries": { - "target": "com.amazonaws.wellarchitected#WorkloadShareSummaries" + "NextToken": { + "target": "com.amazonaws.wellarchitected#NextToken" + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.wellarchitected#ListProfiles": { + "type": "operation", + "input": { + "target": "com.amazonaws.wellarchitected#ListProfilesInput" + }, + "output": { + "target": "com.amazonaws.wellarchitected#ListProfilesOutput" + }, + "errors": [ + { + "target": "com.amazonaws.wellarchitected#AccessDeniedException" + }, + { + "target": "com.amazonaws.wellarchitected#InternalServerException" + }, + { + "target": "com.amazonaws.wellarchitected#ThrottlingException" + }, + { + "target": "com.amazonaws.wellarchitected#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "List profiles.
", + "smithy.api#http": { + "method": "GET", + "uri": "/profileSummaries", + "code": 200 + }, + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "pageSize": "MaxResults" + } + } + }, + "com.amazonaws.wellarchitected#ListProfilesInput": { + "type": "structure", + "members": { + "ProfileNamePrefix": { + "target": "com.amazonaws.wellarchitected#ProfileNamePrefix", + "traits": { + "smithy.api#documentation": "Prefix for profile name.
", + "smithy.api#httpQuery": "ProfileNamePrefix" + } + }, + "ProfileOwnerType": { + "target": "com.amazonaws.wellarchitected#ProfileOwnerType", + "traits": { + "smithy.api#documentation": "Profile owner type.
", + "smithy.api#httpQuery": "ProfileOwnerType" + } + }, + "NextToken": { + "target": "com.amazonaws.wellarchitected#NextToken", + "traits": { + "smithy.api#httpQuery": "NextToken" + } + }, + "MaxResults": { + "target": "com.amazonaws.wellarchitected#MaxResults", + "traits": { + "smithy.api#default": 0, + "smithy.api#httpQuery": "MaxResults" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.wellarchitected#ListProfilesOutput": { + "type": "structure", + "members": { + "ProfileSummaries": { + "target": "com.amazonaws.wellarchitected#ProfileSummaries", + "traits": { + "smithy.api#documentation": "Profile summaries.
" + } }, "NextToken": { "target": "com.amazonaws.wellarchitected#NextToken" } }, "traits": { - "smithy.api#documentation": "Input for List Workload Share
", "smithy.api#output": {} } }, - "com.amazonaws.wellarchitected#ListWorkloads": { + "com.amazonaws.wellarchitected#ListShareInvitations": { "type": "operation", "input": { - "target": "com.amazonaws.wellarchitected#ListWorkloadsInput" + "target": "com.amazonaws.wellarchitected#ListShareInvitationsInput" }, "output": { - "target": "com.amazonaws.wellarchitected#ListWorkloadsOutput" + "target": "com.amazonaws.wellarchitected#ListShareInvitationsOutput" }, "errors": [ { @@ -4574,10 +5190,10 @@ } ], "traits": { - "smithy.api#documentation": "Paginated list of workloads.
", + "smithy.api#documentation": "List the workload invitations.
", "smithy.api#http": { - "method": "POST", - "uri": "/workloadsSummaries", + "method": "GET", + "uri": "/shareInvitations", "code": 200 }, "smithy.api#paginated": { @@ -4587,29 +5203,57 @@ } } }, - "com.amazonaws.wellarchitected#ListWorkloadsInput": { + "com.amazonaws.wellarchitected#ListShareInvitationsInput": { "type": "structure", "members": { "WorkloadNamePrefix": { - "target": "com.amazonaws.wellarchitected#WorkloadNamePrefix" + "target": "com.amazonaws.wellarchitected#WorkloadNamePrefix", + "traits": { + "smithy.api#httpQuery": "WorkloadNamePrefix" + } + }, + "LensNamePrefix": { + "target": "com.amazonaws.wellarchitected#LensNamePrefix", + "traits": { + "smithy.api#documentation": "An optional string added to the beginning of each lens name returned in the results.
", + "smithy.api#httpQuery": "LensNamePrefix" + } + }, + "ShareResourceType": { + "target": "com.amazonaws.wellarchitected#ShareResourceType", + "traits": { + "smithy.api#documentation": "The type of share invitations to be returned.
", + "smithy.api#httpQuery": "ShareResourceType" + } }, "NextToken": { - "target": "com.amazonaws.wellarchitected#NextToken" + "target": "com.amazonaws.wellarchitected#NextToken", + "traits": { + "smithy.api#httpQuery": "NextToken" + } }, "MaxResults": { - "target": "com.amazonaws.wellarchitected#ListWorkloadsMaxResults", + "target": "com.amazonaws.wellarchitected#ListShareInvitationsMaxResults", "traits": { "smithy.api#default": 0, - "smithy.api#documentation": "The maximum number of results to return for this request.
" + "smithy.api#documentation": "The maximum number of results to return for this request.
", + "smithy.api#httpQuery": "MaxResults" + } + }, + "ProfileNamePrefix": { + "target": "com.amazonaws.wellarchitected#ProfileNamePrefix", + "traits": { + "smithy.api#documentation": "Profile name prefix.
", + "smithy.api#httpQuery": "ProfileNamePrefix" } } }, "traits": { - "smithy.api#documentation": "Input to list all workloads.
", + "smithy.api#documentation": "Input for List Share Invitations
", "smithy.api#input": {} } }, - "com.amazonaws.wellarchitected#ListWorkloadsMaxResults": { + "com.amazonaws.wellarchitected#ListShareInvitationsMaxResults": { "type": "integer", "traits": { "smithy.api#default": 0, @@ -4619,332 +5263,1064 @@ } } }, - "com.amazonaws.wellarchitected#ListWorkloadsOutput": { + "com.amazonaws.wellarchitected#ListShareInvitationsOutput": { "type": "structure", "members": { - "WorkloadSummaries": { - "target": "com.amazonaws.wellarchitected#WorkloadSummaries" + "ShareInvitationSummaries": { + "target": "com.amazonaws.wellarchitected#ShareInvitationSummaries", + "traits": { + "smithy.api#documentation": "List of share invitation summaries in a workload.
" + } }, "NextToken": { "target": "com.amazonaws.wellarchitected#NextToken" } }, "traits": { - "smithy.api#documentation": "Output of a list workloads call.
", + "smithy.api#documentation": "Input for List Share Invitations
", "smithy.api#output": {} } }, - "com.amazonaws.wellarchitected#MaxResults": { - "type": "integer", + "com.amazonaws.wellarchitected#ListTagsForResource": { + "type": "operation", + "input": { + "target": "com.amazonaws.wellarchitected#ListTagsForResourceInput" + }, + "output": { + "target": "com.amazonaws.wellarchitected#ListTagsForResourceOutput" + }, + "errors": [ + { + "target": "com.amazonaws.wellarchitected#InternalServerException" + }, + { + "target": "com.amazonaws.wellarchitected#ResourceNotFoundException" + } + ], "traits": { - "smithy.api#default": 0, - "smithy.api#documentation": "The maximum number of results to return for this request.
", - "smithy.api#range": { - "min": 1, - "max": 50 + "smithy.api#documentation": "List the tags for a resource.
\nThe WorkloadArn parameter can be a workload ARN, a custom lens ARN, or a profile ARN.
\nThe tags for the resource.
" } - }, - "MilestoneName": { - "target": "com.amazonaws.wellarchitected#MilestoneName" - }, - "RecordedAt": { - "target": "com.amazonaws.wellarchitected#Timestamp" - }, - "Workload": { - "target": "com.amazonaws.wellarchitected#Workload" } }, "traits": { - "smithy.api#documentation": "A milestone return object.
" + "smithy.api#output": {} } }, - "com.amazonaws.wellarchitected#MilestoneName": { - "type": "string", - "traits": { - "smithy.api#documentation": "The name of the milestone in a workload.
\nMilestone names must be unique within a workload.
", - "smithy.api#length": { - "min": 3, - "max": 100 + "com.amazonaws.wellarchitected#ListWorkloadShares": { + "type": "operation", + "input": { + "target": "com.amazonaws.wellarchitected#ListWorkloadSharesInput" + }, + "output": { + "target": "com.amazonaws.wellarchitected#ListWorkloadSharesOutput" + }, + "errors": [ + { + "target": "com.amazonaws.wellarchitected#AccessDeniedException" + }, + { + "target": "com.amazonaws.wellarchitected#InternalServerException" + }, + { + "target": "com.amazonaws.wellarchitected#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.wellarchitected#ThrottlingException" + }, + { + "target": "com.amazonaws.wellarchitected#ValidationException" } - } - }, - "com.amazonaws.wellarchitected#MilestoneNumber": { - "type": "integer", + ], "traits": { - "smithy.api#default": 0, - "smithy.api#documentation": "The milestone number.
\nA workload can have a maximum of 100 milestones.
", - "smithy.api#range": { - "min": 1, - "max": 100 + "smithy.api#documentation": "List the workload shares associated with the workload.
", + "smithy.api#http": { + "method": "GET", + "uri": "/workloads/{WorkloadId}/shares", + "code": 200 + }, + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "pageSize": "MaxResults" } } }, - "com.amazonaws.wellarchitected#MilestoneSummaries": { + "com.amazonaws.wellarchitected#ListWorkloadSharesInput": { + "type": "structure", + "members": { + "WorkloadId": { + "target": "com.amazonaws.wellarchitected#WorkloadId", + "traits": { + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "SharedWithPrefix": { + "target": "com.amazonaws.wellarchitected#SharedWithPrefix", + "traits": { + "smithy.api#documentation": "The Amazon Web Services account ID, IAM role, organization ID, or organizational unit (OU) ID with which the workload is shared.
", + "smithy.api#httpQuery": "SharedWithPrefix" + } + }, + "NextToken": { + "target": "com.amazonaws.wellarchitected#NextToken", + "traits": { + "smithy.api#httpQuery": "NextToken" + } + }, + "MaxResults": { + "target": "com.amazonaws.wellarchitected#ListWorkloadSharesMaxResults", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The maximum number of results to return for this request.
", + "smithy.api#httpQuery": "MaxResults" + } + }, + "Status": { + "target": "com.amazonaws.wellarchitected#ShareStatus", + "traits": { + "smithy.api#httpQuery": "Status" + } + } + }, + "traits": { + "smithy.api#documentation": "Input for List Workload Share
", + "smithy.api#input": {} + } + }, + "com.amazonaws.wellarchitected#ListWorkloadSharesMaxResults": { + "type": "integer", + "traits": { + "smithy.api#default": 0, + "smithy.api#range": { + "min": 1, + "max": 50 + } + } + }, + "com.amazonaws.wellarchitected#ListWorkloadSharesOutput": { + "type": "structure", + "members": { + "WorkloadId": { + "target": "com.amazonaws.wellarchitected#WorkloadId" + }, + "WorkloadShareSummaries": { + "target": "com.amazonaws.wellarchitected#WorkloadShareSummaries" + }, + "NextToken": { + "target": "com.amazonaws.wellarchitected#NextToken" + } + }, + "traits": { + "smithy.api#documentation": "Input for List Workload Share
", + "smithy.api#output": {} + } + }, + "com.amazonaws.wellarchitected#ListWorkloads": { + "type": "operation", + "input": { + "target": "com.amazonaws.wellarchitected#ListWorkloadsInput" + }, + "output": { + "target": "com.amazonaws.wellarchitected#ListWorkloadsOutput" + }, + "errors": [ + { + "target": "com.amazonaws.wellarchitected#AccessDeniedException" + }, + { + "target": "com.amazonaws.wellarchitected#InternalServerException" + }, + { + "target": "com.amazonaws.wellarchitected#ThrottlingException" + }, + { + "target": "com.amazonaws.wellarchitected#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Paginated list of workloads.
", + "smithy.api#http": { + "method": "POST", + "uri": "/workloadsSummaries", + "code": 200 + }, + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "pageSize": "MaxResults" + } + } + }, + "com.amazonaws.wellarchitected#ListWorkloadsInput": { + "type": "structure", + "members": { + "WorkloadNamePrefix": { + "target": "com.amazonaws.wellarchitected#WorkloadNamePrefix" + }, + "NextToken": { + "target": "com.amazonaws.wellarchitected#NextToken" + }, + "MaxResults": { + "target": "com.amazonaws.wellarchitected#ListWorkloadsMaxResults", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The maximum number of results to return for this request.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Input to list all workloads.
", + "smithy.api#input": {} + } + }, + "com.amazonaws.wellarchitected#ListWorkloadsMaxResults": { + "type": "integer", + "traits": { + "smithy.api#default": 0, + "smithy.api#range": { + "min": 1, + "max": 50 + } + } + }, + "com.amazonaws.wellarchitected#ListWorkloadsOutput": { + "type": "structure", + "members": { + "WorkloadSummaries": { + "target": "com.amazonaws.wellarchitected#WorkloadSummaries" + }, + "NextToken": { + "target": "com.amazonaws.wellarchitected#NextToken" + } + }, + "traits": { + "smithy.api#documentation": "Output of a list workloads call.
", + "smithy.api#output": {} + } + }, + "com.amazonaws.wellarchitected#MaxResults": { + "type": "integer", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The maximum number of results to return for this request.
", + "smithy.api#range": { + "min": 1, + "max": 50 + } + } + }, + "com.amazonaws.wellarchitected#MaxSelectedProfileChoices": { + "type": "integer", + "traits": { + "smithy.api#default": 0, + "smithy.api#range": { + "min": 0 + } + } + }, + "com.amazonaws.wellarchitected#MetricType": { + "type": "enum", + "members": { + "WORKLOAD": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "WORKLOAD" + } + } + } + }, + "com.amazonaws.wellarchitected#Milestone": { + "type": "structure", + "members": { + "MilestoneNumber": { + "target": "com.amazonaws.wellarchitected#MilestoneNumber", + "traits": { + "smithy.api#default": 0 + } + }, + "MilestoneName": { + "target": "com.amazonaws.wellarchitected#MilestoneName" + }, + "RecordedAt": { + "target": "com.amazonaws.wellarchitected#Timestamp" + }, + "Workload": { + "target": "com.amazonaws.wellarchitected#Workload" + } + }, + "traits": { + "smithy.api#documentation": "A milestone return object.
" + } + }, + "com.amazonaws.wellarchitected#MilestoneName": { + "type": "string", + "traits": { + "smithy.api#documentation": "The name of the milestone in a workload.
\nMilestone names must be unique within a workload.
", + "smithy.api#length": { + "min": 3, + "max": 100 + } + } + }, + "com.amazonaws.wellarchitected#MilestoneNumber": { + "type": "integer", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The milestone number.
\nA workload can have a maximum of 100 milestones.
", + "smithy.api#range": { + "min": 1, + "max": 100 + } + } + }, + "com.amazonaws.wellarchitected#MilestoneSummaries": { + "type": "list", + "member": { + "target": "com.amazonaws.wellarchitected#MilestoneSummary" + }, + "traits": { + "smithy.api#documentation": "A list of milestone summaries.
" + } + }, + "com.amazonaws.wellarchitected#MilestoneSummary": { + "type": "structure", + "members": { + "MilestoneNumber": { + "target": "com.amazonaws.wellarchitected#MilestoneNumber", + "traits": { + "smithy.api#default": 0 + } + }, + "MilestoneName": { + "target": "com.amazonaws.wellarchitected#MilestoneName" + }, + "RecordedAt": { + "target": "com.amazonaws.wellarchitected#Timestamp" + }, + "WorkloadSummary": { + "target": "com.amazonaws.wellarchitected#WorkloadSummary" + } + }, + "traits": { + "smithy.api#documentation": "A milestone summary return object.
" + } + }, + "com.amazonaws.wellarchitected#MinSelectedProfileChoices": { + "type": "integer", + "traits": { + "smithy.api#default": 0, + "smithy.api#range": { + "min": 0 + } + } + }, + "com.amazonaws.wellarchitected#NextToken": { + "type": "string", + "traits": { + "smithy.api#documentation": "The token to use to retrieve the next set of results.
" + } + }, + "com.amazonaws.wellarchitected#Notes": { + "type": "string", + "traits": { + "smithy.api#documentation": "The notes associated with the workload.
", + "smithy.api#length": { + "min": 0, + "max": 2084 + } + } + }, + "com.amazonaws.wellarchitected#NotificationSummaries": { + "type": "list", + "member": { + "target": "com.amazonaws.wellarchitected#NotificationSummary" + } + }, + "com.amazonaws.wellarchitected#NotificationSummary": { + "type": "structure", + "members": { + "Type": { + "target": "com.amazonaws.wellarchitected#NotificationType", + "traits": { + "smithy.api#documentation": "The type of notification.
" + } + }, + "LensUpgradeSummary": { + "target": "com.amazonaws.wellarchitected#LensUpgradeSummary", + "traits": { + "smithy.api#documentation": "Summary of lens upgrade.
" + } + } + }, + "traits": { + "smithy.api#documentation": "A notification summary return object.
" + } + }, + "com.amazonaws.wellarchitected#NotificationType": { + "type": "enum", + "members": { + "LENS_VERSION_UPGRADED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "LENS_VERSION_UPGRADED" + } + }, + "LENS_VERSION_DEPRECATED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "LENS_VERSION_DEPRECATED" + } + } + } + }, + "com.amazonaws.wellarchitected#OrganizationSharingStatus": { + "type": "enum", + "members": { + "ENABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ENABLED" + } + }, + "DISABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DISABLED" + } + } + } + }, + "com.amazonaws.wellarchitected#PermissionType": { + "type": "enum", + "members": { + "READONLY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "READONLY" + } + }, + "CONTRIBUTOR": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "CONTRIBUTOR" + } + } + }, + "traits": { + "smithy.api#documentation": "Permission granted on a share request.
" + } + }, + "com.amazonaws.wellarchitected#PillarDifference": { + "type": "structure", + "members": { + "PillarId": { + "target": "com.amazonaws.wellarchitected#PillarId" + }, + "PillarName": { + "target": "com.amazonaws.wellarchitected#PillarName" + }, + "DifferenceStatus": { + "target": "com.amazonaws.wellarchitected#DifferenceStatus", + "traits": { + "smithy.api#documentation": "Indicates the type of change to the pillar.
" + } + }, + "QuestionDifferences": { + "target": "com.amazonaws.wellarchitected#QuestionDifferences", + "traits": { + "smithy.api#documentation": "List of question differences.
" + } + } + }, + "traits": { + "smithy.api#documentation": "A pillar difference return object.
" + } + }, + "com.amazonaws.wellarchitected#PillarDifferences": { + "type": "list", + "member": { + "target": "com.amazonaws.wellarchitected#PillarDifference" + } + }, + "com.amazonaws.wellarchitected#PillarId": { + "type": "string", + "traits": { + "smithy.api#documentation": "The ID used to identify a pillar, for example, security.
A pillar is identified by its PillarReviewSummary$PillarId.
", + "smithy.api#length": { + "min": 1, + "max": 64 + } + } + }, + "com.amazonaws.wellarchitected#PillarMetric": { + "type": "structure", + "members": { + "PillarId": { + "target": "com.amazonaws.wellarchitected#PillarId" + }, + "RiskCounts": { + "target": "com.amazonaws.wellarchitected#RiskCounts" + }, + "Questions": { + "target": "com.amazonaws.wellarchitected#QuestionMetrics", + "traits": { + "smithy.api#documentation": "The questions that have been identified as risks in the pillar.
" + } + } + }, + "traits": { + "smithy.api#documentation": "A metric for a particular pillar in a lens.
" + } + }, + "com.amazonaws.wellarchitected#PillarMetrics": { + "type": "list", + "member": { + "target": "com.amazonaws.wellarchitected#PillarMetric" + } + }, + "com.amazonaws.wellarchitected#PillarName": { + "type": "string", + "traits": { + "smithy.api#documentation": "The name of the pillar.
", + "smithy.api#length": { + "min": 1, + "max": 128 + } + } + }, + "com.amazonaws.wellarchitected#PillarNotes": { + "type": "map", + "key": { + "target": "com.amazonaws.wellarchitected#PillarId" + }, + "value": { + "target": "com.amazonaws.wellarchitected#Notes" + }, + "traits": { + "smithy.api#documentation": "List of pillar notes of a lens review in a workload.
" + } + }, + "com.amazonaws.wellarchitected#PillarReviewSummaries": { + "type": "list", + "member": { + "target": "com.amazonaws.wellarchitected#PillarReviewSummary" + }, + "traits": { + "smithy.api#documentation": "List of pillar review summaries of lens review in a workload.
" + } + }, + "com.amazonaws.wellarchitected#PillarReviewSummary": { + "type": "structure", + "members": { + "PillarId": { + "target": "com.amazonaws.wellarchitected#PillarId" + }, + "PillarName": { + "target": "com.amazonaws.wellarchitected#PillarName" + }, + "Notes": { + "target": "com.amazonaws.wellarchitected#Notes" + }, + "RiskCounts": { + "target": "com.amazonaws.wellarchitected#RiskCounts" + }, + "PrioritizedRiskCounts": { + "target": "com.amazonaws.wellarchitected#RiskCounts" + } + }, + "traits": { + "smithy.api#documentation": "A pillar review summary of a lens review.
" + } + }, + "com.amazonaws.wellarchitected#Profile": { + "type": "structure", + "members": { + "ProfileArn": { + "target": "com.amazonaws.wellarchitected#ProfileArn", + "traits": { + "smithy.api#documentation": "The profile ARN.
" + } + }, + "ProfileVersion": { + "target": "com.amazonaws.wellarchitected#ProfileVersion", + "traits": { + "smithy.api#documentation": "The profile version.
" + } + }, + "ProfileName": { + "target": "com.amazonaws.wellarchitected#ProfileName", + "traits": { + "smithy.api#documentation": "The profile name.
" + } + }, + "ProfileDescription": { + "target": "com.amazonaws.wellarchitected#ProfileDescription", + "traits": { + "smithy.api#documentation": "The profile description.
" + } + }, + "ProfileQuestions": { + "target": "com.amazonaws.wellarchitected#ProfileQuestions", + "traits": { + "smithy.api#documentation": "Profile questions.
" + } + }, + "Owner": { + "target": "com.amazonaws.wellarchitected#AwsAccountId" + }, + "CreatedAt": { + "target": "com.amazonaws.wellarchitected#Timestamp" + }, + "UpdatedAt": { + "target": "com.amazonaws.wellarchitected#Timestamp" + }, + "ShareInvitationId": { + "target": "com.amazonaws.wellarchitected#ShareInvitationId", + "traits": { + "smithy.api#documentation": "The ID assigned to the share invitation.
" + } + }, + "Tags": { + "target": "com.amazonaws.wellarchitected#TagMap", + "traits": { + "smithy.api#documentation": "The tags assigned to the profile.
" + } + } + }, + "traits": { + "smithy.api#documentation": "A profile.
" + } + }, + "com.amazonaws.wellarchitected#ProfileArn": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 2084 + }, + "smithy.api#pattern": "^arn:aws[-a-z]*:wellarchitected:[a-z]{2}(-gov)?-[a-z]+-\\d:\\d{12}:profile/[a-z0-9]+$" + } + }, + "com.amazonaws.wellarchitected#ProfileArns": { "type": "list", "member": { - "target": "com.amazonaws.wellarchitected#MilestoneSummary" + "target": "com.amazonaws.wellarchitected#ProfileArn" }, "traits": { - "smithy.api#documentation": "A list of milestone summaries.
" + "smithy.api#length": { + "min": 1 + } } }, - "com.amazonaws.wellarchitected#MilestoneSummary": { + "com.amazonaws.wellarchitected#ProfileChoice": { "type": "structure", "members": { - "MilestoneNumber": { - "target": "com.amazonaws.wellarchitected#MilestoneNumber", - "traits": { - "smithy.api#default": 0 - } - }, - "MilestoneName": { - "target": "com.amazonaws.wellarchitected#MilestoneName" + "ChoiceId": { + "target": "com.amazonaws.wellarchitected#ChoiceId" }, - "RecordedAt": { - "target": "com.amazonaws.wellarchitected#Timestamp" + "ChoiceTitle": { + "target": "com.amazonaws.wellarchitected#ChoiceTitle" }, - "WorkloadSummary": { - "target": "com.amazonaws.wellarchitected#WorkloadSummary" + "ChoiceDescription": { + "target": "com.amazonaws.wellarchitected#ChoiceDescription" } }, "traits": { - "smithy.api#documentation": "A milestone summary return object.
" + "smithy.api#documentation": "The profile choice.
" } }, - "com.amazonaws.wellarchitected#NextToken": { + "com.amazonaws.wellarchitected#ProfileDescription": { "type": "string", "traits": { - "smithy.api#documentation": "The token to use to retrieve the next set of results.
" + "smithy.api#length": { + "min": 3, + "max": 100 + }, + "smithy.api#pattern": "^[A-Za-z0-9-_.,:/()@!&?#+'’\\s]+$" } }, - "com.amazonaws.wellarchitected#Notes": { + "com.amazonaws.wellarchitected#ProfileName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 3, + "max": 100 + }, + "smithy.api#pattern": "^[A-Za-z0-9-_.,:/()@!&?#+'’\\s]+$" + } + }, + "com.amazonaws.wellarchitected#ProfileNamePrefix": { "type": "string", "traits": { - "smithy.api#documentation": "The notes associated with the workload.
", "smithy.api#length": { "min": 0, - "max": 2084 - } + "max": 100 + }, + "smithy.api#pattern": "^[A-Za-z0-9-_.,:/()@!&?#+'’\\s]+$" } }, - "com.amazonaws.wellarchitected#NotificationSummaries": { + "com.amazonaws.wellarchitected#ProfileNotificationSummaries": { "type": "list", "member": { - "target": "com.amazonaws.wellarchitected#NotificationSummary" + "target": "com.amazonaws.wellarchitected#ProfileNotificationSummary" } }, - "com.amazonaws.wellarchitected#NotificationSummary": { + "com.amazonaws.wellarchitected#ProfileNotificationSummary": { "type": "structure", "members": { + "CurrentProfileVersion": { + "target": "com.amazonaws.wellarchitected#ProfileVersion", + "traits": { + "smithy.api#documentation": "The current profile version.
" + } + }, + "LatestProfileVersion": { + "target": "com.amazonaws.wellarchitected#ProfileVersion", + "traits": { + "smithy.api#documentation": "The latest profile version.
" + } + }, "Type": { - "target": "com.amazonaws.wellarchitected#NotificationType", + "target": "com.amazonaws.wellarchitected#ProfileNotificationType", "traits": { - "smithy.api#documentation": "The type of notification.
" + "smithy.api#documentation": "Type of notification.
" } }, - "LensUpgradeSummary": { - "target": "com.amazonaws.wellarchitected#LensUpgradeSummary", + "ProfileArn": { + "target": "com.amazonaws.wellarchitected#ProfileArn", "traits": { - "smithy.api#documentation": "Summary of lens upgrade.
" + "smithy.api#documentation": "The profile ARN.
" + } + }, + "ProfileName": { + "target": "com.amazonaws.wellarchitected#ProfileName", + "traits": { + "smithy.api#documentation": "The profile name.
" } + }, + "WorkloadId": { + "target": "com.amazonaws.wellarchitected#WorkloadId" + }, + "WorkloadName": { + "target": "com.amazonaws.wellarchitected#WorkloadName" } }, "traits": { - "smithy.api#documentation": "A notification summary return object.
" + "smithy.api#documentation": "The profile notification summary.
" } }, - "com.amazonaws.wellarchitected#NotificationType": { + "com.amazonaws.wellarchitected#ProfileNotificationType": { "type": "enum", "members": { - "LENS_VERSION_UPGRADED": { + "PROFILE_ANSWERS_UPDATED": { "target": "smithy.api#Unit", "traits": { - "smithy.api#enumValue": "LENS_VERSION_UPGRADED" + "smithy.api#enumValue": "PROFILE_ANSWERS_UPDATED" } }, - "LENS_VERSION_DEPRECATED": { + "PROFILE_DELETED": { "target": "smithy.api#Unit", "traits": { - "smithy.api#enumValue": "LENS_VERSION_DEPRECATED" + "smithy.api#enumValue": "PROFILE_DELETED" } } } }, - "com.amazonaws.wellarchitected#OrganizationSharingStatus": { + "com.amazonaws.wellarchitected#ProfileOwnerType": { "type": "enum", "members": { - "ENABLED": { + "SELF": { "target": "smithy.api#Unit", "traits": { - "smithy.api#enumValue": "ENABLED" + "smithy.api#enumValue": "SELF" } }, - "DISABLED": { + "SHARED": { "target": "smithy.api#Unit", "traits": { - "smithy.api#enumValue": "DISABLED" + "smithy.api#enumValue": "SHARED" } } } }, - "com.amazonaws.wellarchitected#PermissionType": { - "type": "enum", + "com.amazonaws.wellarchitected#ProfileQuestion": { + "type": "structure", "members": { - "READONLY": { - "target": "smithy.api#Unit", + "QuestionId": { + "target": "com.amazonaws.wellarchitected#QuestionId" + }, + "QuestionTitle": { + "target": "com.amazonaws.wellarchitected#QuestionTitle" + }, + "QuestionDescription": { + "target": "com.amazonaws.wellarchitected#QuestionDescription" + }, + "QuestionChoices": { + "target": "com.amazonaws.wellarchitected#ProfileQuestionChoices", "traits": { - "smithy.api#enumValue": "READONLY" + "smithy.api#documentation": "The question choices.
" } }, - "CONTRIBUTOR": { - "target": "smithy.api#Unit", + "SelectedChoiceIds": { + "target": "com.amazonaws.wellarchitected#SelectedChoiceIds", "traits": { - "smithy.api#enumValue": "CONTRIBUTOR" + "smithy.api#documentation": "The selected choices.
" + } + }, + "MinSelectedChoices": { + "target": "com.amazonaws.wellarchitected#MinSelectedProfileChoices", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The minimum number of selected choices.
" + } + }, + "MaxSelectedChoices": { + "target": "com.amazonaws.wellarchitected#MaxSelectedProfileChoices", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The maximum number of selected choices.
" } } }, "traits": { - "smithy.api#documentation": "Permission granted on a workload share.
" + "smithy.api#documentation": "A profile question.
" } }, - "com.amazonaws.wellarchitected#PillarDifference": { + "com.amazonaws.wellarchitected#ProfileQuestionChoices": { + "type": "list", + "member": { + "target": "com.amazonaws.wellarchitected#ProfileChoice" + } + }, + "com.amazonaws.wellarchitected#ProfileQuestionUpdate": { "type": "structure", "members": { - "PillarId": { - "target": "com.amazonaws.wellarchitected#PillarId" - }, - "PillarName": { - "target": "com.amazonaws.wellarchitected#PillarName" - }, - "DifferenceStatus": { - "target": "com.amazonaws.wellarchitected#DifferenceStatus", - "traits": { - "smithy.api#documentation": "Indicates the type of change to the pillar.
" - } + "QuestionId": { + "target": "com.amazonaws.wellarchitected#QuestionId" }, - "QuestionDifferences": { - "target": "com.amazonaws.wellarchitected#QuestionDifferences", + "SelectedChoiceIds": { + "target": "com.amazonaws.wellarchitected#SelectedProfileChoiceIds", "traits": { - "smithy.api#documentation": "List of question differences.
" + "smithy.api#documentation": "The selected choices.
" } } }, "traits": { - "smithy.api#documentation": "A pillar difference return object.
" + "smithy.api#documentation": "An update to a profile question.
" } }, - "com.amazonaws.wellarchitected#PillarDifferences": { + "com.amazonaws.wellarchitected#ProfileQuestionUpdates": { "type": "list", "member": { - "target": "com.amazonaws.wellarchitected#PillarDifference" + "target": "com.amazonaws.wellarchitected#ProfileQuestionUpdate" } }, - "com.amazonaws.wellarchitected#PillarId": { - "type": "string", - "traits": { - "smithy.api#documentation": "The ID used to identify a pillar, for example, security.
A pillar is identified by its PillarReviewSummary$PillarId.
", - "smithy.api#length": { - "min": 1, - "max": 64 - } + "com.amazonaws.wellarchitected#ProfileQuestions": { + "type": "list", + "member": { + "target": "com.amazonaws.wellarchitected#ProfileQuestion" } }, - "com.amazonaws.wellarchitected#PillarMetric": { + "com.amazonaws.wellarchitected#ProfileShareSummaries": { + "type": "list", + "member": { + "target": "com.amazonaws.wellarchitected#ProfileShareSummary" + } + }, + "com.amazonaws.wellarchitected#ProfileShareSummary": { "type": "structure", "members": { - "PillarId": { - "target": "com.amazonaws.wellarchitected#PillarId" + "ShareId": { + "target": "com.amazonaws.wellarchitected#ShareId" }, - "RiskCounts": { - "target": "com.amazonaws.wellarchitected#RiskCounts" + "SharedWith": { + "target": "com.amazonaws.wellarchitected#SharedWith" }, - "Questions": { - "target": "com.amazonaws.wellarchitected#QuestionMetrics", + "Status": { + "target": "com.amazonaws.wellarchitected#ShareStatus" + }, + "StatusMessage": { + "target": "com.amazonaws.wellarchitected#StatusMessage", "traits": { - "smithy.api#documentation": "The questions that have been identified as risks in the pillar.
" + "smithy.api#documentation": "Profile share invitation status message.
" } } }, "traits": { - "smithy.api#documentation": "A metric for a particular pillar in a lens.
" + "smithy.api#documentation": "Summary of a profile share.
" } }, - "com.amazonaws.wellarchitected#PillarMetrics": { + "com.amazonaws.wellarchitected#ProfileSummaries": { "type": "list", "member": { - "target": "com.amazonaws.wellarchitected#PillarMetric" + "target": "com.amazonaws.wellarchitected#ProfileSummary" } }, - "com.amazonaws.wellarchitected#PillarName": { - "type": "string", - "traits": { - "smithy.api#documentation": "The name of the pillar.
", - "smithy.api#length": { - "min": 1, - "max": 128 + "com.amazonaws.wellarchitected#ProfileSummary": { + "type": "structure", + "members": { + "ProfileArn": { + "target": "com.amazonaws.wellarchitected#ProfileArn", + "traits": { + "smithy.api#documentation": "The profile ARN.
" + } + }, + "ProfileVersion": { + "target": "com.amazonaws.wellarchitected#ProfileVersion", + "traits": { + "smithy.api#documentation": "The profile version.
" + } + }, + "ProfileName": { + "target": "com.amazonaws.wellarchitected#ProfileName", + "traits": { + "smithy.api#documentation": "The profile name.
" + } + }, + "ProfileDescription": { + "target": "com.amazonaws.wellarchitected#ProfileDescription", + "traits": { + "smithy.api#documentation": "The profile description.
" + } + }, + "Owner": { + "target": "com.amazonaws.wellarchitected#AwsAccountId" + }, + "CreatedAt": { + "target": "com.amazonaws.wellarchitected#Timestamp" + }, + "UpdatedAt": { + "target": "com.amazonaws.wellarchitected#Timestamp" } + }, + "traits": { + "smithy.api#documentation": "Summary of a profile.
" } }, - "com.amazonaws.wellarchitected#PillarNotes": { - "type": "map", - "key": { - "target": "com.amazonaws.wellarchitected#PillarId" - }, - "value": { - "target": "com.amazonaws.wellarchitected#Notes" + "com.amazonaws.wellarchitected#ProfileTemplate": { + "type": "structure", + "members": { + "TemplateName": { + "target": "com.amazonaws.wellarchitected#ProfileName", + "traits": { + "smithy.api#documentation": "The name of the profile template.
" + } + }, + "TemplateQuestions": { + "target": "com.amazonaws.wellarchitected#TemplateQuestions", + "traits": { + "smithy.api#documentation": "Profile template questions.
" + } + }, + "CreatedAt": { + "target": "com.amazonaws.wellarchitected#Timestamp" + }, + "UpdatedAt": { + "target": "com.amazonaws.wellarchitected#Timestamp" + } }, "traits": { - "smithy.api#documentation": "List of pillar notes of a lens review in a workload.
" + "smithy.api#documentation": "The profile template.
" } }, - "com.amazonaws.wellarchitected#PillarReviewSummaries": { - "type": "list", - "member": { - "target": "com.amazonaws.wellarchitected#PillarReviewSummary" + "com.amazonaws.wellarchitected#ProfileTemplateChoice": { + "type": "structure", + "members": { + "ChoiceId": { + "target": "com.amazonaws.wellarchitected#ChoiceId" + }, + "ChoiceTitle": { + "target": "com.amazonaws.wellarchitected#ChoiceTitle" + }, + "ChoiceDescription": { + "target": "com.amazonaws.wellarchitected#ChoiceDescription" + } }, "traits": { - "smithy.api#documentation": "List of pillar review summaries of lens review in a workload.
" + "smithy.api#documentation": "A profile template choice.
" } }, - "com.amazonaws.wellarchitected#PillarReviewSummary": { + "com.amazonaws.wellarchitected#ProfileTemplateQuestion": { "type": "structure", "members": { - "PillarId": { - "target": "com.amazonaws.wellarchitected#PillarId" + "QuestionId": { + "target": "com.amazonaws.wellarchitected#QuestionId" }, - "PillarName": { - "target": "com.amazonaws.wellarchitected#PillarName" + "QuestionTitle": { + "target": "com.amazonaws.wellarchitected#QuestionTitle" }, - "Notes": { - "target": "com.amazonaws.wellarchitected#Notes" + "QuestionDescription": { + "target": "com.amazonaws.wellarchitected#QuestionDescription" }, - "RiskCounts": { - "target": "com.amazonaws.wellarchitected#RiskCounts" + "QuestionChoices": { + "target": "com.amazonaws.wellarchitected#ProfileTemplateQuestionChoices", + "traits": { + "smithy.api#documentation": "The question choices.
" + } + }, + "MinSelectedChoices": { + "target": "com.amazonaws.wellarchitected#MinSelectedProfileChoices", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The minimum number of choices selected.
" + } + }, + "MaxSelectedChoices": { + "target": "com.amazonaws.wellarchitected#MaxSelectedProfileChoices", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The maximum number of choices selected.
" + } } }, "traits": { - "smithy.api#documentation": "A pillar review summary of a lens review.
" + "smithy.api#documentation": "A profile template question.
" + } + }, + "com.amazonaws.wellarchitected#ProfileTemplateQuestionChoices": { + "type": "list", + "member": { + "target": "com.amazonaws.wellarchitected#ProfileTemplateChoice" + } + }, + "com.amazonaws.wellarchitected#ProfileVersion": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 32 + }, + "smithy.api#pattern": "^[A-Za-z0-9-]+$" } }, "com.amazonaws.wellarchitected#QuestionDescription": { @@ -5019,6 +6395,23 @@ "target": "com.amazonaws.wellarchitected#QuestionMetric" } }, + "com.amazonaws.wellarchitected#QuestionPriority": { + "type": "enum", + "members": { + "PRIORITIZED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "PRIORITIZED" + } + }, + "NONE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NONE" + } + } + } + }, "com.amazonaws.wellarchitected#QuestionTitle": { "type": "string", "traits": { @@ -5029,6 +6422,23 @@ } } }, + "com.amazonaws.wellarchitected#QuestionType": { + "type": "enum", + "members": { + "PRIORITIZED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "PRIORITIZED" + } + }, + "NON_PRIORITIZED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NON_PRIORITIZED" + } + } + } + }, "com.amazonaws.wellarchitected#QuotaCode": { "type": "string", "traits": { @@ -5130,6 +6540,12 @@ "smithy.api#documentation": "A map from risk names to the count of how many questions have that rating.
" } }, + "com.amazonaws.wellarchitected#SelectedChoiceIds": { + "type": "list", + "member": { + "target": "com.amazonaws.wellarchitected#ChoiceId" + } + }, "com.amazonaws.wellarchitected#SelectedChoices": { "type": "list", "member": { @@ -5139,6 +6555,12 @@ "smithy.api#documentation": "List of selected choice IDs in a question answer.
\nThe values entered replace the previously selected choices.
" } }, + "com.amazonaws.wellarchitected#SelectedProfileChoiceIds": { + "type": "list", + "member": { + "target": "com.amazonaws.wellarchitected#ChoiceId" + } + }, "com.amazonaws.wellarchitected#ServiceCode": { "type": "string", "traits": { @@ -5182,7 +6604,7 @@ "com.amazonaws.wellarchitected#ShareId": { "type": "string", "traits": { - "smithy.api#documentation": "The ID associated with the workload share.
", + "smithy.api#documentation": "The ID associated with the share.
", "smithy.api#pattern": "^[0-9a-f]{32}$" } }, @@ -5212,6 +6634,12 @@ "traits": { "smithy.api#documentation": "The ARN for the lens.
" } + }, + "ProfileArn": { + "target": "com.amazonaws.wellarchitected#ProfileArn", + "traits": { + "smithy.api#documentation": "The profile ARN.
" + } } }, "traits": { @@ -5288,6 +6716,18 @@ "traits": { "smithy.api#documentation": "The ARN for the lens.
" } + }, + "ProfileName": { + "target": "com.amazonaws.wellarchitected#ProfileName", + "traits": { + "smithy.api#documentation": "The profile name.
" + } + }, + "ProfileArn": { + "target": "com.amazonaws.wellarchitected#ProfileArn", + "traits": { + "smithy.api#documentation": "The profile ARN.
" + } } }, "traits": { @@ -5308,6 +6748,12 @@ "traits": { "smithy.api#enumValue": "LENS" } + }, + "PROFILE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "PROFILE" + } } } }, @@ -5364,13 +6810,13 @@ } }, "traits": { - "smithy.api#documentation": "The status of a workload share.
" + "smithy.api#documentation": "The status of the share request.
" } }, "com.amazonaws.wellarchitected#SharedWith": { "type": "string", "traits": { - "smithy.api#documentation": "The Amazon Web Services account ID, IAM role, organization ID, or organizational unit (OU) ID with which the workload is shared.
", + "smithy.api#documentation": "The Amazon Web Services account ID, IAM role, organization ID, or organizational unit (OU) ID with which the workload, lens, or profile is shared.
", "smithy.api#length": { "min": 12, "max": 2048 @@ -5448,7 +6894,7 @@ } ], "traits": { - "smithy.api#documentation": "Adds one or more tags to the specified resource.
\nThe WorkloadArn parameter can be either a workload ARN or a custom lens ARN.
\nAdds one or more tags to the specified resource.
\nThe WorkloadArn parameter can be a workload ARN, a custom lens ARN, or a profile ARN.
\nDeletes specified tags from a resource.
\nThe WorkloadArn parameter can be either a workload ARN or a custom lens ARN.
\nTo specify multiple tags, use separate tagKeys parameters, for example:
\n\n DELETE /tags/WorkloadArn?tagKeys=key1&tagKeys=key2\n
Deletes specified tags from a resource.
\nThe WorkloadArn parameter can be a workload ARN, a custom lens ARN, or a profile ARN.
\nTo specify multiple tags, use separate tagKeys parameters, for example:
\n\n DELETE /tags/WorkloadArn?tagKeys=key1&tagKeys=key2\n
Update a profile.
", + "smithy.api#http": { + "method": "PATCH", + "uri": "/profiles/{ProfileArn}", + "code": 200 + } + } + }, + "com.amazonaws.wellarchitected#UpdateProfileInput": { + "type": "structure", + "members": { + "ProfileArn": { + "target": "com.amazonaws.wellarchitected#ProfileArn", + "traits": { + "smithy.api#documentation": "The profile ARN.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "ProfileDescription": { + "target": "com.amazonaws.wellarchitected#ProfileDescription", + "traits": { + "smithy.api#documentation": "The profile description.
" + } + }, + "ProfileQuestions": { + "target": "com.amazonaws.wellarchitected#ProfileQuestionUpdates", + "traits": { + "smithy.api#documentation": "Profile questions.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.wellarchitected#UpdateProfileOutput": { + "type": "structure", + "members": { + "Profile": { + "target": "com.amazonaws.wellarchitected#Profile", + "traits": { + "smithy.api#documentation": "The profile.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.wellarchitected#UpdateShareInvitation": { "type": "operation", "input": { @@ -6190,6 +7721,75 @@ "smithy.api#input": {} } }, + "com.amazonaws.wellarchitected#UpgradeProfileVersion": { + "type": "operation", + "input": { + "target": "com.amazonaws.wellarchitected#UpgradeProfileVersionInput" + }, + "output": { + "target": "smithy.api#Unit" + }, + "errors": [ + { + "target": "com.amazonaws.wellarchitected#AccessDeniedException" + }, + { + "target": "com.amazonaws.wellarchitected#ConflictException" + }, + { + "target": "com.amazonaws.wellarchitected#InternalServerException" + }, + { + "target": "com.amazonaws.wellarchitected#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.wellarchitected#ThrottlingException" + }, + { + "target": "com.amazonaws.wellarchitected#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Upgrade a profile.
", + "smithy.api#http": { + "method": "PUT", + "uri": "/workloads/{WorkloadId}/profiles/{ProfileArn}/upgrade", + "code": 200 + } + } + }, + "com.amazonaws.wellarchitected#UpgradeProfileVersionInput": { + "type": "structure", + "members": { + "WorkloadId": { + "target": "com.amazonaws.wellarchitected#WorkloadId", + "traits": { + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "ProfileArn": { + "target": "com.amazonaws.wellarchitected#ProfileArn", + "traits": { + "smithy.api#documentation": "The profile ARN.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "MilestoneName": { + "target": "com.amazonaws.wellarchitected#MilestoneName" + }, + "ClientRequestToken": { + "target": "com.amazonaws.wellarchitected#ClientRequestToken", + "traits": { + "smithy.api#idempotencyToken": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, "com.amazonaws.wellarchitected#Urls": { "type": "list", "member": { @@ -6306,6 +7906,9 @@ { "target": "com.amazonaws.wellarchitected#AssociateLenses" }, + { + "target": "com.amazonaws.wellarchitected#AssociateProfiles" + }, { "target": "com.amazonaws.wellarchitected#CreateLensShare" }, @@ -6315,6 +7918,12 @@ { "target": "com.amazonaws.wellarchitected#CreateMilestone" }, + { + "target": "com.amazonaws.wellarchitected#CreateProfile" + }, + { + "target": "com.amazonaws.wellarchitected#CreateProfileShare" + }, { "target": "com.amazonaws.wellarchitected#CreateWorkload" }, @@ -6327,6 +7936,12 @@ { "target": "com.amazonaws.wellarchitected#DeleteLensShare" }, + { + "target": "com.amazonaws.wellarchitected#DeleteProfile" + }, + { + "target": "com.amazonaws.wellarchitected#DeleteProfileShare" + }, { "target": "com.amazonaws.wellarchitected#DeleteWorkload" }, @@ -6336,6 +7951,9 @@ { "target": "com.amazonaws.wellarchitected#DisassociateLenses" }, + { + "target": "com.amazonaws.wellarchitected#DisassociateProfiles" + }, { "target": "com.amazonaws.wellarchitected#ExportLens" }, @@ -6360,6 +7978,12 @@ { "target": "com.amazonaws.wellarchitected#GetMilestone" }, + { + "target": "com.amazonaws.wellarchitected#GetProfile" + }, + { + "target": "com.amazonaws.wellarchitected#GetProfileTemplate" + }, { "target": "com.amazonaws.wellarchitected#GetWorkload" }, @@ -6393,6 +8017,15 @@ { "target": "com.amazonaws.wellarchitected#ListNotifications" }, + { + "target": "com.amazonaws.wellarchitected#ListProfileNotifications" + }, + { + "target": "com.amazonaws.wellarchitected#ListProfiles" + }, + { + "target": "com.amazonaws.wellarchitected#ListProfileShares" + }, { "target": "com.amazonaws.wellarchitected#ListShareInvitations" }, @@ -6420,6 +8053,9 @@ { "target": "com.amazonaws.wellarchitected#UpdateLensReview" }, + { + "target": "com.amazonaws.wellarchitected#UpdateProfile" + }, { "target": "com.amazonaws.wellarchitected#UpdateShareInvitation" }, @@ -6431,6 +8067,9 @@ }, { "target": "com.amazonaws.wellarchitected#UpgradeLensReview" + }, + { + "target": "com.amazonaws.wellarchitected#UpgradeProfileVersion" } ], "traits": { @@ -7427,6 +9066,15 @@ "traits": { "smithy.api#documentation": "List of AppRegistry application ARNs associated to the workload.
" } + }, + "Profiles": { + "target": "com.amazonaws.wellarchitected#WorkloadProfiles", + "traits": { + "smithy.api#documentation": "Profile associated with a workload.
" + } + }, + "PrioritizedRiskCounts": { + "target": "com.amazonaws.wellarchitected#RiskCounts" } }, "traits": { @@ -7542,6 +9190,10 @@ "type": "string", "traits": { "smithy.api#documentation": "The ID assigned to the workload. This ID is unique within an Amazon Web Services Region.
", + "smithy.api#length": { + "min": 32, + "max": 32 + }, "smithy.api#pattern": "^[0-9a-f]{32}$" } }, @@ -7663,6 +9315,50 @@ "smithy.api#documentation": "The priorities of the pillars, which are used to order items in the improvement plan.\n Each pillar is represented by its PillarReviewSummary$PillarId.
" } }, + "com.amazonaws.wellarchitected#WorkloadProfile": { + "type": "structure", + "members": { + "ProfileArn": { + "target": "com.amazonaws.wellarchitected#ProfileArn", + "traits": { + "smithy.api#documentation": "The profile ARN.
" + } + }, + "ProfileVersion": { + "target": "com.amazonaws.wellarchitected#ProfileVersion", + "traits": { + "smithy.api#documentation": "The profile version.
" + } + } + }, + "traits": { + "smithy.api#documentation": "The profile associated with a workload.
" + } + }, + "com.amazonaws.wellarchitected#WorkloadProfileArns": { + "type": "list", + "member": { + "target": "com.amazonaws.wellarchitected#ProfileArn" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 1 + } + } + }, + "com.amazonaws.wellarchitected#WorkloadProfiles": { + "type": "list", + "member": { + "target": "com.amazonaws.wellarchitected#WorkloadProfile" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 1 + } + } + }, "com.amazonaws.wellarchitected#WorkloadResourceDefinition": { "type": "list", "member": { @@ -7778,6 +9474,15 @@ }, "ImprovementStatus": { "target": "com.amazonaws.wellarchitected#WorkloadImprovementStatus" + }, + "Profiles": { + "target": "com.amazonaws.wellarchitected#WorkloadProfiles", + "traits": { + "smithy.api#documentation": "Profile associated with a workload.
" + } + }, + "PrioritizedRiskCounts": { + "target": "com.amazonaws.wellarchitected#RiskCounts" } }, "traits": { diff --git a/gradle.properties b/gradle.properties index 2e565fb3576..06359241c51 100644 --- a/gradle.properties +++ b/gradle.properties @@ -13,7 +13,7 @@ sdkVersion=0.27.1-SNAPSHOT smithyVersion=1.29.0 smithyGradleVersion=0.6.0 # smithy-kotlin codegen and runtime are versioned together -smithyKotlinVersion=0.21.2 +smithyKotlinVersion=0.21.3 # kotlin kotlinVersion=1.8.10 @@ -39,4 +39,4 @@ mockkVersion=1.13.3 slf4jVersion=2.0.6 # dokka config (values specified at build-time as needed) -smithyKotlinDocBaseUrl=https://sdk.amazonaws.com/kotlin/api/smithy-kotlin/api/$smithyKotlinVersion/ \ No newline at end of file +smithyKotlinDocBaseUrl=https://sdk.amazonaws.com/kotlin/api/smithy-kotlin/api/$smithyKotlinVersion/